shadow.cargosv.fun Open in urlscan Pro
168.119.181.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shadow.cargosv.fun/
Submission: On March 08 via api (March 8th 2024, 2:03:27 am UTC) from US — Scanned from US

Summary HTTP 197 Redirects Behaviour Indicators

Summary

This website contacted 67 IPs in 4 countries across 56 domains to perform 197 HTTP transactions. The main IP is 168.119.181.50, located in Hachenburg, Germany and belongs to HETZNER-AS, DE. The main domain is shadow.cargosv.fun.
TLS certificate: Issued by R3 on March 7th 2024. Valid for: 3 months.

This is the only time shadow.cargosv.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	168.119.181.50 168.119.181.50	24940 (HETZNER-AS) (HETZNER-AS)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:1418:a00... 2600:1418:a000:2aa::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	34.98.107.242 34.98.107.242	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
3	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.63.113 13.225.63.113	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:23c... 2600:9000:23cb:7600:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.169.163.157 35.169.163.157	14618 (AMAZON-AES) (AMAZON-AES)
15	69.164.46.185 69.164.46.185	22822 (LLNW) (LLNW)
1	2600:1f18:fab... 2600:1f18:fab:1a11:e916:9851:dc91:9c19	14618 (AMAZON-AES) (AMAZON-AES)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
2	23.215.41.73 23.215.41.73	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:1f18:730... 2600:1f18:730:b110:35d6:ece3:15b4:77d	14618 (AMAZON-AES) (AMAZON-AES)
1	34.225.106.93 34.225.106.93	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6810:e77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
3 5	34.194.198.162 34.194.198.162	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21d... 2600:9000:21dd:2c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	108.138.106.5 108.138.106.5	16509 (AMAZON-02) (AMAZON-02)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
6 6	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 2	54.86.148.40 54.86.148.40	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.48.145.72 23.48.145.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:ed:... 2600:1f18:ed:550f:5ece:406:5bf2:1b8a	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
18	34.230.183.154 34.230.183.154	14618 (AMAZON-AES) (AMAZON-AES)
9	18.238.63.215 18.238.63.215	16509 (AMAZON-02) (AMAZON-02)
1	52.37.234.199 52.37.234.199	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.26.243.12 52.26.243.12	16509 (AMAZON-02) (AMAZON-02)
8	3.234.78.133 3.234.78.133	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.184.241 104.16.184.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.223.33.13 3.223.33.13	14618 (AMAZON-AES) (AMAZON-AES)
3	108.138.106.70 108.138.106.70	16509 (AMAZON-02) (AMAZON-02)
1	104.91.115.179 104.91.115.179	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.128.34 108.138.128.34	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.215.73.61 44.215.73.61	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.164.92.122 18.164.92.122	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
2 2	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
2 2	52.72.52.29 52.72.52.29	14618 (AMAZON-AES) (AMAZON-AES)
1 2	216.22.16.8 216.22.16.8	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	2620:112:f008... 2620:112:f008:200::101	26120 (RHYTHMONE) (RHYTHMONE)
7	34.226.254.114 34.226.254.114	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200c	27630 (AS-XFERNET) (AS-XFERNET)
2	34.200.9.220 34.200.9.220	14618 (AMAZON-AES) (AMAZON-AES)
1	34.196.160.213 34.196.160.213	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.83.250.215 54.83.250.215	14618 (AMAZON-AES) (AMAZON-AES)
4 4	69.194.240.13 69.194.240.13	26120 (RHYTHMONE) (RHYTHMONE)
1 5	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	151.101.2.49 151.101.2.49	() ()
1	2600:1f18:4e9... 2600:1f18:4e9:5a07:86c7:95d4:503d:f6b6	() ()
1 2	52.46.143.56 52.46.143.56	() ()
3	151.101.129.91 151.101.129.91	() ()
197	67

7 168.119.181.50 (Hachenburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.181.119.168.clients.your-server.de

shadow.cargosv.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1418:a000:2aa::1e80 (Minneapolis, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

restcdn.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.107.242 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.107.98.34.bc.googleusercontent.com

js.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

assets.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-portal.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-113.ewr53.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23cb:7600:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.169.163.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-163-157.compute-1.amazonaws.com

thor-graphql.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 69.164.46.185 (New York, United States)

ASN22822 (LLNW, US)
PTR: https-69-164-46-185.jfk.llnw.net

player.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn5.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:fab:1a11:e916:9851:dc91:9c19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

track.dictionary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.230 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.215.41.73 (McAllen, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-41-73.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:35d6:ece3:15b4:77d (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.106.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-106-93.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:e77 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.194.198.162 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-198-162.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:2c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.106.5 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-5.jfk50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.211.178.172 (North Charleston, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.148.40 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-148-40.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.145.72 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-145-72.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States) 1 redirects

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (United States)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:5ece:406:5bf2:1b8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.230.183.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-183-154.compute-1.amazonaws.com

pixel.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.238.63.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-63-215.jfk52.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.37.234.199 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-234-199.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.243.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-243-12.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.234.78.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-78-133.compute-1.amazonaws.com

trafficmanager.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.184.241 (None, )

ASN13335 (CLOUDFLARENET, US)

ipv4.icanhazip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.33.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-33-13.compute-1.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.106.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-70.jfk50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.91.115.179 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-115-179.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-34.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.73.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-73-61.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.92.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-92-122.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.76 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:17ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.176.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.52.29 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-52-29.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.8 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f008:200::101 (United States) 2 redirects

ASN26120 (RHYTHMONE, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.226.254.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-254-114.compute-1.amazonaws.com

user-sync-api.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200c (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.9.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-9-220.compute-1.amazonaws.com

marketplace.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.160.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-160-213.compute-1.amazonaws.com

fid.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.250.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-250-215.compute-1.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.194.240.13 (United States) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:86c7:95d4:503d:f6b6 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.91 (None, )

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	anyclip.com player.anyclip.com — Cisco Umbrella Rank: 11264 config.anyclip.com — Cisco Umbrella Rank: 14429 pixel.anyclip.com — Cisco Umbrella Rank: 11156 trafficmanager.anyclip.com — Cisco Umbrella Rank: 14326 assets.anyclip.com — Cisco Umbrella Rank: 14450 cdn5.anyclip.com — Cisco Umbrella Rank: 14669 user-sync-api.anyclip.com — Cisco Umbrella Rank: 16869 marketplace.anyclip.com — Cisco Umbrella Rank: 12136	623 KB
22	dictionary.com restcdn.dictionary.com — Cisco Umbrella Rank: 27095 www.dictionary.com — Cisco Umbrella Rank: 17853 assets.dictionary.com — Cisco Umbrella Rank: 20230 thor-graphql.dictionary.com — Cisco Umbrella Rank: 21445 api-portal.dictionary.com — Cisco Umbrella Rank: 37459 track.dictionary.com — Cisco Umbrella Rank: 28173	435 KB
15	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 301 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 621 aax.amazon-adsystem.com — Cisco Umbrella Rank: 406 s.amazon-adsystem.com	238 KB
14	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1652 a.ad.gt — Cisco Umbrella Rank: 1812 p.ad.gt — Cisco Umbrella Rank: 1985 ids.ad.gt — Cisco Umbrella Rank: 1571 pixels.ad.gt — Cisco Umbrella Rank: 1943	19 KB
9	liadm.com 4 redirects b-code.liadm.com — Cisco Umbrella Rank: 3501 rp.liadm.com — Cisco Umbrella Rank: 1543 rp4.liadm.com — Cisco Umbrella Rank: 6746 i.liadm.com — Cisco Umbrella Rank: 593 i6.liadm.com — Cisco Umbrella Rank: 3061	21 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 ad.doubleclick.net — Cisco Umbrella Rank: 158 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	167 KB
7	proper.io global.proper.io — Cisco Umbrella Rank: 11091 abcheck.proper.io — Cisco Umbrella Rank: 12609 usync.proper.io — Cisco Umbrella Rank: 15559 bids.proper.io — Cisco Umbrella Rank: 12118	167 KB
7	cargosv.fun shadow.cargosv.fun	629 KB
6	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 364	3 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 383	4 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 334	159 KB
5	openx.net 1 redirects u.openx.net — Cisco Umbrella Rank: 734 us-u.openx.net	2 KB
5	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 447	126 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	23 KB
4	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 1299 pixel.mathtag.com	3 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2961 tr.outbrain.com — Cisco Umbrella Rank: 2730 wave.outbrain.com — Cisco Umbrella Rank: 2943	9 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 560	2 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 526	1 KB
3	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 709	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	271 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	639 B
2	turn.com 2 redirects d.turn.com — Cisco Umbrella Rank: 1264 ad.turn.com — Cisco Umbrella Rank: 914	877 B
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1408	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 605	1 KB
2	rubiconproject.com 1 redirects token.rubiconproject.com — Cisco Umbrella Rank: 493 pixel.rubiconproject.com — Cisco Umbrella Rank: 388	2 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 928	625 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 500	2 KB
2	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1779	19 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1035 bcp.crwdcntrl.net — Cisco Umbrella Rank: 956	40 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 1445	648 B
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 428 pr-bh.ybp.yahoo.com	966 B
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1709	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 246	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1322	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1342 pixel.quantserve.com — Cisco Umbrella Rank: 1143	10 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 932	1 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3363	473 B
2	btloader.com btloader.com — Cisco Umbrella Rank: 879 api.btloader.com — Cisco Umbrella Rank: 969	18 KB
2	recurly.com js.recurly.com — Cisco Umbrella Rank: 10609	100 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1300	516 B
1	yieldmo.com 1 redirects ads.yieldmo.com — Cisco Umbrella Rank: 658	521 B
1	agkn.com fid.agkn.com — Cisco Umbrella Rank: 2541	1 KB
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 1005	671 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1170	17 KB
1	springserve.com vid.springserve.com — Cisco Umbrella Rank: 8516	437 B
1	icanhazip.com ipv4.icanhazip.com — Cisco Umbrella Rank: 9106	383 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 433	1 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 662	363 B
1	deepintent.com 1 redirects match.deepintent.com — Cisco Umbrella Rank: 1136	334 B
1	pippio.com pippio.com — Cisco Umbrella Rank: 817	569 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 801	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1336	2 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3445	34 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	558 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 541	305 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1017 B
197	56

	Domain	Requested by
18	pixel.anyclip.com	shadow.cargosv.fun
9	cdn5.anyclip.com	player.anyclip.com shadow.cargosv.fun
9	c.amazon-adsystem.com	global.proper.io player.anyclip.com shadow.cargosv.fun c.amazon-adsystem.com
8	ids.ad.gt	1 redirects
8	trafficmanager.anyclip.com	shadow.cargosv.fun
7	user-sync-api.anyclip.com	player.anyclip.com u.openx.net
7	shadow.cargosv.fun	shadow.cargosv.fun player.anyclip.com
6	match.adsrvr.org	5 redirects player.anyclip.com
6	x.bidswitch.net	6 redirects
6	assets.dictionary.com	shadow.cargosv.fun
6	restcdn.dictionary.com	shadow.cargosv.fun
6	cdn.cookielaw.org	shadow.cargosv.fun cdn.cookielaw.org
5	i.liadm.com	3 redirects b-code.liadm.com i.liadm.com
5	assets.adobedtm.com	shadow.cargosv.fun assets.adobedtm.com
4	cm.g.doubleclick.net	2 redirects u.openx.net
4	www.google-analytics.com	www.googletagmanager.com p.ad.gt www.google-analytics.com
4	player.anyclip.com	shadow.cargosv.fun player.anyclip.com
4	www.dictionary.com	shadow.cargosv.fun
3	pixel.mathtag.com	player.anyclip.com pixel.mathtag.com
3	us-u.openx.net	u.openx.net
3	sync.1rx.io	3 redirects
3	pixel.tapad.com	3 redirects
3	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	global.proper.io securepubads.g.doubleclick.net shadow.cargosv.fun
3	global.proper.io	shadow.cargosv.fun global.proper.io
3	api-portal.dictionary.com	shadow.cargosv.fun
3	unpkg.com	1 redirects shadow.cargosv.fun www.googletagmanager.com
3	www.googletagmanager.com	shadow.cargosv.fun www.googletagmanager.com p.ad.gt
2	s.amazon-adsystem.com	1 redirects u.openx.net
2	sync-tm.everesttech.net	2 redirects
2	u.openx.net	1 redirects player.anyclip.com
2	marketplace.anyclip.com
2	sync.smartadserver.com	1 redirects
2	match.prod.bidr.io	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	id.hadron.ad.gt	cdn.hadronid.net
2	cdn.hadronid.net	shadow.cargosv.fun a.ad.gt
2	lexicon.33across.com	1 redirects shadow.cargosv.fun
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	1 redirects i.liadm.com
2	live.rezync.com	2 redirects
2	abcheck.proper.io	shadow.cargosv.fun
2	tr.outbrain.com	amplify.outbrain.com
2	ad-delivery.net	shadow.cargosv.fun
2	api.sail-personalize.com	shadow.cargosv.fun
2	thor-graphql.dictionary.com	shadow.cargosv.fun
2	js.recurly.com	shadow.cargosv.fun
1	pr-bh.ybp.yahoo.com	u.openx.net
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	fid.agkn.com	player.anyclip.com
1	sync.go.sonobi.com	1 redirects
1	pixels.ad.gt	p.ad.gt
1	d.turn.com	1 redirects
1	token.rubiconproject.com
1	p.ad.gt	a.ad.gt
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	shadow.cargosv.fun
1	secure.cdn.fastclick.net	shadow.cargosv.fun
1	vid.springserve.com	shadow.cargosv.fun
1	assets.anyclip.com	shadow.cargosv.fun
1	ipv4.icanhazip.com	shadow.cargosv.fun
1	bids.proper.io	shadow.cargosv.fun
1	ups.analytics.yahoo.com	shadow.cargosv.fun
1	id5-sync.com	shadow.cargosv.fun
1	usync.proper.io	shadow.cargosv.fun
1	config.anyclip.com	player.anyclip.com
1	pixel.quantserve.com	shadow.cargosv.fun
1	dis.criteo.com	i.liadm.com
1	i6.liadm.com	i.liadm.com
1	sync.mathtag.com	i.liadm.com
1	match.deepintent.com	1 redirects
1	pippio.com	i.liadm.com
1	p.rfihub.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	global.proper.io
1	wave.outbrain.com	amplify.outbrain.com
1	rp4.liadm.com	shadow.cargosv.fun
1	rp.liadm.com	1 redirects
1	amplify.outbrain.com	shadow.cargosv.fun
1	ad.doubleclick.net	shadow.cargosv.fun
1	api.btloader.com	shadow.cargosv.fun
1	track.dictionary.com	shadow.cargosv.fun
1	b-code.liadm.com	www.googletagmanager.com
1	btloader.com	assets.adobedtm.com
1	ak.sail-horizon.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	shadow.cargosv.fun
1	www.google.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.googleapis.com	shadow.cargosv.fun
197	95

This site contains no links.

Subject Issuer	Validity	Valid
shadow.cargosv.fun R3	`2024-03-07` - `2024-06-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
dictionary.com R3	`2024-02-29` - `2024-05-29`	3 months	crt.sh
*.recurly.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-03` - `2024-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
btloader.com GTS CA 1P5	`2024-02-15` - `2024-05-15`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
thor-graphql.dictionary.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.anyclip.com Go Daddy Secure Certificate Authority - G2	`2023-05-15` - `2024-06-15`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2024-02-06` - `2024-05-06`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
proper.io E1	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
quantserve.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.proper.io Go Daddy Secure Certificate Authority - G2	`2023-11-26` - `2024-12-27`	a year	crt.sh
icanhazip.com E1	`2024-03-07` - `2024-06-05`	3 months	crt.sh
*.springserve.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
a.ad.gt E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-19` - `2024-12-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-02-12` - `2024-08-07`	6 months	crt.sh
*.mediamath.com R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://shadow.cargosv.fun/
Frame ID: 9781F998BA766EE00C323C0D230F72B7
Requests: 126 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun
Frame ID: 744E5222226ACCC7B24726E146B0D36A
Requests: 8 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: CD3DE4B4701F2CB5C56519ADFF1B6308
Requests: 28 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: B32C9CE7B8A03F9E620B7CCFD0847598
Requests: 5 HTTP requests in this frame

Frame: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Frame ID: 2A048719C1807AC7503860BAFC8FAA26
Requests: 7 HTTP requests in this frame

Frame: https://user-sync-api.anyclip.com/setuid?bidder=ttd&uid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042
Frame ID: D8E4DDCA7FBD2124096ED8265DB3A455
Requests: 1 HTTP requests in this frame

Frame: https://user-sync-api.anyclip.com/setuid?bidder=neustar&uid=211100604815000765599
Frame ID: 2A8BA5F9FE03CD2E00E292E2DB801402
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
Frame ID: 6C6D9F5E4951515D305EF1FC90734AEB
Requests: 8 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?gdpr=&gdpr_consent=&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D
Frame ID: C912783BAB73A39C7228910A020B9C38
Requests: 2 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=fee765ea-71e9-4d00-95b4-82a841ef420c&no_iframe=1&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D&gdpr=&gdpr_consent=&source=mathtag
Frame ID: E3F79A55B34653913963A6977CC60162
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dictionary.com | Meanings & Definitions of English Words

Detected technologies

Recurly (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.recurly\.com

Zip (Payment processors) Expand

Overall confidence: 100%
Detected patterns

zip\.co

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

197
Requests

83 %
HTTPS

35 %
IPv6

56
Domains

95
Subdomains

67
IPs

4
Countries

3145 kB
Transfer

10084 kB
Size

88
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js

Request Chain 29

https://www.google.com/pagead/landing?gcs=G111&gcd=13n3n3l3l5&rnd=1817626132.1709863399&url=https%3A%2F%2Fshadow.cargosv.fun%2F&dma=0&npa=0&gtm=45He4360n71TXC5GPv71213628za220&auid=1646466232.1709863399 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13n3n3l3l5&rnd=1817626132.1709863399&url=https%3A%2F%2Fshadow.cargosv.fun%2F&dma=0&npa=0&gtm=45He4360n71TXC5GPv71213628za220&auid=1646466232.1709863399

Request Chain 56

https://rp.liadm.com/j?dtstmp=1709863400004&aid=a-04sx&se=e30&duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&tv=v2.13.1&pu=https%3A%2F%2Fshadow.cargosv.fun%2F&wpn=lc-bundle&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&cd=.cargosv.fun&c=PHRpdGxlPkRpY3Rpb25hcnkuY29tIHwgTWVhbmluZ3MgJmFtcDsgRGVmaW5pdGlvbnMgb2YgRW5nbGlzaCBXb3JkczwvdGl0bGU- HTTP 302
https://rp4.liadm.com/j?se=e30&duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&aid=a-04sx&cd=.cargosv.fun&dtstmp=1709863400004&tv=v2.13.1&wpn=lc-bundle&gpp_as=7&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTpkYTU0OjJhZGE6NzMyMg%3D%3D&n3pc=true&gpp_s=DBABLA~BVQqAAAACgA.QA&pu=https%3A%2F%2Fshadow.cargosv.fun%2F&c=PHRpdGxlPkRpY3Rpb25hcnkuY29tIHwgTWVhbmluZ3MgJmFtcDsgRGVmaW5pdGlvbnMgb2YgRW5nbGlzaCBXb3JkczwvdGl0bGU-

Request Chain 71

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=47810959-a7f7-4ece-b111-54b36b686fd6 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=bc94c1a0-10dd-472b-ad9a-c209409cbfd5%3A1709863401.1048422&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dbc94c1a0-10dd-472b-ad9a-c209409cbfd5%253A1709863401.1048422%26pid%3D500040%26it%3D1%26iv%3Dbc94c1a0-10dd-472b-ad9a-c209409cbfd5%253A1709863401.1048422%26_%3D1709863401.1072254&cb=1709863401.1072776 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288131954798446&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dbc94c1a0-10dd-472b-ad9a-c209409cbfd5%253A1709863401.1048422%26pid%3D500040%26it%3D1%26iv%3Dbc94c1a0-10dd-472b-ad9a-c209409cbfd5%253A1709863401.1048422%26_%3D1709863401.1072254 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=bc94c1a0-10dd-472b-ad9a-c209409cbfd5%3A1709863401.1048422&pid=500040&it=1&iv=bc94c1a0-10dd-472b-ad9a-c209409cbfd5%3A1709863401.1048422&_=1709863401.1072254 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1709863401.1072254&iv=bc94c1a0-10dd-472b-ad9a-c209409cbfd5:1709863401.1048422

Request Chain 72

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=47810959-a7f7-4ece-b111-54b36b686fd6&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=47810959-a7f7-4ece-b111-54b36b686fd6&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b6e79ae8-437d-4419-9003-75f76db0c8f9 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=47810959-a7f7-4ece-b111-54b36b686fd6 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=47810959-a7f7-4ece-b111-54b36b686fd6

Request Chain 73

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=47810959-a7f7-4ece-b111-54b36b686fd6 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=47810959-a7f7-4ece-b111-54b36b686fd6&rd=Y

Request Chain 74

https://x.bidswitch.net/sync?ssp=liveintent&user_id=47810959-a7f7-4ece-b111-54b36b686fd6 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=47810959-a7f7-4ece-b111-54b36b686fd6 HTTP 302
https://match.deepintent.com/usersync/129/store?id=&ext1=liveintent&ext2=b6e79ae8-437d-4419-9003-75f76db0c8f9 HTTP 303
https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_82b247911e2b4f3a97575&ssp=liveintent&bsw_param=b6e79ae8-437d-4419-9003-75f76db0c8f9 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b6e79ae8-437d-4419-9003-75f76db0c8f9

Request Chain 76

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042

Request Chain 85

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2752e76f-a6e6-4a0f-965d-8c1ff727af2d%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_260fd98e_409988ae_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2752e76f-a6e6-4a0f-965d-8c1ff727af2d&uid=b6e79ae8-437d-4419-9003-75f76db0c8f9

Request Chain 88

https://lexicon.33across.com/v1/envelope?pid=001Pg000007WiptIAC&src=pbjs&ver=8.7.0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time) HTTP 307
https://lexicon.33across.com/v1/envelope?pid=001Pg000007WiptIAC&src=pbjs&ver=8.7.0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)&b=1&g=q1xWbUTZm7V0kWV52EmQXMhNCGBNvFE0b7fI8HFO4EA%3D

Request Chain 156

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709863403-ONG8F54L-E74O&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001709863403-ONG8F54L-E74O%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709863403-ONG8F54L-E74O&adnxs_id=5196601779978546656&gdpr=0

Request Chain 157

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001709863403-ONG8F54L-E74O&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&id=AU1D-0100-001709863403-ONG8F54L-E74O

Request Chain 158

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709863403-ONG8F54L-E74O HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709863403-ONG8F54L-E74O HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=54227198-F8F3-4538-8E23-DB4813BF5A78&id=AU1D-0100-001709863403-ONG8F54L-E74O

Request Chain 160

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001709863403-ONG8F54L-E74O&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001709863403-ONG8F54L-E74O%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001709863403-ONG8F54L-E74O&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001709863403-ONG8F54L-E74O%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001709863403-ONG8F54L-E74O%252526tapad_id%25253D9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&ttd_puid=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001709863403-ONG8F54L-E74O%2526tapad_id%253D9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&tapad_id=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001709863403-ONG8F54L-E74O HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&google_gid=CAESEN-qNRSK-M1qfgVD-chbEDE&google_cver=1&google_ula=450542624,0

Request Chain 162

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001709863403-ONG8F54L-E74O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwOTg2MzQwMy1PTkc4RjU0TC1FNzRP

Request Chain 163

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001709863403-ONG8F54L-E74O HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001709863403-ONG8F54L-E74O&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACz5k7L1OQAABTtm0Xwfw&id=AU1D-0100-001709863403-ONG8F54L-E74O

Request Chain 164

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001709863403-ONG8F54L-E74O%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&sas_uid=[sas_uid]&gdpr=0&cklb=1

Request Chain 165

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001709863403-ONG8F54L-E74O HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=2629902952733649793&id=AU1D-0100-001709863403-ONG8F54L-E74O

Request Chain 173

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D HTTP 302
https://user-sync-api.anyclip.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=52f19598-fd91-4508-9aee-ca36628a0963

Request Chain 180

https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP 302
https://user-sync-api.anyclip.com/setuid?bidder=yieldmo&uid=VqmM2__OOM_0_7ALGPUk&gdpr=&gdpr_consent=&us_privacy=

Request Chain 181

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-anyclip&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://user-sync-api.anyclip.com/setuid?bidder=rubicon&uid=LTI0ITCP-12-31GR

Request Chain 182

https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D&cb=1709863404802 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=8150678902 HTTP 302
https://sync.1rx.io/usersync/turn/2629902952733649793?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005?redir=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3DRX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005 HTTP 302
https://user-sync-api.anyclip.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005

Request Chain 183

https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D

Request Chain 185

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Zepx7QAKUyIMuABX HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zepx7QAKUyIMuABX&_test=Zepx7QAKUyIMuABX

Request Chain 187

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8cf64274-dedb-8c56-b655-a5c2983be64a HTTP 302
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8cf64274-dedb-8c56-b655-a5c2983be64a&dcc=t

Request Chain 188

https://match.adsrvr.org/track/cmf/openx?oxid=d4203e09-c271-37ac-765b-2755f0082daa&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&ttd_puid=d4203e09-c271-37ac-765b-2755f0082daa&gdpr=0&gdpr_consent=

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMS4g6BsnHzKmGUvA2uO498&google_cver=1

197 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shadow.cargosv.fun/ 185 KB
36 KB 476ms
173ms Document
text/html 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

f50a739785cf0a5b7c451c8bb55764c6924b9e1e46e24ebdbc36b301e93c6274

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2390
cache-control: max-age=7200, public
content-encoding: br
content-length: 36591
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Fri, 08 Mar 2024 02:03:18 GMT
etag: W/"2e5e6-/ucq5m24sN9s/tvy0BB+0GdE0LY"
is-ads-free-subscriber: false
platform: Desktop
server: nginx/1.24.0
show-do-not-sell-link: false
vary: Accept-Encoding, X-Blue-Green-Backend, show-do-not-sell-link, is-ads-free-subscriber, platform, X-OPTIONS
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT, HIT
x-cache-hits: 0, 14, 1
x-powered-by: Express
x-served-by: cache-iad-kjyo7100093-IAD, cache-iad-kjyo7100093-IAD, cache-fra-etou8220078-FRA
x-timer: S1709863398.032042,VS0,VE1
x-trace: 00-ca43e57ef5200c00cc9f6ca967fa0d80-3452d03ce07b3594-00

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1017 B 160ms
75ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Mar 2024 02:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 00:28:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Mar 2024 02:03:18 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 166ms
55ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 02:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TNPM/PizeaP1LGhMRcm7BA==
age: 5422
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 06 Mar 2024 17:32:11 GMT
server: cloudflare
etag: 0x8DC3E035B297D15
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f1e8725f-e01e-00a1-033c-70e2fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860f3f801ddcc335-EWR

GET
H2 200 launch-c9de4f1040cd.min.js Show response
assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/ 393 KB
110 KB 447ms
140ms Script
application/x-javascript 2600:1418:a000:2aa::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/launch-c9de4f1040cd.min.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:2aa::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 41b58224a30c2ff34c96e4ea304c5a244bb9c9f81e3ec14aceb5cc78de5e250d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 15:51:44 GMT
server: AkamaiNetStorage
etag: "8ff63aa426079a64d43ea567ad7464df:1709826704.176425"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 112191
expires: Fri, 08 Mar 2024 03:03:18 GMT

GET
H2 200 20240228_orange_1920x1080.jpg
restcdn.dictionary.com/storyblok/f/239645/1921x1080/469ad0ea81/ 76 KB
76 KB 179ms
49ms Image
image/jpeg 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://restcdn.dictionary.com/storyblok/f/239645/1921x1080/469ad0ea81/20240228_orange_1920x1080.jpg
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d562da00da01d17e9e0c731543d3095b1835217541279dc7c930085b0bff9fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Wed, 19 Feb 2025 23:47:02 GMT
x-amz-version-id: GLFGPM.Sr5pVpICeVvDRG9rYtSOsKrzI
via: 1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront), 1.1 varnish
date: Fri, 08 Mar 2024 02:03:18 GMT
x-amz-cf-pop: EWR50-C1
age: 73824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
x-amz-replication-status: COMPLETED
content-length: 77545
x-served-by: cache-lga21954-LGA
last-modified: Tue, 20 Feb 2024 23:47:03 GMT
server: AmazonS3
etag: "f3d773beece826c6a287add98b9e6968"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: TCZTDzEIdCR8SE_xPRIoBOCkONA_BvBCEOkZ2bLbrXtH2SI6__o0dQ==
x-cache-hits: 468

GET
H2 200 daily-crossword.png
restcdn.dictionary.com/storyblok/f/239645/600x304/4a2ba3c8e9/ 12 KB
12 KB 239ms
110ms Image
image/png 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://restcdn.dictionary.com/storyblok/f/239645/600x304/4a2ba3c8e9/daily-crossword.png
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9608530394d3b532109bffd8fcc6a1f80ecf81b6cf7bbab4faab533cbc5c8369

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 06 Jul 2024 20:40:58 GMT
x-amz-version-id: OSKChrqM8uBVhG0itVBvKlF5iWkyYJ03
via: 1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront), 1.1 varnish
date: Fri, 08 Mar 2024 02:03:18 GMT
x-amz-cf-pop: EWR50-C1
age: 1109164
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
x-amz-replication-status: COMPLETED
content-length: 12211
x-served-by: cache-lga21954-LGA
last-modified: Fri, 07 Jul 2023 20:41:00 GMT
server: AmazonS3
etag: "ec943496e4929b3266b6b98a616057fb"
content-type: image/png
access-control-allow-origin: *
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FOgDKBP9_AH7jQA6EqYQcyHoIcY88sBqiSte4MEybVhAzLAXf3hpJQ==
x-cache-hits: 5630

GET
H2 200 hurdle.png
restcdn.dictionary.com/storyblok/f/239645/600x304/3f88d8a6ab/ 10 KB
10 KB 87ms
74ms Image
image/png 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://restcdn.dictionary.com/storyblok/f/239645/600x304/3f88d8a6ab/hurdle.png
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a77930d1f6ae1ed958d7fdfc0b3b5803f68ad81186cbb14e5ccecb62d879dd9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 06 Jul 2024 20:40:58 GMT
x-amz-version-id: DNBI7EJnkATZTC1Ru5HZhuuBDYyfONtm
via: 1.1 ce0d380336eb1f624e574285078b47f6.cloudfront.net (CloudFront), 1.1 varnish
date: Fri, 08 Mar 2024 02:03:18 GMT
x-amz-cf-pop: EWR50-C1
age: 1101042
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
x-amz-replication-status: COMPLETED
content-length: 10087
x-served-by: cache-lga21954-LGA
last-modified: Fri, 07 Jul 2023 20:41:00 GMT
server: AmazonS3
etag: "9df61335d2ad6d19a06017e5b9507f42"
content-type: image/png
access-control-allow-origin: *
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZQ-BJiC4ZAD2Fesx_FHIgVSI9Uw5cEOl4GsgO42-O5Bbb2Oc8J8CQQ==
x-cache-hits: 342

GET
H2 200 word-puzzle.png
restcdn.dictionary.com/storyblok/f/239645/600x304/3d8f566b61/ 17 KB
17 KB 87ms
74ms Image
image/png 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://restcdn.dictionary.com/storyblok/f/239645/600x304/3d8f566b61/word-puzzle.png
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef5bd1141b38692aacedd044626e1aebc97014e4fce4f293f0557f7f18425ba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 06 Jul 2024 20:40:58 GMT
x-amz-version-id: s0MoFbSqB5yWwCsSJ.diI54tQ6hAhdRu
via: 1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront), 1.1 varnish
date: Fri, 08 Mar 2024 02:03:18 GMT
x-amz-cf-pop: EWR50-C1
age: 1182644
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
x-amz-replication-status: COMPLETED
content-length: 17584
x-served-by: cache-lga21954-LGA
last-modified: Fri, 07 Jul 2023 20:41:00 GMT
server: AmazonS3
etag: "348f33579af9fc9c6240d7425def2652"
content-type: image/png
access-control-allow-origin: *
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: IvnhmY_bPcy-4vX5buaaEeQuNEJZD3_ZVQTYp0VpyLaKiaJf3oGazQ==
x-cache-hits: 348

GET
H2 200 word-wipe.png
restcdn.dictionary.com/storyblok/f/239645/600x304/13cb53c0fb/ 22 KB
22 KB 102ms
90ms Image
image/png 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://restcdn.dictionary.com/storyblok/f/239645/600x304/13cb53c0fb/word-wipe.png
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838fbc520bca4d184a091a2fb8205685240b105f3fb5d40715e46f922cb063c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 06 Jul 2024 20:40:58 GMT
x-amz-version-id: XlvIYEF9NTrxN9R5DxDaig0IrZAaJt2K
via: 1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront), 1.1 varnish
date: Fri, 08 Mar 2024 02:03:18 GMT
x-amz-cf-pop: EWR50-C1
age: 138945
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
x-amz-replication-status: COMPLETED
content-length: 22713
x-served-by: cache-lga21954-LGA
last-modified: Fri, 07 Jul 2023 20:41:00 GMT
server: AmazonS3
etag: "9dd01c58a9f9f8b04c5ebef5f0a647ee"
content-type: image/png
access-control-allow-origin: *
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vNQb-RWyd-6OiPrxq9rWPonZ6k_fA3qRtkNjp9m2ag741ONkdKsb8g==
x-cache-hits: 354

GET
H2 200 newsletter.png
restcdn.dictionary.com/storyblok/f/239645/546x308/0e5b2548c2/ 43 KB
43 KB 106ms
95ms Image
image/png 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://restcdn.dictionary.com/storyblok/f/239645/546x308/0e5b2548c2/newsletter.png
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b4b7d780535949beb511e1e4874ae0fdbf22994bd4597574ba6cff59253b79c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 06 Jul 2024 20:41:17 GMT
x-amz-version-id: GMPyCDPgvx7v4AiS7USVIjXbqWUPZZYH
via: 1.1 0c2947bdc7b8340f8e04a5a58d570236.cloudfront.net (CloudFront), 1.1 varnish
date: Fri, 08 Mar 2024 02:03:18 GMT
x-amz-cf-pop: EWR50-C1
age: 1180050
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
x-amz-replication-status: COMPLETED
content-length: 43808
x-served-by: cache-lga21954-LGA
last-modified: Fri, 07 Jul 2023 20:41:19 GMT
server: AmazonS3
etag: "3977101da42d930879c7c5e4e4446bce"
content-type: image/png
access-control-allow-origin: *
cache-control: public; max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wxrMODmU6Nb_GYPd9g9oiMt_JN3O3Q9fI20ltlssLJG900O1MmvNPw==
x-cache-hits: 377

GET
H2 200 ab34ff65bbd3138890c7.svg
shadow.cargosv.fun/ 7 KB
4 KB 243ms
231ms Image
image/svg+xml 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadow.cargosv.fun/ab34ff65bbd3138890c7.svg

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

57aa11f83c85eeb3311ed92a74674f39ac5ec9ff61830ae682abd730e596e879

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 31201
x-powered-by: Express
x-cache: MISS, HIT, HIT
is-ads-free-subscriber: false
content-length: 3257
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200043-IAD, cache-fra-etou8220116-FRA
last-modified: Wed, 28 Feb 2024 14:44:55 GMT
server: nginx/1.24.0
x-timer: S1709863399.566805,VS0,VE0
x-trace: 00-dcd938fc8e4b9f96277e1c65df23e3c3-8c5f8144cd0c50a4-00
etag: W/"1d1a-18df02cf658"
vary: Accept-Encoding, X-Blue-Green-Backend, is-ads-free-subscriber, platform, X-OPTIONS
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
platform: Desktop
x-cache-hits: 0, 25, 4

GET
H2 200 e8d8d7d566d7f7f23acd.svg
shadow.cargosv.fun/ 8 KB
4 KB 405ms
394ms Image
image/svg+xml 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadow.cargosv.fun/e8d8d7d566d7f7f23acd.svg

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

d992ee439c9f5835c031b04276a3ed44e322cc8e5c6d7c1b9fb4c4ccc41d0d51

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 31200
x-powered-by: Express
x-cache: MISS, HIT, HIT
is-ads-free-subscriber: false
content-length: 3398
x-served-by: cache-iad-kcgs7200137-IAD, cache-iad-kcgs7200099-IAD, cache-fra-eddf8230137-FRA
last-modified: Wed, 28 Feb 2024 14:44:55 GMT
server: nginx/1.24.0
x-timer: S1709863399.572275,VS0,VE1
x-trace: 00-b836109b5943395291a01e24ba5e8a4c-5caf476ac66ff210-01
etag: W/"1fcf-18df02cf658"
vary: Accept-Encoding, X-Blue-Green-Backend, is-ads-free-subscriber, platform, X-OPTIONS
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
platform: Desktop
x-cache-hits: 0, 27, 1

GET
H2 200 63571b52499ec491a39b.svg
shadow.cargosv.fun/ 4 KB
2 KB 245ms
234ms Image
image/svg+xml 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shadow.cargosv.fun/63571b52499ec491a39b.svg

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

a0178b91ad466dd6214ded2a805a160ff566b73c4db48629cffae05e9ca68438

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 31200
x-powered-by: Express
x-cache: MISS, HIT, HIT
is-ads-free-subscriber: false
content-length: 1590
x-served-by: cache-iad-kjyo7100161-IAD, cache-iad-kjyo7100151-IAD, cache-fra-etou8220114-FRA
last-modified: Wed, 28 Feb 2024 14:44:55 GMT
server: nginx/1.24.0
x-timer: S1709863399.566859,VS0,VE0
x-trace: 00-bb6fbf0fafefe5700aed908d771ca2c7-923077a18a979f07-01
etag: W/"1069-18df02cf658"
vary: Accept-Encoding, X-Blue-Green-Backend, is-ads-free-subscriber, platform, X-OPTIONS
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
platform: Desktop
x-cache-hits: 0, 23, 5

GET
H2 200 v1 Show response
www.dictionary.com/user-data-context/ 130 B
258 B 123ms
108ms Script
text/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dictionary.com/user-data-context/v1

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

207bcf11ec8c236785a67995bfce8f1d3fbf9a9944dfd8e6118f70a8438cd670

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-served-by: cache-lga21954-LGA
date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish
content-security-policy: upgrade-insecure-requests
server: Varnish
x-cache: HIT
content-type: text/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
content-length: 130
x-cache-hits: 0

GET
H2 200 recurly.js Show response
js.recurly.com/v4/ 422 KB
100 KB 486ms
134ms Script
application/javascript 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b93783262bec548a559178d5274b1b8ec55645ac6b3087b84e118525d3a33ae8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:05:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 28 Feb 2024 20:24:09 GMT
server: nginx
age: 3494
etag: W/"65df9669-6979d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
cache-control: public,max-age=3600
access-control-allow-credentials: false
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101697

GET
H2 200 recurly.css
js.recurly.com/v4/ 544 B
656 B 800ms
450ms Stylesheet
text/css 34.98.107.242
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.recurly.com/v4/recurly.css
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.242 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 242.107.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: db16b375b9cc94e99d181e402140a50550d0764384e2aea73d50a1ea3e16122d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:27:32 GMT
via: 1.1 google
last-modified: Wed, 28 Feb 2024 20:24:11 GMT
server: nginx
age: 2146
etag: "65df966b-220"
access-control-allow-methods: GET
content-type: text/css
cache-control: public,max-age=3600
access-control-allow-credentials: false
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 544

GET
H2 200 runtime.9a504b8a.js Show response
shadow.cargosv.fun/ 2 KB
2 KB 283ms
272ms Script
application/javascript 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shadow.cargosv.fun/runtime.9a504b8a.js

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

854ad2e9d68cd3cec82f94f82a5db16b4a62d6ea1966e7cad0be3722f132664e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 31201
x-powered-by: Express
x-cache: MISS, HIT, HIT
is-ads-free-subscriber: false
content-length: 1075
x-served-by: cache-iad-kjyo7100026-IAD, cache-iad-kiad7000151-IAD, cache-fra-eddf8230126-FRA
last-modified: Wed, 28 Feb 2024 14:45:10 GMT
server: nginx/1.24.0
x-timer: S1709863399.568741,VS0,VE0
x-trace: 00-d7279d91bfa2db8464e0ee037a1764fd-8664c6e2ebd3e8a3-00
etag: W/"7ad-18df02d30f0"
vary: Accept-Encoding, X-Blue-Green-Backend, is-ads-free-subscriber, platform, X-OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
platform: Desktop
x-cache-hits: 0, 19, 2

GET
H2 200 vendor.858fa16b.js Show response
shadow.cargosv.fun/ 1 MB
386 KB 327ms
317ms Script
application/javascript 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shadow.cargosv.fun/vendor.858fa16b.js

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

9e34335154ab1d187b80ab96f485e374a8a5f99f3f8f146aee58b81943243445

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 31201
x-powered-by: Express
x-cache: MISS, HIT, HIT
is-ads-free-subscriber: false
content-length: 393864
x-served-by: cache-iad-kcgs7200150-IAD, cache-iad-kjyo7100136-IAD, cache-fra-eddf8230059-FRA
last-modified: Wed, 28 Feb 2024 14:45:10 GMT
server: nginx/1.24.0
x-timer: S1709863399.570670,VS0,VE2
x-trace: 00-610c408d19a74a8d1ed1cc33070be6fa-e15488f9a4ea53dd-00
etag: W/"13c37e-18df02d30f0"
vary: Accept-Encoding, X-Blue-Green-Backend, is-ads-free-subscriber, platform, X-OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
platform: Desktop
x-cache-hits: 0, 23, 1

GET
H2 200 client.f9fa8d57.js Show response
shadow.cargosv.fun/ 943 KB
196 KB 240ms
230ms Script
application/javascript 168.119.181.50
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shadow.cargosv.fun/client.f9fa8d57.js

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.181.50 Hachenburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.50.181.119.168.clients.your-server.de

Software

nginx/1.24.0 / Express

Resource Hash

26ef0c140ab7eb5312d881ccbb8e20b99a1996bcf2474096f350024293a4a044

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 31200
x-powered-by: Express
x-cache: MISS, HIT, HIT
is-ads-free-subscriber: false
content-length: 199461
x-served-by: cache-iad-kiad7000082-IAD, cache-iad-kcgs7200145-IAD, cache-fra-etou8220026-FRA
last-modified: Wed, 28 Feb 2024 14:45:10 GMT
server: nginx/1.24.0
x-timer: S1709863399.566847,VS0,VE0
x-trace: 00-7fcd4d2f6e28c6e545c4e562d398ae71-7b1407de5e50dd9e-00
etag: W/"ebccb-18df02d30f0"
vary: Accept-Encoding, X-Blue-Green-Backend, is-ads-free-subscriber, platform, X-OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
platform: Desktop
x-cache-hits: 0, 37, 11

GET
H2 200 9d2f702e-426c-4de5-ac78-0c73a7f21691.json Show response
cdn.cookielaw.org/consent/9d2f702e-426c-4de5-ac78-0c73a7f21691/ 6 KB
3 KB 299ms
191ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9d2f702e-426c-4de5-ac78-0c73a7f21691/9d2f702e-426c-4de5-ac78-0c73a7f21691.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd817e5d830abe8ea8334dab936a6425f5faaaee60e881ddb28b55718910ec4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 02:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: cZdf/YL3IRFdE9kdNkUsMg==
content-length: 2027
x-ms-lease-status: unlocked
last-modified: Wed, 31 Jan 2024 20:17:29 GMT
server: cloudflare
etag: 0x8DC2299A64E137B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bac34be2-601e-0029-1adf-7007f7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860f3f8129b08c6c-EWR
expires: Sat, 09 Mar 2024 02:03:18 GMT

GET
H2 200 LFTEtica-Regular.woff2
assets.dictionary.com/fonts/LFTEtica/ 37 KB
37 KB 392ms
179ms Font
binary/octet-stream 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.dictionary.com/fonts/LFTEtica/LFTEtica-Regular.woff2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6083394aecf43d73ea8714ddbca32e5cc10d5c254f256bc7022ceb8dbc63367d

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: _.Wyp7NPJ.G.XVcgYDm_tiS2Pdl4V12Z
date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish
x-amz-request-id: 45Z9KMN926QHAS87
age: 1000
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 38016
x-amz-id-2: auMKuX5RCMClqL7ZuqiDAsmxzVsWSY5aMZqrDIFzhYuPwsithmWwl9QSn0PFgsj38H72R/znQK4=
x-served-by: cache-lga21961-LGA
last-modified: Tue, 03 Oct 2023 01:05:20 GMT
server: AmazonS3
etag: "91466ac500734494760632eb49dab8f1"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, public
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 25

GET
H2 200 LFTEtica-Semibold.woff2
assets.dictionary.com/fonts/LFTEtica/ 39 KB
39 KB 392ms
180ms Font
binary/octet-stream 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.dictionary.com/fonts/LFTEtica/LFTEtica-Semibold.woff2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b9e0d5fae56d3e97d55c6e1f2ded403b29299b66a9f2df422f148a9a6b87c6b

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: R9BNl7h9BSCYK_mH2yoCcUQsOiuGB0hA
date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish
x-amz-request-id: 78FV60314Q7RT23E
age: 553
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 40024
x-amz-id-2: dWtDRI7YbJ4PJrQrIOl/JaKImHnFDPalkALjKw1D9yyl6Fv3MaLRlxSMiz73stRvifRXUac09yI=
x-served-by: cache-lga21961-LGA
last-modified: Tue, 03 Oct 2023 01:05:20 GMT
server: AmazonS3
etag: "4bc4fbe23ca8ec6f83d293e578f34fa3"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, public
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11

GET
H2 200 LFTEtica-Book.woff2
assets.dictionary.com/fonts/LFTEtica/ 41 KB
41 KB 388ms
177ms Font
binary/octet-stream 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.dictionary.com/fonts/LFTEtica/LFTEtica-Book.woff2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0420352e425cb5ec9b9ef8f9abddfc65197bd5a115b88e7a657dcf346c31996b

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: SKUSWOSbVK_dABBdYdOTvygDJqK2s_zt
date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish
x-amz-request-id: GG61A657DQ3EQSXR
age: 2718
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 42096
x-amz-id-2: RgNph/BeFSyE+UDVIbbtj8HXGFcVKSQtxWqS7A0Co+3taDuXve6i1MoE+lRj3rdFzb6xby3MHpc=
x-served-by: cache-lga21961-LGA
last-modified: Tue, 03 Oct 2023 01:05:20 GMT
server: AmazonS3
etag: "10ba62449b71df65621de57215baa9fa"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, public
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 37

GET
H2 200 LFTEticaSheriff-Regular.woff2
assets.dictionary.com/fonts/LFTEticaSheriff/ 41 KB
41 KB 292ms
81ms Font
binary/octet-stream 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.dictionary.com/fonts/LFTEticaSheriff/LFTEticaSheriff-Regular.woff2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f38470ccdf589a6292ed672436a5f45ca42ad3c9870309b36baf1c978f8ecce

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: izD32OEBsY_OaiWyUC1rHrrUd9uFhZQb
date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish
x-amz-request-id: 5S04DP50PKJKPKAJ
age: 6152
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41516
x-amz-id-2: r0YxKNvDjdxSnvyNoOXmD+83PD+TcqpWnMg26FzrNIRnb8JwgPPLVQOI8FlFumL9hykXh6Q0+dg=
x-served-by: cache-lga21961-LGA
last-modified: Tue, 03 Oct 2023 01:05:21 GMT
server: AmazonS3
etag: "e7a9689e4b54ff1758eedb42c1426d49"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, public
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 63

GET
H2 200 LFTEtica-Bold.woff2
assets.dictionary.com/fonts/LFTEtica/ 39 KB
39 KB 292ms
82ms Font
binary/octet-stream 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.dictionary.com/fonts/LFTEtica/LFTEtica-Bold.woff2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68bd3a570a44d9cd15a55d6337ab81e5749174d1ea88fc809ac33993b8e25a2c

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: yrzfMTYgiDrAJjxHVBhNmQHlybfmH5NP
date: Fri, 08 Mar 2024 02:03:18 GMT
via: 1.1 varnish
x-amz-request-id: 8SFJPASV086J9FVC
age: 1735
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 39608
x-amz-id-2: KOaR8RfG9cY27y4K1bI4YSRQGzMfBZw4VU3AQKDMpcK/jXp0bczjj9Ino7x3dDMPHAc92kOzqao=
x-served-by: cache-lga21961-LGA
last-modified: Tue, 03 Oct 2023 01:05:20 GMT
server: AmazonS3
etag: "2a9ab65ae16c5ae9e4e659bedb5bf271"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, public
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 34

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
101 KB 286ms
103ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXC5GP

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94550f8e5c397c027e29fefa3e35896a2ff71aec003ec4940a19a570d73eb1eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103209
x-xss-protection: 0
last-modified: Fri, 08 Mar 2024 00:09:27 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Mar 2024 02:03:18 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
305 B 239ms
83ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://shadow.cargosv.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 860f3f835a040c94-EWR
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/ 429 KB
104 KB 57ms
57ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f397381c3df41ea1a4714a1dfea67c1381e25627a18596201af50c40d93ab06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PypTWx4nlFN0E393LXKANQ==
age: 5418
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106526
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jan 2024 07:01:57 GMT
server: cloudflare
etag: 0x8DC1B18065F5741
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36e9abe2-a01e-00a0-71c2-4dbd22000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860f3f83e8d7c335-EWR

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.5.2/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js

7 KB
3 KB

65ms
65ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.5.2/dist/web-vitals.iife.js

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0e1f95aa09754b10449fd8cd7f2e76d8f232d1038b6cf7454db558ac79962e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3648019
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HN15S5HVSDADTA1KXS19Q5AX-lga
server: cloudflare
etag: W/"1bff-XBuNuslfZI/SL2xuiJqqum43R9A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 860f3f860943c3fa-EWR

Redirect headers

date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HRDWQV5SMQNY7YYE291PSGBZ-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 66
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.5.2/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 860f3f857882c3fa-EWR

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 7 KB
3 KB 216ms
86ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXC5GP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7be58558ac5f613c44cc4ca498d6bd64de88aaa3f78e6d618771758205e8b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8524422
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGFV943T63VKQZ9AN02YC5Z0-lga
server: cloudflare
etag: W/"1ae1-tMDPEHOSIsyc9nlymp5rO1O4NKA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 860f3f857885c3fa-EWR

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13n3n3l3l5&rnd=1817626132.1709863399&url=https%3A%2F%2Fshadow.cargosv.fun%2F&dma=0&npa=0&gtm=45He4360n71TXC5GPv71213628za220&auid=1646466232.17098...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13n3n3l3l5&rnd=1817626132.1709863399&url=https%3A%2F%2Fshadow.cargosv.fun%2F&dma=0&npa=0&gtm=45He4360n71TXC5GPv71213628za220&auid=164...

42 B
588 B

188ms
66ms

Ping
image/gif

2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13n3n3l3l5&rnd=1817626132.1709863399&url=https%3A%2F%2Fshadow.cargosv.fun%2F&dma=0&npa=0&gtm=45He4360n71TXC5GPv71213628za220&auid=1646466232.1709863399

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13n3n3l3l5&rnd=1817626132.1709863399&url=https%3A%2F%2Fshadow.cargosv.fun%2F&dma=0&npa=0&gtm=45He4360n71TXC5GPv71213628za220&auid=1646466232.1709863399
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 254ms
75ms Script
application/javascript 13.225.63.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXC5GP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-113.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:00:22 GMT
content-encoding: gzip
via: 1.1 17a79dcb426270de1bedb2a8dbcb8f72.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 06:45:39 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 178
x-amz-server-side-encryption: AES256
etag: W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: YKNYiDh1lu_vk1S2PSFPt0lphnJMntyLEfNxm1VwgouJ5sMFeOkUUw==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/9d2f702e-426c-4de5-ac78-0c73a7f21691/4aded8df-df58-4b41-843d-7ba8b861295d/ 150 KB
29 KB 175ms
175ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/9d2f702e-426c-4de5-ac78-0c73a7f21691/4aded8df-df58-4b41-843d-7ba8b861295d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4725d5ceb1342c63674aa4744859cbbfc9c6a4a946f0480bc5c12b22879c3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 02:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: 5Ai4uTDPIZ8k493WC5M+8A==
content-length: 29582
x-ms-lease-status: unlocked
last-modified: Wed, 31 Jan 2024 20:17:29 GMT
server: cloudflare
etag: 0x8DC2299A66E67FC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d2ff8b86-701e-000a-4bdf-709d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 860f3f84ce3a8c6c-EWR
expires: Sat, 09 Mar 2024 02:03:19 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 110ms
109ms Script
application/x-javascript 2600:1418:a000:2aa::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/launch-c9de4f1040cd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:2aa::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12687
expires: Fri, 08 Mar 2024 03:03:19 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 3 KB
2 KB 102ms
102ms Script
application/x-javascript 2600:1418:a000:2aa::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/launch-c9de4f1040cd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:2aa::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "f1e098a5dd836ea5fc9726c429c8d71d:1694496806.740373"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Fri, 08 Mar 2024 03:03:19 GMT

GET
H2 200 tag Show response
btloader.com/ 52 KB
18 KB 233ms
60ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=4864101730746368&upapi=true
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/launch-c9de4f1040cd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3c175184b951366420a5215d7f8b97520d2b9f9d91a0984ef96e9a9f7adb2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 08 Mar 2024 01:42:03 GMT
server: cloudflare
age: 1148
etag: "d30d0ac072d07f4d9265ec52ae272d14"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 860f3f862ebc4235-EWR
content-length: 18077

GET
H2 200 otGPP.js Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/ 58 KB
12 KB 70ms
69ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/otGPP.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e49f55637dff315b98e1fd8ff6d5891dad20a07bb8cead5070afed79a3973758

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 02:03:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: iCHTeEul4usQRSJqLRCksA==
age: 40830
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 519f2f73-301e-000b-6d9c-70c2e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860f3f860a67c335-EWR

GET
H2 200 a-04sx.min.js Show response
b-code.liadm.com/ 48 KB
16 KB 215ms
78ms Script
application/javascript 2600:9000:23cb:7600:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04sx.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXC5GP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e898e52bd1bd67bb6a1fe68102885be90b72e1f63eddf184783cff26888c0414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 19:39:20 GMT
content-encoding: gzip
via: 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
age: 23039
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: r0T2v094JqeZFtvRaV3OcOCMWpRPTCCKjz_U3tTIElAc0Hn7K5MEMg==

OPTIONS
H2 200 graphql
thor-graphql.dictionary.com/ Frame 0
0 202ms
53ms Preflight 35.169.163.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thor-graphql.dictionary.com/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.169.163.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-163-157.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://shadow.cargosv.fun
access-control-max-age: 3600
date: Fri, 08 Mar 2024 02:03:19 GMT
server: istio-envoy

POST
H2 200 graphql Show response
thor-graphql.dictionary.com/ 181 B
290 B 60ms
59ms Fetch
application/json 35.169.163.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://thor-graphql.dictionary.com/graphql
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/client.f9fa8d57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.169.163.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-163-157.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: fc4d0aca4d2f32f5e46ec8e5c50f6be1473ab9fe27f39593c45cc03d8ffc62dc

Request headers

Referer: https://shadow.cargosv.fun/
accept-language: en-US,en;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
server: istio-envoy
vary: Origin
content-type: application/json
access-control-allow-origin: https://shadow.cargosv.fun
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 181

GET
H2 200 v3 Show response
www.dictionary.com/user-data-context/ 107 B
241 B 71ms
71ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dictionary.com/user-data-context/v3

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/client.f9fa8d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

6ab42e9981109c4006be96fdc80ffcb328c274f3e0e65e2e9e6c0928211f334f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-served-by: cache-lga21961-LGA
date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 varnish
content-security-policy: upgrade-insecure-requests
server: Varnish
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 107
x-cache-hits: 0

GET
H2 200 / Show response
api-portal.dictionary.com/storyblok/stories/ 27 KB
8 KB 107ms
97ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api-portal.dictionary.com/storyblok/stories/?token=r9mevU7o9EO8KlaCcxhdZwtt&version=published

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

07acb6c4c162ed0c8b39e102fd07824398a3bdda40f09bc3a3d644455036cdf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-encoding: gzip
x-permitted-cross-domain-policies: none
sb-be-version: 2.5.3
x-served-by: cache-iad-kcgs7200138-IAD, cache-iad-kiad7000175-IAD, cache-lga21961-LGA
referrer-policy: strict-origin-when-cross-origin
etag: W/"07acb6c4c162ed0c8b39e102fd078243"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Api-Version, Token, Total, Per-Page
cache-control: max-age=300, public
vary: Accept-Encoding,Origin
x-cache-hits: 1, 1, 0
total: 420
via: 1.1 34411558fb3a23efdbbaaddb8a12b574.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 02:03:19 GMT
per-page
x-amz-cf-pop: IAD12-P1
x-cache: Miss from cloudfront, HIT, HIT, MISS
fastly-restarts: 1
x-xss-protection: 1; mode=block
x-request-id: a299c1cd-699d-473a-b028-146d3b234d37
content-length: 7035
x-runtime: 0.045207
server: nginx/1.23.3
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: 8yD5zkGaLWjhCW6pauXkAcLOcpexGuRRvJfHlc75FKCy0tn4USwpDg==

GET
H2 200 lre.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 1 MB
349 KB 193ms
55ms Script
application/javascript 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/client.f9fa8d57.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 0d3f2a307c2394eacc9ab103292200d63c64120e8de5a97062306a62c967442c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: kcfZlmwYb2H2hvxb9fLmWwM_ENKOTXQF
content-encoding: gzip
date: Fri, 08 Mar 2024 02:03:19 GMT
x-amz-request-id: AN2R13NYWEDKY2QK
age: 113552
x-amz-server-side-encryption: AES256
content-length: 356743
x-amz-id-2: zBnklUH3O34kw7OUn6B2e1rO3fu9N+1oju3ucLiQlAGvtfiy4moGp4g2+vAi54TwYooK6UGB97Cv1xNgNoewFCMUj6ht4PaY
last-modified: Wed, 28 Feb 2024 08:39:10 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
x-llid: a12db378d7e2fe41102eb2328b6ef8fc
expires: Wed, 06 Mar 2024 18:31:47 GMT

GET
H2 200 quiz Show response
www.dictionary.com/e/wp-json/dictionary/v1/ 5 KB
2 KB 51ms
50ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dictionary.com/e/wp-json/dictionary/v1/quiz?slug=countable-vs-uncountable-Nouns-Quiz

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/client.f9fa8d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5b079b55f0ae3c12627f9c9f8f37e5c8767464ff6b11ca027aa13f5077d6853c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 12525
x-cache: MISS, HIT, HIT
cached-cookies: (null); ; (null); ;
is-ads-free-subscriber: false
content-length: 1287
x-served-by: cache-iad-kiad7000147-IAD, cache-iad-kjyo7100073-IAD, cache-lga21961-LGA
server: Apache
x-timer: S1709863400.694495,VS0,VE2
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://shadow.cargosv.fun
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=21600, public
access-control-allow-credentials: true
vary: Origin,Accept-Encoding, X-Blue-Green-Backend, cached-cookies, is-ads-free-subscriber, X-OPTIONS
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.dictionary.com/e/wp-json/>; rel="https://api.w.org/"
x-cache-hits: 0, 2, 1

GET
H2 200 quiz_answers Show response
www.dictionary.com/e/wp-json/dictionary/v1/ 626 B
396 B 52ms
52ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dictionary.com/e/wp-json/dictionary/v1/quiz_answers?slug=countable-vs-uncountable-Nouns-Quiz

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/client.f9fa8d57.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b4698a3a10feb2995052fa489e32fdf4faa657f40a488cbc977a917de60afaff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 12525
x-cache: MISS, HIT, HIT
cached-cookies: (null); ; (null); ;
is-ads-free-subscriber: false
content-length: 265
x-served-by: cache-iad-kcgs7200157-IAD, cache-iad-kiad7000126-IAD, cache-lga21961-LGA
server: Apache
x-timer: S1709863400.694400,VS0,VE3
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://shadow.cargosv.fun
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=21600, public
access-control-allow-credentials: true
vary: Origin,Accept-Encoding, X-Blue-Green-Backend, cached-cookies, is-ads-free-subscriber, X-OPTIONS
accept-ranges: bytes
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.dictionary.com/e/wp-json/>; rel="https://api.w.org/"
x-cache-hits: 0, 2, 1

GET
H2 200 main.gif
track.dictionary.com/ 42 B
292 B 719ms
303ms Image
image/gif 2600:1f18:fab:1a11:e916:9851:dc91:9c19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.dictionary.com/main.gif?ab=0&accountID&cb=207577480&documentLoadId=252807-1709863399693&ev=p&pageLoadId=997104-1709863399693&pn=dict-home&rf=&st=dict&url=https%3A%2F%2Fshadow.cargosv.fun%2F
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:fab:1a11:e916:9851:dc91:9c19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.16.1 / Express
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:20 GMT
server: nginx/1.16.1
x-powered-by: Express
vary: Origin
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 42
expires: 0

GET
H2 200 RC70f9f6f135814291b9801a9a7ebe2337-source.min.js Show response
assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/8b703bb122bf/ 2 KB
1 KB 124ms
122ms Script
application/x-javascript 2600:1418:a000:2aa::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/8b703bb122bf/RC70f9f6f135814291b9801a9a7ebe2337-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/launch-c9de4f1040cd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:2aa::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 60c84b265b9c78a8cf0acb61affc9ca61abf4a74d3ed5425e0dd18e89e9f176b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 15:51:45 GMT
server: AkamaiNetStorage
etag: "9ed70d1115be65d9cdb90c721068c0c6:1709826705.903884"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 822
expires: Fri, 08 Mar 2024 03:03:19 GMT

GET
H2 200 LFTEtica-BoldItalic.woff2
assets.dictionary.com/fonts/LFTEtica/ 38 KB
39 KB 63ms
62ms Font
binary/octet-stream 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.dictionary.com/fonts/LFTEtica/LFTEtica-BoldItalic.woff2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a54ecaa5f00ec66666dc590d26c079ea421cce344f8abec1ac4e813174ee190

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: waLIDpjLWFYArtYFtN3_stYV8QmQtRSX
date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 varnish
x-amz-request-id: 6YB07GSAYK5B97CB
age: 5516
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 39236
x-amz-id-2: c5oz82vDJ6vaeg+/Ym4L7POI1YlTB4QKkBv7Dg9g+0bs2vs666HkinKzqA/BL9pffVap3zfXCWc=
x-served-by: cache-lga21961-LGA
last-modified: Tue, 03 Oct 2023 01:05:19 GMT
server: AmazonS3
etag: "4ec7fcf5d0567828670f5dcc68cbe216"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=7200, public
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 11

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
473 B 87ms
86ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&okv=%7B%22sailthru_popup%22%3A%22show%22%7D
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 41e7dd18435a55c94cdf31a649c08101eee63a620049cde2a48779f8986e7a77

Request headers

x-lib-version: v1.0.1
accept-language: en-US,en;q=0.9
authorization: Bearer 79cddfbc50ef558a5e8bef02e1ffa767
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://shadow.cargosv.fun/
x-referring-url: https://shadow.cargosv.fun/

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 172
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 658ms
304ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&okv=%7B%22sailthru_popup%22%3A%22show%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://shadow.cargosv.fun
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Fri, 08 Mar 2024 02:03:20 GMT

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.1.0/assets/ 21 KB
4 KB 211ms
211ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.1.0/assets/otCommonStyles.css

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Mar 2024 02:03:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Thu, 07 Mar 2024 09:27:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5ea83e61-901e-0084-0cdf-704b82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 860f3f88eaf98c6c-EWR

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 605ms
285ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 02:03:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 724ms
405ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408270
x-guploader-uploadid: ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnaI8QaMZ4iH1TyZyGX5GCmzvbe4hGZ9LS59%2FQz4CW6b%2BZUe%2F366L0s%2FD8KhLM0waejO0VNcCHCmYOhzYS4cVWszO4UsRbc9jPGiILsaQhiDwEtkzENcT1MokMsvRbQd8ma%2Bk9rPH0d4wCoxUw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 860f3f8b08f842e0-EWR
expires: Sun, 03 Mar 2024 08:51:06 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 725ms
406ms Image
image/x-icon 142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.230 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 19:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Mar 2024 19:19:24 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
909 B 721ms
402ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4969572857102522
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408270
x-guploader-uploadid: ABPtcPpNNajJRSFwM_0C3hYzCNCujkAURVj2eJaHaN1pvAL62OV4Db0k-n6McK_DMWi8P7kNfg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iy8yyCHyrPK3J6SpPyBBZ7fB2RUpGsHeJ0OX1%2BevIyTRlbvmn224sXfZtf91NahabyGbh24688yBi2fs59vApeln7fGqxS2lZcXBWdbG6G7fZGqVnojoqS8BNkiFVkHHV5Qi%2Fkng6tqleD7zzA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 860f3f8b08f942e0-EWR
expires: Sun, 03 Mar 2024 08:51:06 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 612ms
262ms Script
application/x-javascript 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-41-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 13e8e4759ba2d94687c897bcb1ce30a40bd520ed2aa3e3a010b2458eea0886c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:03:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Feb 2024 18:16:22 GMT
Server: AkamaiNetStorage
ETag: "3dfec5817f6e0595cd1aaa12edd8807b:1707332478.611109"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: NA
Cache-Control: max-age=1200
X-CC: US
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7498
Expires: Fri, 08 Mar 2024 02:23:20 GMT

GET
H2 200 / Show response
api-portal.dictionary.com/storyblok/stories/homepages/shared-homepage/ 16 KB
5 KB 180ms
176ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api-portal.dictionary.com/storyblok/stories/homepages/shared-homepage/?cv=1709851838&token=r9mevU7o9EO8KlaCcxhdZwtt&version=published&resolve_relations=module_homepage_games.gamesList%2Cmodule_homepage_hero.article%2Cmodule_homepage_recirculation.articles%2Cmodule_homepage_trending.articles

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.23.3 /

Resource Hash

dfe6dd6dc3ca2827137ed6e9a5e00036a794908448448882ec0f30f71343e44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
sb-agent: SB-JS-CLIENT
Referer: https://shadow.cargosv.fun/
sb-agent-version: 5.14.4
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: application/json

Response headers

date: Fri, 08 Mar 2024 02:03:19 GMT
via: 1.1 6e0f9dce97fcb3c9b684592a289e4e72.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD12-P1
age: 7772
sb-be-version: 2.5.3
x-cache: Miss from cloudfront, MISS, HIT, MISS
content-length: 4869
x-xss-protection: 1; mode=block
x-request-id: 456425ad-b3c6-4129-b995-05141825b5df
x-served-by: cache-iad-kiad7000159-IAD, cache-iad-kiad7000073-IAD, cache-lga21961-LGA
x-runtime: 0.050767
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.23.3
etag: W/"8158a6ffd4691c04aa9d7f4cbf7d1d05"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Api-Version, Token, Total, Per-Page
cache-control: max-age=604800, public
access-control-allow-credentials: true
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: 3ctSN_ulosh4wkiTJvJo-3RD1PBLgN66R1ScNEvYzVJcumllAMHk8Q==
x-cache-hits: 0, 1, 0

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1709863400004&aid=a-04sx&se=e30&duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&tv=v2.13.1&pu=https%3A%2F%2Fshadow.cargosv.fun%2F&wpn=lc-bundle&gpp_s=DBABLA~BVQqAAAACgA....
https://rp4.liadm.com/j?se=e30&duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&aid=a-04sx&cd=.cargosv.fun&dtstmp=1709863400004&tv=v2.13.1&wpn=lc-bundle&gpp_as=7&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTpkYTU...

13 B
318 B

261ms
69ms

XHR
application/json

34.225.106.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&aid=a-04sx&cd=.cargosv.fun&dtstmp=1709863400004&tv=v2.13.1&wpn=lc-bundle&gpp_as=7&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTpkYTU0OjJhZGE6NzMyMg%3D%3D&n3pc=true&gpp_s=DBABLA~BVQqAAAACgA.QA&pu=https%3A%2F%2Fshadow.cargosv.fun%2F&c=PHRpdGxlPkRpY3Rpb25hcnkuY29tIHwgTWVhbmluZ3MgJmFtcDsgRGVmaW5pdGlvbnMgb2YgRW5nbGlzaCBXb3JkczwvdGl0bGU-
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Server: 34.225.106.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-106-93.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
x-pixel-event-id: 0ab17fef-a7f8-440b-9f5b-e49c971ee17d
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&aid=a-04sx&cd=.cargosv.fun&dtstmp=1709863400004&tv=v2.13.1&wpn=lc-bundle&gpp_as=7&i6=MmEwZDo1NjAwOjI0OjE1MDA6MTAxMTpkYTU0OjJhZGE6NzMyMg%3D%3D&n3pc=true&gpp_s=DBABLA~BVQqAAAACgA.QA&pu=https%3A%2F%2Fshadow.cargosv.fun%2F&c=PHRpdGxlPkRpY3Rpb25hcnkuY29tIHwgTWVhbmluZ3MgJmFtcDsgRGVmaW5pdGlvbnMgb2YgRW5nbGlzaCBXb3JkczwvdGl0bGU-
access-control-allow-origin: https://shadow.cargosv.fun
date: Fri, 08 Mar 2024 02:03:20 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H2 200 thesaurus.min.js Show response
global.proper.io/ 13 KB
5 KB 547ms
131ms Script
application/javascript 2606:4700::6810:e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/thesaurus.min.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/client.f9fa8d57.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad79048b86ce7e864293382d9e57e5cd28c6b6d8ac21eb1c6c77f0acced223b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 21:11:49 GMT
server: cloudflare
age: 190288
etag: W/"65e78a95-3224"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 860f3f8cee7a43fb-EWR
expires: Fri, 08 Mar 2024 02:08:20 GMT

OPTIONS
H2 200 /
api-portal.dictionary.com/storyblok/stories/homepages/shared-homepage/ Frame 0
0 56ms
56ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api-portal.dictionary.com/storyblok/stories/homepages/shared-homepage/?cv=1709851838&token=r9mevU7o9EO8KlaCcxhdZwtt&version=published&resolve_relations=module_homepage_games.gamesList%2Cmodule_homepage_hero.article%2Cmodule_homepage_recirculation.articles%2Cmodule_homepage_trending.articles
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.23.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sb-agent,sb-agent-version
Access-Control-Request-Method: GET
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,sb-agent,sb-agent-version
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: Api-Version, Token, Total, Per-Page
access-control-max-age: 7200
age: 11009
cache-control: max-age=604800, public
content-length: 0
date: Fri, 08 Mar 2024 02:03:19 GMT
server: nginx/1.23.3
via: 1.1 b0c7b942a33f0f4451718aee53f7840c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: GhiJJbHN6CHaLgGHPWSrYiZCqkpzEjz5DPrfS3VcN39NdeKNDfTgJQ==
x-amz-cf-pop: IAD12-P1
x-cache: Miss from cloudfront, MISS, HIT, HIT
x-cache-hits: 0, 6, 125
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kcgs7200152-IAD, cache-lga21961-LGA

GET
H2 200 RCac48a7a52abf432c94df29dc6fbbe74f-source.min.js Show response
assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/8b703bb122bf/ 668 B
630 B 394ms
393ms Script
application/x-javascript 2600:1418:a000:2aa::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/8b703bb122bf/RCac48a7a52abf432c94df29dc6fbbe74f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d14cd3d8edd3/14b6230c7d29/launch-c9de4f1040cd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1418:a000:2aa::1e80 Minneapolis, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bad1b62851c42b431e553d6dd4475b5c893bbcb17dc605f134e414562fff865d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: gzip
last-modified: Thu, 07 Mar 2024 15:51:45 GMT
server: AkamaiNetStorage
etag: "9ed70d1115be65d9cdb90c721068c0c6:1709826705.903884"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 372
expires: Fri, 08 Mar 2024 03:03:20 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 211ms
23ms Ping
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=09945131620611873&referrer=&cht=ot&marketerId=000dd3a05e4416401be1ab65f33e03af96&name=PAGE_VIEW&dl=https%3A%2F%2Fshadow.cargosv.fun%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:03:20 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: e72350c1206a0657f9289b03722a713a
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 205ms
24ms Script
application/javascript 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=000dd3a05e4416401be1ab65f33e03af96

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 7c1acf7c92d3e27d315b4f6c8ffd5d5c
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 000dd3a05e4416401be1ab65f33e03af96 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 352ms
55ms Script
text/html 23.215.41.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/000dd3a05e4416401be1ab65f33e03af96

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.215.41.73 McAllen, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-215-41-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Fri, 08 Mar 2024 02:03:20 GMT
ob-sent-time: 1709802427545
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: NA
Cache-Control: max-age=60
X-CC: US
Connection: keep-alive
X-TraceId: ef226930f63c56360856872c417c1009
Content-Length: 22
Expires: Fri, 08 Mar 2024 02:04:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 283ms
74ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/thesaurus.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4804a0cefedaeee7c2acc6b3d03c4ea17df48a1d604b930913ac283a906aa164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28629
x-xss-protection: 0
server: cafe
etag: 534 / 19790 / m202403040101 / config-hash: 1443726120225543579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Mar 2024 02:03:20 GMT

GET
H2 200 3.2.2-amazon-fix.js Show response
global.proper.io/payloads/ 619 KB
151 KB 79ms
78ms Script
application/javascript 2606:4700::6810:e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/3.2.2-amazon-fix.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/thesaurus.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f176d3ea6417d392534ee0c10e6d14d94f1858e34201e12e1af47ef6f5b66d99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Feb 2024 01:36:48 GMT
server: cloudflare
age: 2932698
etag: W/"65bd98b0-9adc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 860f3f8dcf5743fb-EWR
expires: Fri, 08 Mar 2024 02:08:20 GMT

GET
H2 200 thesaurus.27862.json Show response
global.proper.io/config/ 34 KB
9 KB 491ms
400ms XHR
application/json 2606:4700::6810:e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/config/thesaurus.27862.json
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a808fb3a10e55b1ac44a602b125fc43f9e9b57b687d2578fb3282d8581cbbc40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 05 Mar 2024 21:11:49 GMT
server: cloudflare
etag: W/"65e78a95-89dc"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 860f3f8e5ea05e82-EWR
expires: Fri, 08 Mar 2024 02:08:21 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 159ms
133ms Image
image/gif 2606:4700::6810:e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=2.9033432317884076
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: X8V290B8NQ1TAE3E
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 860f3f8def7543fb-EWR
content-length: 842
x-amz-id-2: 6vxwVdYc8x3Hw6zYYMWupiKmlh5U+084zoOHdHeoHFzr0xYZeInkwOA2+VzSb3dvQJ3bDdOGoLY=
expires: Fri, 08 Mar 2024 06:03:20 GMT

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
982 B 237ms
211ms Image
image/gif 2606:4700::6810:e77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=2.9033432317884076
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:e77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
cf-cache-status: MISS
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: cloudflare
x-amz-request-id: X8V35PTQPNX2HT4G
etag: "04b36c8411ae7bf7a8c369fa94b30e56"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 860f3f8def7643fb-EWR
content-length: 842
x-amz-id-2: p7GgBpnBr7qk2x5GJaf0SdPGqshs9JATfTLNqvZqjv68O95QKyRnoLkY8F0NnUC7Rv9msq+3jXE=
expires: Fri, 08 Mar 2024 06:03:20 GMT

GET
H/1.1 200
OK a-04sx Show response
i.liadm.com/s/c/ Frame 744E 1 KB
1 KB 83ms
23ms Document
text/html 34.194.198.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-04sx.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.194.198.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-198-162.compute-1.amazonaws.com

Software

Resource Hash

e4c4b9a475d29a683af4a8b2c28ebc992447bfa6d273e4af3e671f5fbdaeb567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://shadow.cargosv.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 637
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Mar 2024 02:03:20 GMT
Request-Time: 12
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 104ms
11ms Script
application/javascript 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/3.2.2-amazon-fix.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 15 Mar 2024 02:03:20 GMT

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 4 KB
2 KB 188ms
4ms Script
application/javascript 2600:9000:21dd:2c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:2c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:44:05 GMT
content-encoding: gzip
via: 1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 1156
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:52:56 GMT
server: AmazonS3
etag: W/"bc35b7c476efec25f5c48ba8fb7b9906"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: XNs2mG89jqR_KJ7A_E0XgLK0ilfOqavIH5I1FqNJPft0ImcXLm4RsQ==

GET
H2

200

sync
pippio.com/api/ Frame 744E
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=47810959-a7f7-4ece-b111-54b36b686fd6
https://p.rfihub.com/cm?pub=39342&in=1&userid=bc94c1a0-10dd-472b-ad9a-c209409cbfd5%3A1709863401.1048422&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Dbc94c1a0-10dd-472b...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1797288131954798446&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Dbc94c1...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=bc94c1a0-10dd-472b-ad9a-c209409cbfd5%3A1709863401.1048422&pid=500040&it=1&iv=bc94c1a0-10dd-472b-ad9a-c209409cbfd5%3A1709863401.1048422&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1709863401.1072254&iv=bc94c1a0-10dd-472b-ad9a-c209409cbfd5:1709863401.1048422

42 B
569 B

364ms
179ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1709863401.1072254&iv=bc94c1a0-10dd-472b-ad9a-c209409cbfd5:1709863401.1048422
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1709863401.1072254&iv=bc94c1a0-10dd-472b-ad9a-c209409cbfd5:1709863401.1048422
Date: Fri, 08 Mar 2024 02:03:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 744E
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=47810959-a7f7-4ece-b111-54b36b686fd6&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=47810959-a7f7-4ece-b111-54b36b686fd6&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=b6e79ae8-437d-4419-9003-75f76db0c8f9
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=47810959-a7f7-4ece-b111-54b36b686fd6
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=47810959-a7f7-4ece-b111-54b36b686fd6

42 B
714 B

34ms
33ms

Image
image/gif

54.86.148.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=47810959-a7f7-4ece-b111-54b36b686fd6

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun

Protocol

Server

54.86.148.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-148-40.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v057-0e6ed671f.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: V/EI2rp3Rp8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v057-0fb543d7e.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: aMHF4yxhRyM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=47810959-a7f7-4ece-b111-54b36b686fd6
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 744E
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=47810959-a7f7-4ece-b111-54b36b686fd6
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=47810959-a7f7-4ece-b111-54b36b686fd6&rd=Y

43 B
594 B

111ms
110ms

Image
image/gif

23.48.145.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=47810959-a7f7-4ece-b111-54b36b686fd6&rd=Y

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun

Protocol

Server

23.48.145.72 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-48-145-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Fri, 08 Mar 2024 02:03:21 GMT
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:21 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=47810959-a7f7-4ece-b111-54b36b686fd6&rd=Y
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:21 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Fri, 08 Mar 2024 02:03:21 GMT

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 744E
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=47810959-a7f7-4ece-b111-54b36b686fd6
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=47810959-a7f7-4ece-b111-54b36b686fd6
https://match.deepintent.com/usersync/129/store?id=&ext1=liveintent&ext2=b6e79ae8-437d-4419-9003-75f76db0c8f9
https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_82b247911e2b4f3a97575&ssp=liveintent&bsw_param=b6e79ae8-437d-4419-9003-75f76db0c8f9
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b6e79ae8-437d-4419-9003-75f76db0c8f9

43 B
641 B

34ms
29ms

Image
image/gif

34.194.198.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b6e79ae8-437d-4419-9003-75f76db0c8f9

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun

Protocol

HTTP/1.1

Server

34.194.198.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-198-162.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:03:21 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=b6e79ae8-437d-4419-9003-75f76db0c8f9
Date: Fri, 08 Mar 2024 02:03:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 744E 43 B
588 B 191ms
25ms Image
image/gif 216.200.232.253
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=36&47810959-a7f7-4ece-b111-54b36b686fd6
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.200.232.253 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1549 cea2cde master ord ord-pixel-x57 config_version:"539" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:03:21 GMT
Server: MT3 1549 cea2cde master ord ord-pixel-x57 config_version:"539"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 08 Mar 2024 02:03:20 GMT

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 744E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042

43 B
548 B

211ms
35ms

Image
image/gif

2600:1f18:ed:550f:5ece:406:5bf2:1b8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:5ece:406:5bf2:1b8a Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Fri, 08 Mar 2024 02:03:21 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042
Date: Fri, 08 Mar 2024 02:03:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 744E 43 B
363 B 201ms
28ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04sx?duid=fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2&euns=0&s=&gpp_s=DBABLA~BVQqAAAACgA.QA&gpp_as=7&version=v2.13.1&cd=.cargosv.fun

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:20 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 358152
expires: Fri, 08 Mar 2024 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403040101/ 432 KB
136 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59d765f34e5567e705d252b46679f2a6e49127071d9d5bf30a70a548fe06063d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 23:20:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9763
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139120
x-xss-protection: 0
server: cafe
etag: 5619017089063392896
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Mar 2025 23:20:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 69 B
82 B 94ms
66ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shadow.cargosv.fun

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3b5eb6842bb6f1fb790c77ee7cece8d1983d5069f40ab5ecc1a75bfa5aceee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58
x-xss-protection: 0
expires: Fri, 08 Mar 2024 02:03:20 GMT

GET
H2 200 pixel;r=1589001102;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fshadow.cargosv.fun%2F;uht=2;fpan=1;fpa=P0-635650359-1709863400875;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;gpp=DBABLA~B...
pixel.quantserve.com/ 35 B
455 B 55ms
14ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1589001102;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fshadow.cargosv.fun%2F;uht=2;fpan=1;fpa=P0-635650359-1709863400875;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;gpp=DBABLA~BVQqAAAACgA.QA;gpp_sid=7;ref=;d=cargosv.fun;dst=0;et=1709863401073;tzo=600;ogl=;ses=ddd576b5-c8ed-48fa-be75-4669b0c36007;mdl=

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:21 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 conf.js Show response
config.anyclip.com/anyclip-widget/config/2091/0011r00002KyO15AAF_M8137/ 38 KB
6 KB 43ms
31ms Script
application/javascript 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://config.anyclip.com/anyclip-widget/config/2091/0011r00002KyO15AAF_M8137/conf.js?cb=652502
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 86e5d06ebe28cff77bfda45d52cf33373b002dd09db437f1c9c2ccff3cd8f1cb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: s185HvtisCpYJQJwcorfO435Nh2gzLrM
content-encoding: gzip
date: Fri, 08 Mar 2024 02:03:21 GMT
x-amz-request-id: 7A4HMQQGJN401MXZ
age: 11
x-amz-server-side-encryption: AES256
x-amz-meta-updatedby: yahalom+admin@anyclip.com
content-length: 5525
x-amz-id-2: upiyoXxDS1NtPz4LLygSJLx1VYuEd7Eo9gBkn1Dzz/H0WdxfRj/AgXqsMzLmqSkqclzL4UfVGMu6jb4MIKeYJGMwf9SKy3D79H3fUmBT+Ns=
last-modified: Tue, 05 Mar 2024 19:22:27 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=1800
accept-ranges: bytes
x-llid: 5799f8d26e985a56ed21cb5efe7bf7ff
expires: Fri, 08 Mar 2024 02:33:10 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
198 B 221ms
46ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=96&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 224ms
49ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?dom=shadow.cargosv.fun&cke=true&lan=en-US&plat=Win32&net=-&ver=js4.1.23.1551&dev=desktop&os=Windows&bw=Chrome%2C122&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F122.0.6261.111+Safari%2F537.36&url=https%3A%2F%2Fshadow.cargosv.fun%2F&ty=data&rt=98&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 177ms
45ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/3.2.2-amazon-fix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:37:10 GMT
content-encoding: gzip
via: 1.1 76a7fdbced88b6eccf433c4e386bae40.cloudfront.net (CloudFront), 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:42 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
age: 1572
x-amz-server-side-encryption: AES256
etag: W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: R87XKdt-eWpr4aqOkMzRTpC7sKdgxXBHkpvhcnJbt1BtJgoHRDF9XQ==

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2752e76f-a6e6-4a0f-965d-8c1ff727af2d%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2752e76f-a6e6-4a0f-965d-8c1ff727af2d&uid=b6e79ae8-437d-4419-9003-75f76db0c8f9

183 B
387 B

406ms
97ms

Script
text/javascript

52.37.234.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2752e76f-a6e6-4a0f-965d-8c1ff727af2d&uid=b6e79ae8-437d-4419-9003-75f76db0c8f9
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Server: 52.37.234.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-234-199.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b39e28335717263a622e35466dff8980ffe7e6043ab774e8e1004ef3d9949a32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 02:03:21 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

Location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2752e76f-a6e6-4a0f-965d-8c1ff727af2d&uid=b6e79ae8-437d-4419-9003-75f76db0c8f9
Date: Fri, 08 Mar 2024 02:03:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H2 200 445.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 369ms
113ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a51c48f40d1b72d59e2f1d25d089eb3de18a51c7947a84c12104a9a64fdd62cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://shadow.cargosv.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://shadow.cargosv.fun
date: Fri, 08 Mar 2024 02:03:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin
content-type: application/json

GET
H2 400 fed Show response
ups.analytics.yahoo.com/ups/58491/ 0
364 B 190ms
33ms XHR
application/json 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58491/fed?v=1&1p=1&url=https%3A%2F%2Fshadow.cargosv.fun%2F&puid=2752e76f-a6e6-4a0f-965d-8c1ff727af2d&pixelId=58491&gdpr=0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)

Requested by

Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://shadow.cargosv.fun
content-type: application/json
access-control-allow-credentials: true
content-length: 0

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=001Pg000007WiptIAC&src=pbjs&ver=8.7.0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)
https://lexicon.33across.com/v1/envelope?pid=001Pg000007WiptIAC&src=pbjs&ver=8.7.0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)&b=1&g=q1xWbUTZm7V0kWV52EmQXMh...

42 B
138 B

56ms
53ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=001Pg000007WiptIAC&src=pbjs&ver=8.7.0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)&b=1&g=q1xWbUTZm7V0kWV52EmQXMhNCGBNvFE0b7fI8HFO4EA%3D
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 08 Mar 2024 02:03:21 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://shadow.cargosv.fun
location: https://lexicon.33across.com/v1/envelope?pid=001Pg000007WiptIAC&src=pbjs&ver=8.7.0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)&b=1&g=q1xWbUTZm7V0kWV52EmQXMhNCGBNvFE0b7fI8HFO4EA%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 540ms
128ms XHR
application/octet-stream 52.26.243.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.26.243.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-26-243-12.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadow.cargosv.fun/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 08 Mar 2024 02:03:21 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
BLOB 200
OK 336845f1-d949-4c9f-93f8-0510708d19c8
https://shadow.cargosv.fun/ 417 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://shadow.cargosv.fun/336845f1-d949-4c9f-93f8-0510708d19c8
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 417
Content-Type

OPTIONS
H2 200 authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame 0
0 142ms
27ms Preflight
text/plain 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://shadow.cargosv.fun
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 08 Mar 2024 02:03:21 GMT

POST
H2 401 authorize Show response
trafficmanager.anyclip.com/trafficmanager/api/authorization/ 157 B
359 B 25ms
25ms Fetch
text/html 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash: 9538dc85758895cccf2c8a3d0a416d812aeb80bd74c9587852c9752d8d512869

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://shadow.cargosv.fun
date: Fri, 08 Mar 2024 02:03:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 157
access-control-allow-methods: GET,POST
content-type: text/html

GET
H2 200 / Show response
ipv4.icanhazip.com/ 14 B
383 B 126ms
37ms XHR
text/plain 104.16.184.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.icanhazip.com/
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.184.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e21dae1cafd0af8a721674c2250d57f7c091c5e28bf993f012a69177af3649c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: *
cf-ray: 860f3f93abffc348-EWR
alt-svc: h3=":443"; ma=86400
content-length: 14

HEAD
H2 200 adlib.min.js Show response
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 0
565 B 106ms
18ms Fetch
application/javascript 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/adlib.min.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Fri, 08 Mar 2024 02:28:34 GMT
x-amz-version-id: AK5RR4lgfZKexTiN0kaDvZ8qULWIxAax
date: Fri, 08 Mar 2024 02:03:21 GMT
x-amz-request-id: RVKC5TK1SY6178TF
age: 12887
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 86c1382cc74663a9c05ce4172d438f252b16f01b82a20cfa0edb2da2778db462
content-length: 32
x-amz-id-2: KL0erKkWX2SkRtHhgVokTz2jCXRtHQ3LpED9fzZni6F8UnlTi1C5w2QwKsBSNg824u39STj1lT4=
last-modified: Mon, 18 Dec 2023 12:51:04 GMT
server: AmazonS3
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=14400
accept-ranges: bytes
x-llid: cc07797871abbec9dfb9d43c02bb3f34
x-amz-meta-s3b-last-modified: 20181210T110233Z

GET
H2 200 362290 Show response
vid.springserve.com/vast/ 22 B
437 B 132ms
30ms Fetch
application/xml 3.223.33.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/362290
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.33.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-33-13.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Mar 2024 02:03:21 GMT
access-control-allow-credentials: true
server: nginx
content-length: 22
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame CD3D 298 KB
74 KB 49ms
48ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:37:10 GMT
content-encoding: gzip
via: 1.1 76a7fdbced88b6eccf433c4e386bae40.cloudfront.net (CloudFront), 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:42 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
age: 1572
x-amz-server-side-encryption: AES256
etag: W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: v8gRH9nPjfO4qukFqLlU7Z6jjCoEaLvc-MgzGj8q5n8b7pvaWsOSoQ==

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 30ms
30ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=342&val=0&wnx=0&abc=&ty=blo&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 152ms
80ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 39d758eb6fbd8466b92ecd488bb7af24.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: wb9EnMwAbGbbL41csMX0bNELuX3oA5_5H7WsnF-krOVbVmHVfLXQ0Q==

GET
H2 200 3067 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
798 B 92ms
18ms Script
application/javascript 108.138.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3067
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-70.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e9310a629534c1e9799c7721716158e3dc0abd1d44d926b542cb2ac3f694e255

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:22:24 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 2457
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: WrMGHi86Q2Szm0GD1HJwGrxU6GivwmBNamwUhztx4TBv085rNRJ6dQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 196 B
555 B 31ms
30ms XHR
application/json 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3067&u=https%3A%2F%2Fshadow.cargosv.fun
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: d8e316a12b2adcea483bec9acbaeef3d9b47e8df718695e057d7cd3b1de0777a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 22:35:17 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P4
age: 12484
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 196
x-amz-cf-id: yin-iv71p-lRs82CW8ghCOeI4rNEPI87CYj1thf7zYr_rTsVI2pizg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame CD3D 6 KB
3 KB 125ms
81ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 39d758eb6fbd8466b92ecd488bb7af24.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: kQCisegGw3ZtBq3hfU4UaagRhwSG2_Q_ITJwrC9p17uF9R8D-f9vIw==

GET
H2 200 171208af-037d-48f1-af92-1c24c2ee644a Show response
config.aps.amazon-adsystem.com/configs/ Frame CD3D 563 B
830 B 68ms
20ms Script
application/javascript 108.138.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/171208af-037d-48f1-af92-1c24c2ee644a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-70.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 15b83ea2548680d628cba8c7d7b3aaad35ca5676c96a70a09357928e88fe6203

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:22:45 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 2436
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: gCUfYkUtPeKxWo5ZLClfuvjNHy3_wUfwlOXdPZnCA73gOMrTToLplQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame CD3D 2 KB
2 KB 30ms
29ms XHR
application/json 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshadow.cargosv.fun&pubid=171208af-037d-48f1-af92-1c24c2ee644a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: 317cf0833f32e0ecf640cc03f4f7026a56de3930d99655e5363baebba2a5f529

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 22:35:17 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P4
age: 12484
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1758
x-amz-cf-id: XTyX-NHH9kA16CLV-GC1uVmBnSI8WXUKpy2rJMWAQxJWcE59h5tlgw==

GET
H2 200 display-ads-manager.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 26 KB
8 KB 28ms
27ms Script
application/javascript 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/display-ads-manager.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 3c2869a65dc53b18b1ce7b7e4a267ead706b0ddd9ba0a721758e668c2750dc46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: Z067Z.y8A5wLMuERZ3l6LbkNcpxTspXp
content-encoding: gzip
date: Fri, 08 Mar 2024 02:03:21 GMT
x-amz-request-id: AN2JY90S63EMN369
age: 113554
x-amz-server-side-encryption: AES256
content-length: 8050
x-amz-id-2: ohlxTWLTYYWhWJQSJT5/nl8gKYY+EQsrZr6qZtq3uwOLYq2riV9fAoHtEWEKTUA499ojdDRmV8P6GkqVcvwPCg==
last-modified: Wed, 28 Feb 2024 08:39:10 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
x-llid: 2e3612a23a89f0167e9e0ebd49f11594
expires: Wed, 06 Mar 2024 18:31:47 GMT

GET
H2 200 prebid.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 509 KB
161 KB 24ms
18ms Script
application/javascript 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/prebid.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/display-ads-manager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 24fc863a025dc2719d6e7f517e3ff688f37eb8a5f9f245a318dbcecedd867021

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: ptiOmuQvcZVs42A1HAgYsM6pzsp9YrBg
content-encoding: gzip
date: Fri, 08 Mar 2024 02:03:21 GMT
x-amz-request-id: AN2ZQQCW17AH8J3K
age: 113554
x-amz-server-side-encryption: AES256
content-length: 163954
x-amz-id-2: tuFidUEJJX4yeCm++Prs80kj2XraEpPZb121fROv6/wdUojDGYWnN1Pc6tHSqYnENS1HgymUU8E=
last-modified: Wed, 28 Feb 2024 08:39:10 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
x-llid: be1836e5e4493205793ebfe3486b0d4d
expires: Wed, 06 Mar 2024 18:31:47 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame CD3D 54 KB
17 KB 130ms
45ms Script
application/javascript 104.91.115.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.91.115.179 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-91-115-179.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 08 Mar 2024 02:18:21 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame CD3D 39 KB
39 KB 186ms
65ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 23:09:07 GMT
via: 1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 10455
x-amz-server-side-encryption: AES256
etag: "0f107a0e7753aa69cd07ded21852408c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 39773
x-amz-cf-id: cnlOcKOTXzmxlvui0TsdlVutVG4fHTqb5-f3u25S9igG_R9ECbUf_w==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame CD3D 55 KB
10 KB 126ms
51ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fshadow.cargosv.fun%2F&_it=amazon&partner_id=170
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
server: cloudflare
x-amz-request-id: GPA71GZPJYF3GMCR
age: 3951
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 860f3f94695c438d-EWR
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 24ms
22ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=477&val=ac&wnx=0&abc=&ty=ami&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

OPTIONS
H2 200 authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame 0
0 42ms
41ms Preflight
text/plain 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://shadow.cargosv.fun
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 08 Mar 2024 02:03:21 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 40ms
39ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=512&val=agw&wnx=0&abc=&ty=stf&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

POST
H2 401 authorize Show response
trafficmanager.anyclip.com/trafficmanager/api/authorization/ 157 B
359 B 49ms
46ms Fetch
text/html 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash: 9538dc85758895cccf2c8a3d0a416d812aeb80bd74c9587852c9752d8d512869

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://shadow.cargosv.fun
date: Fri, 08 Mar 2024 02:03:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 157
access-control-allow-methods: GET,POST
content-type: text/html

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 33ms
32ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=521&val=0&wnx=0&abc=&ty=wre&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 34ms
33ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=533&val=400&wnx=0&abc=&ty=psw&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 62ms
61ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=533&val=225&wnx=0&abc=&ty=psh&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 31ms
30ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=539&val=&wnx=0&abc=&ty=cuc&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ Frame CD3D 96 B
288 B 48ms
47ms XHR
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=170&sync=0&domain=shadow.cargosv.fun&url=about:blank
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fshadow.cargosv.fun%2F&_it=amazon&partner_id=170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27885906bcae862bc82b48b7a7caafc08c096725fe4feb75c9dc8266d4c7f3fd

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 860f3f95dc404240-EWR

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 162ms
30ms Preflight
application/json 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=170&sync=0&domain=shadow.cargosv.fun&url=about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 860f3f959be84240-EWR
content-length: 0
content-type: application/json
date: Fri, 08 Mar 2024 02:03:21 GMT
debug: OPTIONS block
expires: Sat, 08 Mar 2025 02:03:21 GMT
server: cloudflare

OPTIONS
H2 200 authorize
trafficmanager.anyclip.com/trafficmanager/api/authorization/ Frame 0
0 68ms
67ms Preflight
text/plain 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://shadow.cargosv.fun
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 08 Mar 2024 02:03:21 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 64ms
63ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=613&val=agw&wnx=0&abc=&ty=stf&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

POST
H2 401 authorize Show response
trafficmanager.anyclip.com/trafficmanager/api/authorization/ 157 B
359 B 50ms
50ms Fetch
text/html 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash: 9538dc85758895cccf2c8a3d0a416d812aeb80bd74c9587852c9752d8d512869

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://shadow.cargosv.fun
date: Fri, 08 Mar 2024 02:03:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 157
access-control-allow-methods: GET,POST
content-type: text/html

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame CD3D 156 B
615 B 115ms
48ms XHR
application/json 44.215.73.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.215.73.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-215-73-61.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a5ca779f12485b61626cb1e90bdcc2f798094a27858709d8d71d89c5372e03f3

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: no-cache
x-server: 10.40.56.99
access-control-allow-credentials: true
content-length: 156
expires: 0

OPTIONS
H2 200 playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 0
0 34ms
29ms Preflight
text/plain 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://shadow.cargosv.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://shadow.cargosv.fun
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Fri, 08 Mar 2024 02:03:21 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 34ms
28ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=736&val=agw&wnx=0&abc=&ty=stf&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

POST
H2 200 playlist Show response
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 91 B
292 B 56ms
55ms Fetch
application/json 3.234.78.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/vendor.858fa16b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.78.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-78-133.compute-1.amazonaws.com
Software: /
Resource Hash: 94a239ffd132907ea66b61c9ec6dad26c485b056dcbf0fca9d9859a2637f0fd8

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://shadow.cargosv.fun
date: Fri, 08 Mar 2024 02:03:21 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 91
access-control-allow-methods: GET,POST
content-type: application/json

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 28ms
27ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=736&val=0&wnx=0&abc=&ty=prq&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 170 Show response
a.ad.gt/api/v1/u/matches/ Frame CD3D 13 KB
4 KB 569ms
378ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/170?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fshadow.cargosv.fun%2F&_it=amazon&partner_id=170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2df5cca177dfc586ea29e35c59c4c51e86df621eee9572f27dbcaf9c2b837a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Mar 2024 01:58:42 GMT
server: cloudflare
age: 259
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 860f3f975b9a17a9-EWR

GET 16bb9f7c-dbda-4557-9432-ead848241439
https://shadow.cargosv.fun/ 0
0

GET
H2 200 1695045809891_84x48_thumbnail.jpg
cdn5.anyclip.com/FdiY1IgB8HvIzmRNK4zs/ 1 KB
2 KB 158ms
128ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/FdiY1IgB8HvIzmRNK4zs/1695045809891_84x48_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 33ea6fcc0872bdaef4e0636e481442e9638797a2f6469f855a00abf823075d85

Request headers

Referer: https://shadow.cargosv.fun/
Origin: https://shadow.cargosv.fun
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 18 Sep 2023 14:03:30 GMT
server: AmazonS3
x-amz-request-id: 4SHB335VRRWJ82Z4
age: 88697
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 1420
x-amz-id-2: AlqaftjZ+p/tV7JuckXMKkZxF4k9qYzfTX+r3p++Cr1a5T6KwRGhcnBGwa1SXPO5wGswBksLba0=
x-llid: d4c444fc0e5778bbee386f9f73de16bb
expires: Fri, 08 Mar 2024 01:25:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 33ms
29ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=841&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3Anull%2C%22os%22%3Anull%2C%22hw%22%3Anull%7D%7D&wnx=0&abc=&ty=prs&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 32ms
28ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=841&val=0&wnx=0&abc=&ty=fbu&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 35ms
32ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=842&val=0&wnx=0&abc=&ty=pll&v=0&ext=&ta=1&lnx=0&us=&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 1695045809721_248x140_thumbnail.jpg
cdn5.anyclip.com/FdiY1IgB8HvIzmRNK4zs/ 6 KB
7 KB 120ms
95ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/FdiY1IgB8HvIzmRNK4zs/1695045809721_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 646d1f80a7056685c03302899e1cc97a447a00e5b0defe3a457979f10c7bf06b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 18 Sep 2023 14:03:30 GMT
server: AmazonS3
x-amz-request-id: QXAA92FCFCAVZ0TW
age: 106723
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 6534
x-amz-id-2: JPiag01sEmCUO9zBGuGCHd0RMggO40SYeIa1arY9qkxAq/wilkQyXGdS0i4j8dIKfkme+iB+RcI=
x-llid: 9be1916eb35a83a4f05d1b855534b280
expires: Thu, 07 Mar 2024 20:24:38 GMT

GET
H2 200 1687191182331_248x140_thumbnail.jpg
cdn5.anyclip.com/aIBu1IgB4RJclHylPtym/ 9 KB
9 KB 68ms
44ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/aIBu1IgB4RJclHylPtym/1687191182331_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: ca2b2e449f1ab81126614c35690edb469d8e1a65307e076de6ad91fa82b01f7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 19 Jun 2023 16:13:03 GMT
server: AmazonS3
x-amz-request-id: EZKA47ERS4XTNE57
age: 18459
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 9216
x-amz-id-2: 3XdBpfILcK/A9urQfNtrTW5hciKprlWvJwZryaafxfOigyBS779nRlMD4AyX1SMl1G0a5xQ6U7M=
x-llid: 1d0c003a2f087779a0fe150572d8703e
expires: Fri, 08 Mar 2024 20:55:42 GMT

GET
H2 200 1700686424480_248x140_thumbnail.jpg
cdn5.anyclip.com/HYGT1IgB4RJclHylWhWb/ 9 KB
9 KB 73ms
49ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/HYGT1IgB4RJclHylWhWb/1700686424480_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: b1bb411bec902e6adafddb55faaba00d0f82f78f61249305195c1e99caf141d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Wed, 22 Nov 2023 20:53:45 GMT
server: AmazonS3
x-amz-request-id: 7VRPNSC0QKHGVVSH
age: 190618
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 8813
x-amz-id-2: LB2oPDQJ0SbnYYnISZ8+FfCYAwdmt3DTAEaeXWbazIhZnVoXKGACvWdMCqtERXDAjovsL9PxVzQ=
x-llid: 592a6bb440dc60fade8c47be7b2814f0
expires: Wed, 06 Mar 2024 21:06:23 GMT

GET
H2 200 1695046139864_248x140_thumbnail.jpg
cdn5.anyclip.com/S4Gc1IgB4RJclHylvCOS/ 12 KB
13 KB 63ms
39ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/S4Gc1IgB4RJclHylvCOS/1695046139864_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 25cebaf206f947b51597d657bfbf02f90f2ee6dfd16192263421cefc2f528e8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:21 GMT
last-modified: Mon, 18 Sep 2023 14:09:00 GMT
server: AmazonS3
x-amz-request-id: JJAPG0P8Y86DAC1W
age: 32943
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 12521
x-amz-id-2: F02odv58VO3RFFxfB6q9W/p3c+AfGeusWpM1FX1jsRTffrbz/05KJMUfV/shoUBZ28DOhODbxgC/9DyW/rLgEQ==
x-llid: 11fa9fcf1f0cd671539cae0e9c1cb88d
expires: Fri, 08 Mar 2024 16:54:18 GMT

GET
H2 200 1687198057306_248x140_thumbnail.jpg
cdn5.anyclip.com/MIHX1IgB4RJclHylKXxV/ 14 KB
15 KB 126ms
102ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/MIHX1IgB4RJclHylKXxV/1687198057306_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 30c1168ae02c2321e4ca0439999722f854c537720a0813c60a7bee6d9c4ff8d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 19 Jun 2023 18:07:38 GMT
server: AmazonS3
x-amz-request-id: 6QWCFD4FS2NFG3YC
age: 243467
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 14827
x-amz-id-2: pzs3gygEQ5pY43GOeB+AgrMS2+y30XtwAsR4cmOU27B/kb33ri3W0Qft1VsQ7opDzICYKPih0w3bNz5HDPFnZw==
x-llid: 260e55755e7bb186bf47862a0afbf12a
expires: Wed, 06 Mar 2024 06:25:35 GMT

GET
H2 200 1696258840980_248x140_thumbnail.jpg
cdn5.anyclip.com/QNit1IgB8HvIzmRN7a9y/ 16 KB
17 KB 110ms
109ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/QNit1IgB8HvIzmRN7a9y/1696258840980_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: f91ffdd7d3782908e287077d82768220411e61f82f036450c0aeabccefe34a43

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 02 Oct 2023 15:00:41 GMT
server: AmazonS3
x-amz-request-id: RNXSMR21335PDJH0
age: 124053
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 16615
x-amz-id-2: lyQa8CM81UCrCVJSgRd7tbk6lGtfxjuiMBFgvaR/uaouRaKAszxPIV3TBsYl8ewii2QXJiU93f0=
x-llid: f3a1913b4b2d07a9d77f48eb14e91fa7
expires: Thu, 07 Mar 2024 15:35:49 GMT

GET
H2 200 1687193410371_248x140_thumbnail.jpg
cdn5.anyclip.com/TtiQ1IgB8HvIzmRNN39y/ 17 KB
18 KB 93ms
93ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/TtiQ1IgB8HvIzmRNN39y/1687193410371_248x140_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: b8b3084e7a5a9c9392a6c432c2cfb6d1b87c4fd0a240ae3c20cfeca7335fdbb2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 19 Jun 2023 16:50:11 GMT
server: AmazonS3
x-amz-request-id: DNFETWZ7WY8QNPFV
age: 32712
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 17608
x-amz-id-2: YJdpYMKeg8gC8CXlBjNOPquVnffEfrWVA2Z62YPJIReMxH0XbqPrp67Xr0lvoVItJ0nreLKlE0XJeonxtty42w==
x-llid: ebe82f46c2974eec831eee4e26818114
expires: Fri, 08 Mar 2024 16:58:10 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 234ms
234ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=izsgswjrjftueociozexu3ksjzfti6tt&inx=0&rt=1031&val=&wnx=1&abc=&ty=pli&v=0&ext=&ta=1&lnx=0&us=&csr=playerfb&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B32C 298 KB
74 KB 155ms
155ms Script
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:37:10 GMT
content-encoding: gzip
via: 1.1 76a7fdbced88b6eccf433c4e386bae40.cloudfront.net (CloudFront), 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:42 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK52-P4
age: 1573
x-amz-server-side-encryption: AES256
etag: W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Za4hz0U3Awef7bD78soaRPt5Q9iKRDXvsZ31fObDJKgnizl4LZw8dw==

GET
BLOB 200
OK 59f11735-1688-4366-9ef7-a261e0b41713
https://shadow.cargosv.fun/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://shadow.cargosv.fun/59f11735-1688-4366-9ef7-a261e0b41713
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9c21f73e5781b07e9ae478497472051a87ee326e95761bb2d82387b07cbbcf6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 5905
Content-Type: application/javascript

GET
BLOB 200
OK 48d55e80-a864-45f5-a953-540916cf4f20
https://shadow.cargosv.fun/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://shadow.cargosv.fun/48d55e80-a864-45f5-a953-540916cf4f20
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3272531e444c93e2c185e1540dd7414ae3661bcaa03af98217f81b5f6c13df

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 80204
Content-Type: application/javascript

GET
BLOB 200
OK 84987dff-8df0-4f26-98ef-29266d0e1b76
https://shadow.cargosv.fun/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://shadow.cargosv.fun/84987dff-8df0-4f26-98ef-29266d0e1b76
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3272531e444c93e2c185e1540dd7414ae3661bcaa03af98217f81b5f6c13df

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 80204
Content-Type: application/javascript

GET
H2 200 1695045809891_84x48_thumbnail.jpg
cdn5.anyclip.com/FdiY1IgB8HvIzmRNK4zs/ 1 KB
2 KB 169ms
169ms Image
image/jpeg 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/FdiY1IgB8HvIzmRNK4zs/1695045809891_84x48_thumbnail.jpg?wid=0011r00002KyO15AAF_M8137
Requested by: Host: shadow.cargosv.fun
URL: https://shadow.cargosv.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 33ea6fcc0872bdaef4e0636e481442e9638797a2f6469f855a00abf823075d85

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 18 Sep 2023 14:03:30 GMT
server: AmazonS3
x-amz-request-id: 4SHB335VRRWJ82Z4
age: 88697
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 1420
x-amz-id-2: AlqaftjZ+p/tV7JuckXMKkZxF4k9qYzfTX+r3p++Cr1a5T6KwRGhcnBGwa1SXPO5wGswBksLba0=
x-llid: ed373f0b9976f8654e0234a20baa1020
expires: Fri, 08 Mar 2024 01:25:05 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B32C 6 KB
3 KB 39ms
39ms XHR
application/javascript 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 39d758eb6fbd8466b92ecd488bb7af24.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P4
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: na1tM2_uoITF72-6GM8BMIc8fBFQZ8jT4orO8O4CsOYoBlWpzUBuNQ==

GET
H2 200 3067 Show response
config.aps.amazon-adsystem.com/configs/ Frame B32C 531 B
797 B 38ms
37ms Script
application/javascript 108.138.106.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3067
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-70.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e9310a629534c1e9799c7721716158e3dc0abd1d44d926b542cb2ac3f694e255

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:22:24 GMT
via: 1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 2458
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: iduzOA2Ley1E-B7POpepfO8cK3-jWXwSZVdsSKEjXBt8g5c_xdYsiQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame B32C 196 B
556 B 55ms
55ms XHR
application/json 18.238.63.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3067&u=https%3A%2F%2Fshadow.cargosv.fun
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-63-215.jfk52.r.cloudfront.net
Software: Server /
Resource Hash: d8e316a12b2adcea483bec9acbaeef3d9b47e8df718695e057d7cd3b1de0777a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 22:35:18 GMT
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P4
age: 12484
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 196
x-amz-cf-id: tLuP7bS0OHGVOP8uJ5S9fddfeGiHbcYzm8dWztQ53KrRp59GjYTxGA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame B32C 23 B
359 B 559ms
113ms XHR
text/javascript 18.164.92.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3067&u=https%3A%2F%2Fshadow.cargosv.fun%2F&pid=yqy0XxnMpv2g3&cb=0&ws=0x8&v=24.305.1002&t=2000&slots=%5B%7B%22id%22%3A%22InstreamSlot1%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%220x0%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=4eda5ee7-e531-4080-8d2e-6df6aff9df66&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%22060fki6dhja8hebk9cd86ea6jbcha76d68hoyu0kswe4smgy6ik40me0wgise20k0%22%2C%22id5%22%3A%22ID5*AACVmaNDVDosVk1ZJVWAQMpvqxvzG4foK3LVC1lFrw-Kbx_hEdN-PQhbc6AHOB6qinFKTQpGfzGAZXg3ctQdJg%22%2C%22pubcommon%22%3A%222752e76f-a6e6-4a0f-965d-8c1ff727af2d%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.92.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-92-122.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://shadow.cargosv.fun
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Y2j5W-U4Y3nEgrVKBYjB27VmniRPHWQrd05vC5xM3pa7_NAZtOCRhw==

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 261 KB
90 KB 127ms
126ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-Y5DKGQ1D0H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXC5GP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a2111492653d77a541146f8517f1a0b2e9857e65223c20b0a3e3a8ef76a1da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91711
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 02:03:22 GMT

GET
H2 200 sync.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ Frame 2A04 7 KB
3 KB 82ms
82ms Script
application/javascript 69.164.46.185
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.164.46.185 New York, United States, ASN22822 (LLNW, US),
Reverse DNS: https-69-164-46-185.jfk.llnw.net
Software: AmazonS3 /
Resource Hash: 4c545cbf0801ffc734bd05fda75b01d4c22f3bd7c5984665be341d23ea2e7e1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: giGpsugQ3npYu.ByXsEvJP76x.ysjsQk
content-encoding: gzip
date: Fri, 08 Mar 2024 02:03:22 GMT
x-amz-request-id: AN2ND63M25WV4E6S
age: 113444
x-amz-server-side-encryption: AES256
content-length: 2372
x-amz-id-2: 5JApTz+0SNHaVtcNXbGvVusd2hZIjBC5JmUFf9JAv7Fvbrtj0LIq/1rCK9acyIQ7ARf6nfmnPO4=
last-modified: Wed, 28 Feb 2024 08:39:10 GMT
server: AmazonS3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
x-llid: 213f9cfd3dbf52f4fb242ccfe1cdb3d4
expires: Wed, 06 Mar 2024 18:33:38 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 2A04 108 B
699 B 36ms
35ms Fetch
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 578d77ec13a4e1e873d4ee91bba3637f3c0d92cce8fb3c6a23e3b14f47678a7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 07 Apr 2024 02:03:22 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
256 B 56ms
24ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Y5DKGQ1D0H&gtm=45je4360v878538942z871213628za220&_p=1709863398660&gcs=G111&gcd=13n3n3l3l5&npa=0&dma=0&cid=1896152150.1709863403&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709863402&sct=1&seg=0&dl=https%3A%2F%2Fshadow.cargosv.fun%2F&dt=Dictionary.com%20%7C%20Meanings%20%26%20Definitions%20of%20English%20Words&en=Scroll_100%25&_fv=1&_nsi=1&_ss=1&tfd=4956
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-Y5DKGQ1D0H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame CD3D 55 KB
10 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=170&sync=1&url=about%3Ablank
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 07 Mar 2024 15:57:22 GMT
server: cloudflare
x-amz-request-id: GPA71GZPJYF3GMCR
age: 3952
etag: W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 860f3f9a683f438d-EWR
x-amz-id-2: wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=

GET
H2 200 170 Show response
p.ad.gt/api/v1/p/ Frame CD3D 41 KB
14 KB 109ms
50ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/170
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/170?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5364550fbbf56799efc02fd29d90d82fd34e949f9838dc2d2c4f6076d80c77

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Mar 2024 01:58:50 GMT
server: cloudflare
age: 214
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 860f3f9ade528c35-EWR

GET
H2

200

match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709863403-ONG8F54L-E74O&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001709863403-ONG8F54L-E74O%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709863403-ONG8F54L-E74O&adnxs_id=5196601779978546656&gdpr=0

43 B
170 B

148ms
146ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709863403-ONG8F54L-E74O&adnxs_id=5196601779978546656&gdpr=0
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9b08f94223-EWR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:22 GMT
an-x-request-uuid: 2f0ed390-379d-48f6-b50e-c622febda14e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001709863403-ONG8F54L-E74O&adnxs_id=5196601779978546656&gdpr=0
x-proxy-origin: 5.181.234.133; 5.181.234.133; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001709863403-ONG8F54L-E74O&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&id=AU1D-0100-001709863403-ONG8F54L-E74O

43 B
95 B

273ms
202ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&id=AU1D-0100-001709863403-ONG8F54L-E74O
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9b08f64223-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&id=AU1D-0100-001709863403-ONG8F54L-E74O
date: Fri, 08 Mar 2024 02:03:22 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709863403-ONG8F54L-E74O
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001709863403-ONG8F54L-E74O
https://ids.ad.gt/api/v1/pbm_match?pbm=54227198-F8F3-4538-8E23-DB4813BF5A78&id=AU1D-0100-001709863403-ONG8F54L-E74O

43 B
95 B

167ms
166ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=54227198-F8F3-4538-8E23-DB4813BF5A78&id=AU1D-0100-001709863403-ONG8F54L-E74O
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9b89664223-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=54227198-F8F3-4538-8E23-DB4813BF5A78&id=AU1D-0100-001709863403-ONG8F54L-E74O
date: Fri, 08 Mar 2024 02:03:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame CD3D 0
694 B 199ms
67ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001709863403-ONG8F54L-E74O&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 207e6e3bf58d030312efc0c602ea89b7
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tapad_match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001709863403-ONG8F54L-E74O&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001709863403...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001709863403-ONG8F54L-E74O&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001709...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&ttd_puid=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&tapad_id=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76

43 B
95 B

138ms
137ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&tapad_id=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:23 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9ceaf54223-EWR
content-length: 43
content-type: image/gif

Redirect headers

date: Fri, 08 Mar 2024 02:03:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&tapad_id=9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001709863403-ONG8F54L-E74O
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&google_gid=CAESEN-qNRSK-M1qfgVD-chbEDE&google_cver=1&google_ula=450542624,0

43 B
95 B

156ms
155ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&google_gid=CAESEN-qNRSK-M1qfgVD-chbEDE&google_cver=1&google_ula=450542624,0
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9b794c4223-EWR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&google_gid=CAESEN-qNRSK-M1qfgVD-chbEDE&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CD3D
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001709863403-ONG8F54L-E74O
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwOTg2MzQwMy1PTkc4RjU0TC1FNzRP

170 B
243 B

77ms
77ms

Image
image/png

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwOTg2MzQwMy1PTkc4RjU0TC1FNzRP

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcwOTg2MzQwMy1PTkc4RjU0TC1FNzRP
date: Fri, 08 Mar 2024 02:03:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9b08f74223-EWR
content-type: text/html; charset=utf-8

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001709863403-ONG8F54L-E74O
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001709863403-ONG8F54L-E74O&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACz5k7L1OQAABTtm0Xwfw&id=AU1D-0100-001709863403-ONG8F54L-E74O

43 B
118 B

142ms
142ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACz5k7L1OQAABTtm0Xwfw&id=AU1D-0100-001709863403-ONG8F54L-E74O
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:23 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9c4a424223-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AACz5k7L1OQAABTtm0Xwfw&id=AU1D-0100-001709863403-ONG8F54L-E74O
Date: Fri, 08 Mar 2024 02:03:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame CD3D
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001709863403-ONG8F54L-E74O%26sas_uid%3D%5bsas_uid%5d&gdpr=0
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&sas_uid=[sas_uid]&gdpr=0&cklb=1

0
316 B

185ms
185ms

Image
text/plain

216.22.16.8
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&sas_uid=[sas_uid]&gdpr=0&cklb=1
Protocol: HTTP/1.1
Server: 216.22.16.8 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:22 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001709863403-ONG8F54L-E74O&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:23 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

amo_match
ids.ad.gt/api/v1/ Frame CD3D
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001709863403-ONG8F54L-E74O
https://ids.ad.gt/api/v1/amo_match?turn_id=2629902952733649793&id=AU1D-0100-001709863403-ONG8F54L-E74O

43 B
95 B

128ms
127ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=2629902952733649793&id=AU1D-0100-001709863403-ONG8F54L-E74O
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:23 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 860f3f9c6a704223-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/amo_match?turn_id=2629902952733649793&id=AU1D-0100-001709863403-ONG8F54L-E74O
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 setuid Show response
user-sync-api.anyclip.com/ Frame D8E4 0
137 B 210ms
64ms Document
text/plain 34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=ttd&uid=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadow.cargosv.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store
content-length: 0
date: Fri, 08 Mar 2024 02:03:22 GMT
expires: 0
pragma: no-cache
vary: Origin
x-powered-by: Express

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame CD3D 52 KB
21 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Mar 2024 00:06:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Mar 2024 02:06:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame CD3D 225 KB
81 KB 97ms
97ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81b44372312294e3272531be240223da33f05e6c7c776017559e1c3cd77e5a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Mar 2024 02:03:22 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ Frame CD3D 0
164 B 284ms
141ms XHR
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 08 Mar 2024 02:03:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://shadow.cargosv.fun
access-control-allow-credentials: true
cf-ray: 860f3f9c292dc345-EWR

GET
H2 502 getpixels
pixels.ad.gt/api/v1/ Frame CD3D 0
0 284ms
124ms Script
text/html 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=20fe803606282dab73cd930ad9b68f4e&url=about%3Ablank&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame CD3D 1 KB
962 B 76ms
76ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 02:17:45 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ Frame CD3D 3 KB
1 KB 77ms
77ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 01:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 08 Mar 2024 02:32:31 GMT

GET
H2

200

setuid
user-sync-api.anyclip.com/ Frame 2A04
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BUID%5D
https://user-sync-api.anyclip.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=52f19598-fd91-4508-9aee-ca36628a0963

0
136 B

45ms
45ms

Image
text/plain

34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=52f19598-fd91-4508-9aee-ca36628a0963
Protocol: H2
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:23 GMT
x-powered-by: Express
vary: Origin
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:23 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-20
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://user-sync-api.anyclip.com/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&uid=52f19598-fd91-4508-9aee-ca36628a0963
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 54ms
53ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1823&val=Can%27t+detect+player%27s+size+for+macro&wnx=1&abc=&ty=err&v=0&ext=&ta=1&lnx=0&us=&csr=playerfb&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
197 B 55ms
54ms Image
image/gif 34.230.183.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=izsgswjrjftueociozexu3ksjzfti6tt&inx=0&rt=1826&val=ad%3Dhttps%253A%252F%252Fmarketplace.anyclip.com%252Fv1%252Fwaterfall%253Fsti%253Ds-i4pIsB5G13OqYcPLkz%2526w%253D400%2526h%253D225%2526v%253D0%2526cb%253D601724061%2526pid%253D2091%2526sid%253DwQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm%2526cid%253Dizsgswjrjftueociozexu3ksjzfti6tt%2526wid%253D0011r00002KyO15AAF_M8137%2526dom%253Dshadow.cargosv.fun%2526abc%253D%2526geo%253DUS%2526dev%253D1%2526bw%253D%2526os%253D%2526ip%253D5.181.234.133%2526url%253Dhttps%25253A%25252F%25252Fshadow.cargosv.fun%25252F%2526gdpr%253D%2526consent%253D%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002KyO15AAF%252C1%252C%252C%252C%2526us_privacy%253D%2526utm%253D%2526pl%253Da%2526ima%253D%2524%255Bsps_ima_mode%255D%2526clipPlayCounter%253D1%2526tid%253D%2524%255Btid%255D%2526amznbid%253D%2526amzniid%253D%2526ua%253DMozilla%25252F5.0%252520%2528Windows%252520NT%25252010.0%25253B%252520Win64%25253B%252520x64%2529%252520AppleWebKit%25252F537.36%252520%2528KHTML%25252C%252520like%252520Gecko%2529%252520Chrome%25252F122.0.6261.111%252520Safari%25252F537.36%2526domain%253Dshadow.cargosv.fun%2526page%253D%2524%255Bpage%255D%2526itemid%253D%2524%255Bitemid%255D%2526zone%253D%2524%255Bzone%255D%2526permutive%253D%2524%255Bpermutive%255D%2526dxseg%253D%2524%255Bdxseg%255D%2526key_custom3%253D%2524%255Bcma1%255D%2526gpt%253D%2524%255Bgpt%255D%2526gpp%253DDBABLA%257EBVQqAAAACgA.QA%2526gpp_ver%253D1.1%2526gpp_sl%253D7%2526gpp_as%253D7%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3DwQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm%26imaw%3D0%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fshadow.cargosv.fun%252F%26wf%3D1%26act%3D200%26hap%3D1%26hap_mc%3D-1%26uids%3D1%26af%3D1%26af_dp%3D0.1%26af_am%3Ddynamic%26af_mf%3D0.75%26omid%3D%257B%2522GOOGLE%2522%253A%2522FULL%2522%252C%2522MOAT%2522%253A%2522FULL%2522%257D%26pb_t%3D20000%26gpid%3D0%26spb%3D0&wnx=1&abc=&ty=arq&v=0&ext=&ta=1&lnx=0&us=&csr=playerfb&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=s-i4pIsB5G13OqYcPLkz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.230.183.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-183-154.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:22 GMT
last-modified: Mon, 19 Feb 2024 09:34:02 GMT
server: nginx
etag: "65d3208a-23"
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 35

GET
H2 200 events
marketplace.anyclip.com/v1/ 0
38 B 177ms
53ms Image
text/plain 34.200.9.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?cid=izsgswjrjftueociozexu3ksjzfti6tt&inx=0&rt=1826&val=&wnx=1&abc=&ty=frq&v=0&ext=&ta=1&lnx=0&us=&csr=playerfb&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=s-i4pIsB5G13OqYcPLkz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.9.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-9-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:23 GMT
content-length: 0

GET
H2 200 events
marketplace.anyclip.com/v1/ 0
37 B 172ms
53ms Image
text/plain 34.200.9.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketplace.anyclip.com/v1/events?cid=izsgswjrjftueociozexu3ksjzfti6tt&inx=0&rt=1826&val=&wnx=1&abc=&ty=wfr&v=0&ext=&ta=1&lnx=0&us=&csr=playerfb&sid=wQUkdlOpZ2gTJ4Y8HrOeCoFgwbyjkpOm&pid=2091&wid=0011r00002KyO15AAF_M8137&psi=yxeu6bVWTdk5vwP0i3OUktMUypZ5MYl7&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid&sti=s-i4pIsB5G13OqYcPLkz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.9.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-9-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:23 GMT
content-length: 0

GET
H2 200 f Show response
fid.agkn.com/ Frame 2A04 869 B
1 KB 219ms
87ms Fetch
application/json 34.196.160.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fid.agkn.com/f?apiKey=3000000015
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.160.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-160-213.compute-1.amazonaws.com
Software: AAWebServer /
Resource Hash: 5eca53824744454794511d268559a41d44522a48af30c5a2765342ee9265b644

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:23 GMT
server: AAWebServer
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: https://shadow.cargosv.fun
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 869
expires: 0

GET
H2 200 setuid Show response
user-sync-api.anyclip.com/ Frame 2A8B 0
136 B 79ms
78ms Document
text/plain 34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=neustar&uid=211100604815000765599
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shadow.cargosv.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store
content-length: 0
date: Fri, 08 Mar 2024 02:03:23 GMT
expires: 0
pragma: no-cache
vary: Origin
x-powered-by: Express

GET
H2

200

setuid
user-sync-api.anyclip.com/ Frame 2A04
Redirect Chain

https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%2...
https://user-sync-api.anyclip.com/setuid?bidder=yieldmo&uid=VqmM2__OOM_0_7ALGPUk&gdpr=&gdpr_consent=&us_privacy=

0
136 B

182ms
182ms

Image
text/plain

34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=yieldmo&uid=VqmM2__OOM_0_7ALGPUk&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:23 GMT
x-powered-by: Express
vary: Origin
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:23 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://user-sync-api.anyclip.com/setuid?bidder=yieldmo&uid=VqmM2__OOM_0_7ALGPUk&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

setuid
user-sync-api.anyclip.com/ Frame 2A04
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-anyclip&gdpr=&gdpr_consent=&us_privacy=
https://user-sync-api.anyclip.com/setuid?bidder=rubicon&uid=LTI0ITCP-12-31GR

0
136 B

116ms
116ms

Image
text/plain

34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=rubicon&uid=LTI0ITCP-12-31GR
Protocol: H2
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:24 GMT
x-powered-by: Express
vary: Origin
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://user-sync-api.anyclip.com/setuid?bidder=rubicon&uid=LTI0ITCP-12-31GR
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 1e5551a43c15a2a2988f4ec71599119f
Expires: 0

GET
H2

200

setuid
user-sync-api.anyclip.com/ Frame 2A04
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%...
https://sync.1rx.io/usersync2/rmphb?zcc=1&redir=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%5BRX_UUID%5D&cb=1709863404802
https://ad.turn.com/r/cs?pid=45&rndcb=8150678902
https://sync.1rx.io/usersync/turn/2629902952733649793?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005?redir=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26us...
https://user-sync-api.anyclip.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005

0
136 B

75ms
75ms

Image
text/plain

34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005
Protocol: H2
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shadow.cargosv.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:25 GMT
x-powered-by: Express
vary: Origin
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: 0

Redirect headers

location: https://user-sync-api.anyclip.com/setuid?bidder=rhythmone&gdpr=&gdpr_consent=&us_privacy=&uid=RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005
date: Fri, 08 Mar 2024 02:03:25 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe977d64e8fee44479f7bd53cfa3ca7ba005
content-type: text/html

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 6C6D
Redirect Chain

https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%...
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Do...

1018 B
949 B

114ms
113ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: eb0d460f45aad5e678a98e2fcec72aca298ca7df8ddd0d56462069f868414d5f

Request headers

Referer: https://shadow.cargosv.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 624
content-type: text/html
date: Fri, 08 Mar 2024 02:03:25 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 08 Mar 2024 02:03:25 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 setuid
user-sync-api.anyclip.com/ Frame 6C6D 0
136 B 123ms
109ms Image
text/plain 34.226.254.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync-api.anyclip.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&uid=edfeb1c6-7bee-0445-1dd7-e7407153ef27
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.254.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-254-114.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:25 GMT
x-powered-by: Express
vary: Origin
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6C6D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Zepx7QAKUyIMuABX
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zepx7QAKUyIMuABX&_test=Zepx7QAKUyIMuABX

43 B
61 B

80ms
79ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zepx7QAKUyIMuABX&_test=Zepx7QAKUyIMuABX
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-lga21927-LGA
pragma: no-cache
date: Fri, 08 Mar 2024 02:03:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1709863406.004780,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Zepx7QAKUyIMuABX&_test=Zepx7QAKUyIMuABX
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 40e7584d-52dd-a5e5-478c-31a00f5fe0e3
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6C6D 43 B
602 B 314ms
52ms Image
image/gif 2600:1f18:4e9:5a07:86c7:95d4:503d:f6b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/40e7584d-52dd-a5e5-478c-31a00f5fe0e3?gdpr=0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:86c7:95d4:503d:f6b6 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 02:03:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 6C6D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8cf64274-dedb-8c56-b655-a5c2983be64a
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8cf64274-dedb-8c56-b655-a5c2983be64a&dcc=t

43 B
855 B

86ms
85ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8cf64274-dedb-8c56-b655-a5c2983be64a&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Mar 2024 02:03:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NE276K3TRVB01ANKPBJH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Mar 2024 02:03:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SM606CCBDV1TDX36G0BJ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=8cf64274-dedb-8c56-b655-a5c2983be64a&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6C6D
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=d4203e09-c271-37ac-765b-2755f0082daa&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&ttd_puid=d4203e09-c271-37ac-765b-2755f0082daa&gdpr=0&gdpr_consent=

43 B
314 B

120ms
116ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&ttd_puid=d4203e09-c271-37ac-765b-2755f0082daa&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042&ttd_puid=d4203e09-c271-37ac-765b-2755f0082daa&gdpr=0&gdpr_consent=
date: Fri, 08 Mar 2024 02:03:25 GMT
server: Kestrel
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 6C6D 170 B
188 B 145ms
140ms Image
image/png 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjg0ZmVkYzMtMGIwNi02OTA4LTYzYmItN2RlYzNhZWFlM2Nh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6C6D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMS4g6BsnHzKmGUvA2uO498&google_cver=1

43 B
97 B

101ms
101ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMS4g6BsnHzKmGUvA2uO498&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:25 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Mar 2024 02:03:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMS4g6BsnHzKmGUvA2uO498&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
pixel.mathtag.com/sync/ Frame C912 2 KB
1 KB 428ms
92ms Document
text/html 151.101.129.91

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?gdpr=&gdpr_consent=&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/sync.js?ts=1709863401194
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 -, , ASN (),
Reverse DNS
Software: MT3 1549 cea2cde master ord ord-pixel-x3 config_version:"539" /
Resource Hash: 618dc4204e18e8811afe6ea3e108f54ff08f959f800297a36e8cf6c94f2616f9

Request headers

Referer: https://shadow.cargosv.fun/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 08 Mar 2024 02:03:26 GMT
expires: Fri, 08 Mar 2024 02:03:25 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
server: MT3 1549 cea2cde master ord ord-pixel-x3 config_version:"539"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lga21982-LGA
x-timer: S1709863407.692650,VS0,VE21

GET
H2 200 iframe Show response
pixel.mathtag.com/sync/ Frame E3F7 3 KB
1 KB 98ms
97ms Document
text/html 151.101.129.91

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=fee765ea-71e9-4d00-95b4-82a841ef420c&no_iframe=1&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D&gdpr=&gdpr_consent=&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?gdpr=&gdpr_consent=&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 -, , ASN (),
Reverse DNS
Software: MT3 1549 cea2cde master ord ord-pixel-x3 config_version:"539" /
Resource Hash: a3a1bd35833b4c9a95c9d0b887e8fca9b878de421a454ea423cecdb7e167021b

Request headers

Referer: https://pixel.mathtag.com/sync/iframe?gdpr=&gdpr_consent=&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: no-cache
content-encoding: gzip
content-length: 1071
content-type: text/html
date: Fri, 08 Mar 2024 02:03:26 GMT
expires: Fri, 08 Mar 2024 02:03:25 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
server: MT3 1549 cea2cde master ord ord-pixel-x3 config_version:"539"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lga21982-LGA
x-timer: S1709863407.804270,VS0,VE30

GET
H2 200 img
pixel.mathtag.com/comp/ Frame C912 0
184 B 98ms
96ms Image
image/gif 151.101.129.91

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&gdpr=&gdpr_consent=&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?gdpr=&gdpr_consent=&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 -, , ASN (),
Reverse DNS
Software: MT3 1549 cea2cde master ord ord-pixel-x1 config_version:"539" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?gdpr=&gdpr_consent=&exsync=https%3A%2F%2Fuser-sync-api.anyclip.com%2Fsetuid%3Fbidder%3Dmediamath%26uid%3D%5BMM_UUID%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 08 Mar 2024 02:03:26 GMT
via: 1.1 varnish
expires: Fri, 08 Mar 2024 02:03:25 GMT
server: MT3 1549 cea2cde master ord ord-pixel-x1 config_version:"539"
x-timer: S1709863407.804230,VS0,VE21
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-served-by: cache-lga21982-LGA

GET img
pixel.mathtag.com/misc/ Frame E3F7 0
0

GET img
pixel.mathtag.com/comp/ Frame E3F7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shadow.cargosv.fun
URL: blob:https://shadow.cargosv.fun/16bb9f7c-dbda-4557-9432-ead848241439

Domain: pixel.mathtag.com
URL: https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=330541&mop_top=&gdpr=&gdpr_consent=

Domain: pixel.mathtag.com
URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&gdpr=&gdpr_consent=&bcdv=0

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 04:33:43	Name: lidid Value: 47810959-a7f7-4ece-b111-54b36b686fd6
i.liadm.com/s	1970-01-20 19:40:55	Name: _li_ss Value: CkYKBQgKELIXCgYI3QEQshcKBQgGELIXCgUIDBC8FwoGCKIBELIXCgkI_____wcQvBcKBQgLELIXCgYIiwEQshcKBQh-ELIX
i6.liadm.com/s	1970-01-20 19:40:55	Name: _li_ss Value: CgA
.cargosv.fun/	1970-01-20 21:07:19	Name: _gcl_au Value: 1.1.1646466232.1709863399
.shadow.cargosv.fun/	1970-01-20 18:59:09	Name: sailthru_popup Value: show
shadow.cargosv.fun/	1970-01-20 18:57:45	Name: sailthru_pageviews Value: 1
.cargosv.fun/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .cargosv.fun
.cargosv.fun/	1970-01-21 04:33:43	Name: _lc2_fpi Value: fb3ab96766d7--01hrdwswe11cx7rdw05rbtkeq2
.cargosv.fun/	1970-01-21 04:33:43	Name: _lc2_fpi_meta Value: {%22w%22:1709863399873}
.cargosv.fun/	1969-12-31 23:59:59	Name: at_check Value: true
.liadm.com/	1970-01-21 04:33:43	Name: lidid Value: 47810959-a7f7-4ece-b111-54b36b686fd6
shadow.cargosv.fun/	1970-01-21 03:43:19	Name: sailthru_visitor Value: 0160e5a5-8e0f-42a6-8678-cfbf9e60bac6
.global.proper.io/	1970-01-20 18:57:46	Name: sovrn_dfpi_thesaurus Value: 1
.proper.io/	1970-01-20 18:57:45	Name: __cf_bm Value: rkoA7q1_en5VG0bpozq37E3fUSpt3sAO5Gio3p2YleQ-1709863400-1.0.1.1-KP3gzPw.9HL9.i7BFc1ZfnmisWbPtQvrRj_qLvUfww2YxDoMwpLB8dVfh_aRWtWcpP80cf.Yuq4LWNkiZd2WfN06cO_cWjsbNW9ZgDCMFiY
shadow.cargosv.fun/	1969-12-31 23:59:59	Name: proper_rtp_split_test Value: {"version_id":"27862","release_ts":"2024-03-05 13:11:49"}
shadow.cargosv.fun/	1970-01-20 18:57:43	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1709863400712%7D
.cargosv.fun/	1970-01-20 19:40:55	Name: _li_ss Value: CjQKBQgKELIXCgYI3QEQshcKBQgGELIXCgUIDBC8FwoGCKIBELIXCgUICxCyFwoGCIsBELIX
.cargosv.fun/	1970-01-20 19:40:55	Name: _li_ss_meta Value: {%22w%22:1709863400902%2C%22e%22:1712455400902}
.adsrvr.org/	1970-01-21 03:43:19	Name: TDID Value: 2ff9e64a-b8e4-4f8d-bf3f-2aa6c9d0d042
.mathtag.com/	1970-01-21 04:23:38	Name: uuid Value: fee765ea-71e9-4d00-95b4-82a841ef420c
.bidswitch.net/	1970-01-21 03:43:19	Name: c Value: 1709863401
.bidswitch.net/	1970-01-21 03:43:19	Name: tuuid_lu Value: 1709863401
.bidswitch.net/	1970-01-21 03:43:19	Name: tuuid Value: b6e79ae8-437d-4419-9003-75f76db0c8f9
.quantserve.com/	1970-01-21 04:27:57	Name: mc Value: 65ea71e9-1ef24-2c76f-46847
.rezync.com/	1970-01-21 04:19:19	Name: zync-uuid Value: bc94c1a0-10dd-472b-ad9a-c209409cbfd5:1709863401.1048422
.addthis.com/	1970-01-21 04:27:57	Name: na_id Value: 2024030802032100065172866289
.addthis.com/	1970-01-21 04:27:57	Name: na_tc Value: Y
.addthis.com/	1970-01-21 04:27:57	Name: uid Value: 65ea71e94c920fd5
.addthis.com/	1970-01-21 04:27:57	Name: ouid Value: 65ea71e90001ec968b8a44979b1104a830c1a01f8466a14eb0d3
shadow.cargosv.fun/	1970-01-21 04:33:43	Name: ac_cclang Value:
.cargosv.fun/	1970-01-20 18:57:45	Name: properSessionStorage Value: eyJ1dWlkIjoiNGRmMzFjN2YtY2ExYi00YTViLWE0MTYtMjQwNGJmN2Q1OTQxIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6e30sImF1Y3Rpb25fY291bnQiOjAsImxhc3RfdGhyZXNob2xkIjowfQ%3D%3D
.cargosv.fun/	1970-01-21 04:22:12	Name: __qca Value: P0-635650359-1709863400875
.dlx.addthis.com/	1970-01-20 19:40:55	Name: na_sc_x Value: 1
.deepintent.com/	1970-01-21 04:33:43	Name: CDIUSER Value: di_82b247911e2b4f3a97575
.33across.com/	1970-01-21 03:43:19	Name: check Value: true
.yahoo.com/	1970-01-21 03:43:41	Name: A3 Value: d=AQABBOlx6mUCEDqgn1-2Nl1McW1FmsqBSBwFEgEBAQHD62X0ZdxX0iMA_eMAAA&S=AQAAAsiC3FRrMiGZQ4qk5X0gnfI
.demdex.net/	1970-01-20 23:16:55	Name: demdex Value: 57044921423113289661750042473442335922
.dpm.demdex.net/	1970-01-20 23:16:55	Name: dpm Value: 57044921423113289661750042473442335922
shadow.cargosv.fun/	1970-01-20 19:40:55	Name: ac_user_id Value: acagn41rkv1qkap4fc1859ae36e4e269d1623524bb86ca6200e0337c204afb295b3e9ff2b144949
.id5-sync.com/	1970-01-20 21:07:19	Name: id5 Value: 079cc46c-4c98-72a1-988b-0ff450233e73#1709863401602#1
.rfihub.com/	1970-01-21 04:19:19	Name: eud Value: H4sIAAAAAAAA_1XIsRGAMAgF0AmsMgfeh6AEtyFwDmRp6aSWnuV7V7OZrskBYlSRmkyK8qAUuMJznrUdbPCxdwWvDB0qcrflS0N__tYXhjPE21oAAAA
.rfihub.com/	1970-01-21 04:19:19	Name: rud Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0NrQ0NTG3tDAxMRPiM9QNTYpIdkwv8_B0Cc0DAG0HsvolAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXByRGAQAgEwI_pYA04ymI2HLWBGLnd3-HVwdaEKGaEbiU5kdKGIKJrz_2qI9ZzEXoquGj2A0V12_g6AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0NrQ0NTG3tDAxMRPiM9QNTYpIdkwv8_B0Cc0DAG0HsvolAAAA
.cargosv.fun/	1970-01-20 18:57:43	Name: lotame_domain_check Value: cargosv.fun
.proper.io/	1970-01-21 03:43:19	Name: mediagrid Value: b6e79ae8-437d-4419-9003-75f76db0c8f9
live.rezync.com/	1970-01-21 04:19:19	Name: sd-session-id Value: .eJwNykkOgzAMAMC_-EwqOxgS5zMoW6WoJa0wXIr4ezmONCcs37qtsde-Q9i3ow6Q3-2WQjhB22-tLwhATpz1nkaSiZ145hmuAbSqtk9fWrlPysKZIhrCUgw7m0wsEk22KIyS07NMgRyKn0dGehCyZ2vh-gPK6yYj.Zepx6Q.nSecz6mIo6ahOabSiVWoAxrzX0E
.crwdcntrl.net/	1970-01-21 01:26:31	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 01:26:31	Name: _cc_id Value: 93454bc69065cd308d40a0643cc10895
.cargosv.fun/	1970-01-21 01:26:31	Name: _cc_id Value: 93454bc69065cd308d40a0643cc10895
.cargosv.fun/	1970-01-20 18:59:09	Name: panoramaId_expiry Value: 1709949801912
.pippio.com/	1970-01-21 03:43:19	Name: did Value: y4idU5ZVbLy5cms-
.pippio.com/	1970-01-21 03:43:19	Name: didts Value: 1709863402
.pippio.com/	1970-01-20 20:24:07	Name: nnls Value:
.pippio.com/	1970-01-20 20:24:07	Name: pxrc Value: CAA=
.cargosv.fun/	1970-01-21 04:33:43	Name: _ga Value: GA1.1.1896152150.1709863403
.cargosv.fun/	1970-01-21 04:33:43	Name: _ga_Y5DKGQ1D0H Value: GS1.1.1709863402.1.0.1709863402.0.0.0
shadow.cargosv.fun/	1970-01-21 03:43:19	Name: _au_1d Value: AU1D-0100-001709863403-ONG8F54L-E74O
.adnxs.com/	1970-01-20 21:07:19	Name: XANDR_PANID Value: vj89dHY4GrfnOCdS50bOMeupGDEJtTMdtS3Zl23Sb1lUq1dqLT06AXxNCMrVnn-TvYRMmAN0f-zSi-twz43Qd8TOlDjy6kvnHG4XH-dG0UQ.
.adnxs.com/	1970-01-21 04:33:43	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:07:19	Name: uuid2 Value: 5196601779978546656
.pubmatic.com/	1970-01-20 21:07:19	Name: KTPCACOOKIE Value: true
.tapad.com/	1970-01-20 20:24:07	Name: TapAd_TS Value: 1709863402715
.tapad.com/	1970-01-20 20:24:07	Name: TapAd_DID Value: 9ad8f7bf-5ebc-4866-8b00-cbb50fe33b76
.doubleclick.net/	1970-01-21 04:33:43	Name: IDE Value: AHWqTUn2DTOcKjsO2R8FN78bXNnIg_qQGPT9hCL-9RjRqI2vgzkRWdiVT87aWSz2rJU
.pubmatic.com/	1970-01-21 03:43:19	Name: KADUSERCOOKIE Value: 54227198-F8F3-4538-8E23-DB4813BF5A78
.rubiconproject.com/	1970-01-21 03:43:19	Name: khaos Value: LTI0ITCP-12-31GR
shadow.cargosv.fun/	1970-01-21 04:33:43	Name: _ga Value: GA1.1.1896152150.1709863403
shadow.cargosv.fun/	1970-01-20 18:59:09	Name: _gid Value: GA1.1.432194963.1709863403
.bidr.io/	1970-01-21 04:26:13	Name: bito Value: AACz5k7L1OQAABTtm0Xwfw
.bidr.io/	1970-01-21 04:26:13	Name: bitoIsSecure Value: ok
.turn.com/	1970-01-20 23:16:55	Name: uid Value: 2629902952733649793
.tapad.com/	1970-01-20 20:24:07	Name: TapAd_3WAY_SYNCS Value: 1!1634
.go.sonobi.com/	1970-01-20 19:40:55	Name: __uis Value: 52f19598-fd91-4508-9aee-ca36628a0963
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8520\|Zepx7
.agkn.com/	1970-01-21 03:43:19	Name: ab Value: 0001%3AZU7pdO%2BTr7rBRU1BMN3yGvJDriINh56Z
.smartadserver.com/	1970-01-21 03:43:19	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:43:19	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/	1970-01-21 03:43:19	Name: pid Value: 4142838910693899240
.yieldmo.com/	1970-01-21 03:43:19	Name: yieldmo_id Value: VqmM2__OOM_0_7ALGPUk%7C1709856000000%7C0
.rubiconproject.com/	1970-01-21 03:43:19	Name: audit Value: 1\|p0zWqhrHHVhRK9nEDta/RUKyOC861yqLKNzk3QGr1SzRuZ+dvyOZuJUUXPNc2OTkEHniZUYzCLBCbuL7wqM7W24/AOYgyMTzmjbisE4m2Mfme0rGRDIQp5pNeXPKoSG6skQK+4LL88GNw5+Mxg0G/j4Rkv/7cUXmfY0V14FIbwNNc4QTpadywtzpQ7vzkXQ/
.rubiconproject.com/	1970-01-20 21:07:19	Name: receive-cookie-deprecation Value: 1
.1rx.io/	1970-01-21 03:43:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005%22%7D
.targeting.unrulymedia.com/	1970-01-21 03:43:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e977d64e-8fee-4447-9f7b-d53cfa3ca7ba-005%22%7D
shadow.cargosv.fun/	1970-01-20 18:57:44	Name: _dd_s Value: rum=0&expire=1709864299556
.openx.net/	1970-01-21 03:43:19	Name: i Value: 078c0150-6bf6-085b-2c8d-efbd942f1e57\|1709863405
.openx.net/	1970-01-20 19:19:19	Name: pd Value: v2\|1709863405\|vMgavPkWgyiK
.adsrvr.org/	1970-01-21 03:43:19	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCJjn6OW-x988EAUSFAoFdGFwYWQSCwi2pYj3vsffPBAFGAEgAigCMgsIhJuLpNXH3zwQBTgBWgV0YXBhZGAC

210 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://ups.analytics.yahoo.com/ups/58491/fed?v=1&1p=1&url=https%3A%2F%2Fshadow.cargosv.fun%2F&puid=2752e76f-a6e6-4a0f-965d-8c1ff727af2d&pixelId=58491&gdpr=0&_t=Thu%20Mar%2007%202024%2016:03:21%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time) Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://trafficmanager.anyclip.com/trafficmanager/api/authorization/authorize Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://p.ad.gt/api/v1/p/170 Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=20fe803606282dab73cd930ad9b68f4e&url=about%3Ablank&code=%27none%27 Message: Failed to load resource: the server responded with a status of 502 ()
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shadow.cargosv.fun/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
abcheck.proper.io
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.yieldmo.com
ak.sail-horizon.com
amplify.outbrain.com
api-portal.dictionary.com
api.btloader.com
api.sail-personalize.com
assets.adobedtm.com
assets.anyclip.com
assets.dictionary.com
b-code.liadm.com
bcp.crwdcntrl.net
bids.proper.io
btloader.com
c.amazon-adsystem.com
cdn.cookielaw.org
cdn.hadronid.net
cdn5.anyclip.com
cm.g.doubleclick.net
config.anyclip.com
config.aps.amazon-adsystem.com
d.turn.com
dis.criteo.com
dpm.demdex.net
fid.agkn.com
fonts.googleapis.com
geolocation.onetrust.com
global.proper.io
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
ipv4.icanhazip.com
js.recurly.com
lexicon.33across.com
live.rezync.com
marketplace.anyclip.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
p.ad.gt
p.rfihub.com
pippio.com
pixel.anyclip.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player.anyclip.com
pr-bh.ybp.yahoo.com
restcdn.dictionary.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.amazon-adsystem.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
shadow.cargosv.fun
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
thor-graphql.dictionary.com
token.rubiconproject.com
tr.outbrain.com
track.dictionary.com
trafficmanager.anyclip.com
u.openx.net
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
user-sync-api.anyclip.com
usync.proper.io
vid.springserve.com
wave.outbrain.com
www.dictionary.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
pixel.mathtag.com
shadow.cargosv.fun
104.16.184.241
104.91.115.179
107.178.254.65
108.138.106.5
108.138.106.70
108.138.128.34
13.225.63.113
130.211.23.194
141.95.98.64
142.250.176.194
142.251.40.230
151.101.129.91
151.101.2.49
168.119.181.50
169.197.150.7
18.164.92.122
18.238.63.215
199.38.167.130
216.200.232.253
216.22.16.8
23.215.41.73
23.48.145.72
2600:1418:a000:2aa::1e80
2600:1f18:4e9:5a07:86c7:95d4:503d:f6b6
2600:1f18:730:b110:35d6:ece3:15b4:77d
2600:1f18:ed:550f:5ece:406:5bf2:1b8a
2600:1f18:fab:1a11:e916:9851:dc91:9c19
2600:9000:21dd:2c00:6:44e3:f8c0:93a1
2600:9000:23cb:7600:8:8845:1500:93a1
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:4400::ac40:9b77
2606:4700::6810:7aaf
2606:4700::6810:e77
2606:4700::6812:83ec
2607:f350:3:2569:0:10:0:200c
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2620:112:f008:200::101
2620:116:800b:21:b08a:1dc5:659b:4055
2a04:4e42:400::645
2a04:4e42::645
3.223.33.13
3.225.218.10
3.234.78.133
34.111.113.62
34.194.198.162
34.196.160.213
34.200.9.220
34.225.106.93
34.226.254.114
34.230.183.154
34.98.107.242
35.169.163.157
35.211.178.172
35.244.159.8
35.244.193.51
44.215.73.61
52.223.40.198
52.26.243.12
52.37.234.199
52.46.143.56
52.72.52.29
54.83.250.215
54.86.148.40
64.202.112.191
68.67.160.76
69.164.46.185
69.194.240.13
74.119.119.150
8.28.7.83
8.43.72.98
99.83.154.140
0420352e425cb5ec9b9ef8f9abddfc65197bd5a115b88e7a657dcf346c31996b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07acb6c4c162ed0c8b39e102fd07824398a3bdda40f09bc3a3d644455036cdf4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3f2a307c2394eacc9ab103292200d63c64120e8de5a97062306a62c967442c
13e8e4759ba2d94687c897bcb1ce30a40bd520ed2aa3e3a010b2458eea0886c7
15b83ea2548680d628cba8c7d7b3aaad35ca5676c96a70a09357928e88fe6203
1a2111492653d77a541146f8517f1a0b2e9857e65223c20b0a3e3a8ef76a1da3
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
207bcf11ec8c236785a67995bfce8f1d3fbf9a9944dfd8e6118f70a8438cd670
24fc863a025dc2719d6e7f517e3ff688f37eb8a5f9f245a318dbcecedd867021
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
25cebaf206f947b51597d657bfbf02f90f2ee6dfd16192263421cefc2f528e8d
263b5c14ea0c8dba145eaa30a0e60b7f9e0d3cb3c8f2356f59832ff329fa6d38
26ef0c140ab7eb5312d881ccbb8e20b99a1996bcf2474096f350024293a4a044
27885906bcae862bc82b48b7a7caafc08c096725fe4feb75c9dc8266d4c7f3fd
2d562da00da01d17e9e0c731543d3095b1835217541279dc7c930085b0bff9fe
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151
2e21dae1cafd0af8a721674c2250d57f7c091c5e28bf993f012a69177af3649c
2e2df5cca177dfc586ea29e35c59c4c51e86df621eee9572f27dbcaf9c2b837a
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e
30c1168ae02c2321e4ca0439999722f854c537720a0813c60a7bee6d9c4ff8d4
317cf0833f32e0ecf640cc03f4f7026a56de3930d99655e5363baebba2a5f529
33ea6fcc0872bdaef4e0636e481442e9638797a2f6469f855a00abf823075d85
3c2869a65dc53b18b1ce7b7e4a267ead706b0ddd9ba0a721758e668c2750dc46
3c5364550fbbf56799efc02fd29d90d82fd34e949f9838dc2d2c4f6076d80c77
41b58224a30c2ff34c96e4ea304c5a244bb9c9f81e3ec14aceb5cc78de5e250d
41e7dd18435a55c94cdf31a649c08101eee63a620049cde2a48779f8986e7a77
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4725d5ceb1342c63674aa4744859cbbfc9c6a4a946f0480bc5c12b22879c3da8
4804a0cefedaeee7c2acc6b3d03c4ea17df48a1d604b930913ac283a906aa164
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
4b4b7d780535949beb511e1e4874ae0fdbf22994bd4597574ba6cff59253b79c
4c545cbf0801ffc734bd05fda75b01d4c22f3bd7c5984665be341d23ea2e7e1b
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
578d77ec13a4e1e873d4ee91bba3637f3c0d92cce8fb3c6a23e3b14f47678a7a
57aa11f83c85eeb3311ed92a74674f39ac5ec9ff61830ae682abd730e596e879
59d765f34e5567e705d252b46679f2a6e49127071d9d5bf30a70a548fe06063d
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5b079b55f0ae3c12627f9c9f8f37e5c8767464ff6b11ca027aa13f5077d6853c
5eca53824744454794511d268559a41d44522a48af30c5a2765342ee9265b644
6083394aecf43d73ea8714ddbca32e5cc10d5c254f256bc7022ceb8dbc63367d
60c84b265b9c78a8cf0acb61affc9ca61abf4a74d3ed5425e0dd18e89e9f176b
618dc4204e18e8811afe6ea3e108f54ff08f959f800297a36e8cf6c94f2616f9
646d1f80a7056685c03302899e1cc97a447a00e5b0defe3a457979f10c7bf06b
68bd3a570a44d9cd15a55d6337ab81e5749174d1ea88fc809ac33993b8e25a2c
6ab42e9981109c4006be96fdc80ffcb328c274f3e0e65e2e9e6c0928211f334f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a54ecaa5f00ec66666dc590d26c079ea421cce344f8abec1ac4e813174ee190
7ac3c175184b951366420a5215d7f8b97520d2b9f9d91a0984ef96e9a9f7adb2
7b9e0d5fae56d3e97d55c6e1f2ded403b29299b66a9f2df422f148a9a6b87c6b
81b44372312294e3272531be240223da33f05e6c7c776017559e1c3cd77e5a13
838e680ca964a26c94665951577f3f0902ef54de2ee063d3465f22945dc44afa
838fbc520bca4d184a091a2fb8205685240b105f3fb5d40715e46f922cb063c8
854ad2e9d68cd3cec82f94f82a5db16b4a62d6ea1966e7cad0be3722f132664e
86e5d06ebe28cff77bfda45d52cf33373b002dd09db437f1c9c2ccff3cd8f1cb
8c0e1f95aa09754b10449fd8cd7f2e76d8f232d1038b6cf7454db558ac79962e
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f38470ccdf589a6292ed672436a5f45ca42ad3c9870309b36baf1c978f8ecce
94550f8e5c397c027e29fefa3e35896a2ff71aec003ec4940a19a570d73eb1eb
94a239ffd132907ea66b61c9ec6dad26c485b056dcbf0fca9d9859a2637f0fd8
9538dc85758895cccf2c8a3d0a416d812aeb80bd74c9587852c9752d8d512869
9608530394d3b532109bffd8fcc6a1f80ecf81b6cf7bbab4faab533cbc5c8369
9e34335154ab1d187b80ab96f485e374a8a5f99f3f8f146aee58b81943243445
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
9f397381c3df41ea1a4714a1dfea67c1381e25627a18596201af50c40d93ab06
a0178b91ad466dd6214ded2a805a160ff566b73c4db48629cffae05e9ca68438
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3a1bd35833b4c9a95c9d0b887e8fca9b878de421a454ea423cecdb7e167021b
a51c48f40d1b72d59e2f1d25d089eb3de18a51c7947a84c12104a9a64fdd62cc
a5ca779f12485b61626cb1e90bdcc2f798094a27858709d8d71d89c5372e03f3
a77930d1f6ae1ed958d7fdfc0b3b5803f68ad81186cbb14e5ccecb62d879dd9e
a808fb3a10e55b1ac44a602b125fc43f9e9b57b687d2578fb3282d8581cbbc40
a9c21f73e5781b07e9ae478497472051a87ee326e95761bb2d82387b07cbbcf6
aadceda6ac29f88fdd80f43e6630da80c6f863be565d2205f0c45b1a3066ee2b
ab3b5eb6842bb6f1fb790c77ee7cece8d1983d5069f40ab5ecc1a75bfa5aceee
ad79048b86ce7e864293382d9e57e5cd28c6b6d8ac21eb1c6c77f0acced223b9
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bb411bec902e6adafddb55faaba00d0f82f78f61249305195c1e99caf141d8
b39e28335717263a622e35466dff8980ffe7e6043ab774e8e1004ef3d9949a32
b4698a3a10feb2995052fa489e32fdf4faa657f40a488cbc977a917de60afaff
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b7be58558ac5f613c44cc4ca498d6bd64de88aaa3f78e6d618771758205e8b9b
b8b3084e7a5a9c9392a6c432c2cfb6d1b87c4fd0a240ae3c20cfeca7335fdbb2
b93783262bec548a559178d5274b1b8ec55645ac6b3087b84e118525d3a33ae8
bad1b62851c42b431e553d6dd4475b5c893bbcb17dc605f134e414562fff865d
bc0bfc50d3ff4175132b7da1ef0adf7761ded5cb2782e55edb1948da3480abd8
be3272531e444c93e2c185e1540dd7414ae3661bcaa03af98217f81b5f6c13df
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca2b2e449f1ab81126614c35690edb469d8e1a65307e076de6ad91fa82b01f7e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd817e5d830abe8ea8334dab936a6425f5faaaee60e881ddb28b55718910ec4b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d8e316a12b2adcea483bec9acbaeef3d9b47e8df718695e057d7cd3b1de0777a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d992ee439c9f5835c031b04276a3ed44e322cc8e5c6d7c1b9fb4c4ccc41d0d51
db16b375b9cc94e99d181e402140a50550d0764384e2aea73d50a1ea3e16122d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe6dd6dc3ca2827137ed6e9a5e00036a794908448448882ec0f30f71343e44d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49f55637dff315b98e1fd8ff6d5891dad20a07bb8cead5070afed79a3973758
e4c4b9a475d29a683af4a8b2c28ebc992447bfa6d273e4af3e671f5fbdaeb567
e898e52bd1bd67bb6a1fe68102885be90b72e1f63eddf184783cff26888c0414
e9310a629534c1e9799c7721716158e3dc0abd1d44d926b542cb2ac3f694e255
eb0d460f45aad5e678a98e2fcec72aca298ca7df8ddd0d56462069f868414d5f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5bd1141b38692aacedd044626e1aebc97014e4fce4f293f0557f7f18425ba8
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f176d3ea6417d392534ee0c10e6d14d94f1858e34201e12e1af47ef6f5b66d99
f50a739785cf0a5b7c451c8bb55764c6924b9e1e46e24ebdbc36b301e93c6274
f91ffdd7d3782908e287077d82768220411e61f82f036450c0aeabccefe34a43
fc4d0aca4d2f32f5e46ec8e5c50f6be1473ab9fe27f39593c45cc03d8ffc62dc
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

shadow.cargosv.fun Open in urlscan Pro 168.119.181.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

197 Requests

83 %HTTPS

35 %IPv6

56 Domains

95 Subdomains

67 IPs

4 Countries

3145 kBTransfer

10084 kBSize

88 Cookies

0 Outgoing links

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

shadow.cargosv.fun Open in urlscan Pro
168.119.181.50 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

83 %
HTTPS

35 %
IPv6

56
Domains

95
Subdomains

67
IPs

4
Countries

3145 kB
Transfer

10084 kB
Size

88
Cookies

197 HTTP transactions
0 data transactions