www.gxpowered.com Open in urlscan Pro
143.204.146.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Effective URL:
https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff034...
Submission: On April 17 via manual (April 17th 2022, 3:08:27 pm UTC) from US — Scanned from CA

Summary HTTP 134 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 54 IPs in 5 countries across 47 domains to perform 134 HTTP transactions. The main IP is 143.204.146.107, located in United States and belongs to AMAZON-02, US. The main domain is www.gxpowered.com. The Cisco Umbrella rank of the primary domain is 257604.
TLS certificate: Issued by Amazon on March 23rd 2022. Valid for: a year.

This is the only time www.gxpowered.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::ac43:bdd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
4	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
1	158.69.139.226 158.69.139.226	16276 (OVH) (OVH)
6	51.89.24.70 51.89.24.70	16276 (OVH) (OVH)
1	99.84.118.126 99.84.118.126	16509 (AMAZON-02) (AMAZON-02)
6	3.129.85.225 3.129.85.225	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	99.84.118.123 99.84.118.123	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
15	23.217.18.225 23.217.18.225	16625 (AKAMAI-AS) (AKAMAI-AS)
4	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	13.226.36.35 13.226.36.35	16509 (AMAZON-02) (AMAZON-02)
4 6	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
7 7	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	51.75.146.160 51.75.146.160	16276 (OVH) (OVH)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.21.144.67 107.21.144.67	14618 (AMAZON-AES) (AMAZON-AES)
5 7	18.214.54.215 18.214.54.215	14618 (AMAZON-AES) (AMAZON-AES)
5 5	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
2 4	63.251.114.182 63.251.114.182	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	67.202.105.22 67.202.105.22	32748 (STEADFAST) (STEADFAST)
4 7	173.223.56.123 173.223.56.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.85.61.44 52.85.61.44	16509 (AMAZON-02) (AMAZON-02)
3 4	68.67.161.206 68.67.161.206	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1 1	44.196.45.105 44.196.45.105	14618 (AMAZON-AES) (AMAZON-AES)
1	34.194.202.217 34.194.202.217	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	45.55.96.63 45.55.96.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
16	2606:4700:303... 2606:4700:3032::ac43:dc33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	52.1.175.157 52.1.175.157	14618 (AMAZON-AES) (AMAZON-AES)
2 2	141.94.170.77 141.94.170.77	16276 (OVH) (OVH)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1	13.225.209.127 13.225.209.127	16509 (AMAZON-02) (AMAZON-02)
4	3.13.44.106 3.13.44.106	16509 (AMAZON-02) (AMAZON-02)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	13.225.223.117 13.225.223.117	16509 (AMAZON-02) (AMAZON-02)
1	23.5.229.102 23.5.229.102	16625 (AKAMAI-AS) (AKAMAI-AS)
3	63.251.114.137 63.251.114.137	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	75.126.248.142 75.126.248.142	36351 (SOFTLAYER) (SOFTLAYER)
4 4	54.89.141.202 54.89.141.202	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:444... 2600:1f18:444a:4602:f850:4eec:7dd:fbc1	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.18.99.194 104.18.99.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.76.103 18.67.76.103	16509 (AMAZON-02) (AMAZON-02)
1	99.83.181.31 99.83.181.31	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:303... 2606:4700:3030::6815:279d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::6815:5dd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:34ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.201.70.46 35.201.70.46	15169 (GOOGLE) (GOOGLE)
1 1	35.241.7.124 35.241.7.124	15169 (GOOGLE) (GOOGLE)
5	143.204.146.107 143.204.146.107	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1 2	20.36.253.92 20.36.253.92	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
134	54

1 2606:4700:3036::ac43:bdd4 (United States)

ASN13335 (CLOUDFLARENET, US)

playster.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.99.0.58 (Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.24.70 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip70.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.118.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-126.ewr52.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.129.85.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-85-225.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.118.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-118-123.ewr52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.217.18.225 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-18-225.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.36.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-36-35.ewr53.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.235.42.102 (Canada) 4 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.71.131.137 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.146.160 (France)

ASN16276 (OVH, FR)
PTR: de03.roqad.pl

ws2.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.144.67 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-144-67.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.214.54.215 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-54-215.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.251.114.182 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.22 (United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.223.56.123 (Secaucus, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.61.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-44.ewr53.r.cloudfront.net

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.161.206 (Brooklyn, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.45.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-45-105.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.202.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-202-217.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.96.63 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3032::ac43:dc33 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.1.175.157 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-175-157.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.170.77 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.209.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-209-127.ewr50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.13.44.106 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-44-106.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-117.jfk51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.229.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-229-102.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.114.137 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.126.248.142 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 8e.f8.7e4b.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.89.141.202 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-141-202.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:f850:4eec:7dd:fbc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.99.194 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-103.iad89.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:279d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.yhs25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5dd8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

je8fn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:34ef (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.muvkyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.70.46 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 46.70.201.35.bc.googleusercontent.com

directdexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.7.124 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 124.7.241.35.bc.googleusercontent.com

harvest.gotrackier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.146.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-107.ewr52.r.cloudfront.net

www.gxpowered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80c::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

11442918.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2006 (United States)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.36.253.92 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 11025 t.sharethis.com — Cisco Umbrella Rank: 6009 sync.sharethis.com — Cisco Umbrella Rank: 2918	54 KB
16	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 21635	5 KB
9	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 211 11442918.fls.doubleclick.net — Cisco Umbrella Rank: 189564 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 340	3 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	693 KB
8	rqtrk.eu 4 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 1486 ws2.rqtrk.eu — Cisco Umbrella Rank: 9538	3 KB
8	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 3573 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4347 onetag-geo-grouping.s-onetag.com — Cisco Umbrella Rank: 27884 data-beacons.s-onetag.com — Cisco Umbrella Rank: 12202 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 3079	17 KB
7	bluekai.com 4 redirects tags.bluekai.com — Cisco Umbrella Rank: 453 stags.bluekai.com — Cisco Umbrella Rank: 481	4 KB
7	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 930 ap.lijit.com — Cisco Umbrella Rank: 607	5 KB
7	eyeota.net 5 redirects ps.eyeota.net — Cisco Umbrella Rank: 960	4 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 355	3 KB
7	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 15778 t.dtscout.com — Cisco Umbrella Rank: 12980	12 KB
6	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 7684 ic.tynt.com — Cisco Umbrella Rank: 4493 de.tynt.com — Cisco Umbrella Rank: 1348	10 KB
6	histats.com s10.histats.com — Cisco Umbrella Rank: 16128 s4.histats.com — Cisco Umbrella Rank: 13577	13 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 jnn-pa.googleapis.com — Cisco Umbrella Rank: 272	23 KB
5	gxpowered.com www.gxpowered.com — Cisco Umbrella Rank: 257604	613 KB
5	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 528 i6.liadm.com — Cisco Umbrella Rank: 1687	2 KB
4	clarity.ms 1 redirects j.clarity.ms — Cisco Umbrella Rank: 2127 c.clarity.ms — Cisco Umbrella Rank: 637	24 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 378 c.bing.com — Cisco Umbrella Rank: 234	13 KB
4	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 858 tags.crwdcntrl.net — Cisco Umbrella Rank: 1523	9 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 438	4 KB
4	33across.com 3 redirects cdn-tc.33across.com — Cisco Umbrella Rank: 18769 dp2.33across.com — Cisco Umbrella Rank: 8763 dp1.33across.com — Cisco Umbrella Rank: 5610	2 KB
3	gstatic.com fonts.gstatic.com	34 KB
3	directdexchange.com 2 redirects directdexchange.com	4 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 327	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 434	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	14 KB
2	adsymptotic.com 2 redirects p.adsymptotic.com — Cisco Umbrella Rank: 555	562 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 289	1 KB
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1582	514 B
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1291	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2962	726 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1217 beacon.krxd.net — Cisco Umbrella Rank: 440	498 B
2	affec.tv 1 redirects map.go.affec.tv — Cisco Umbrella Rank: 5418	1 KB
2	mediawallahscript.com 2 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 1964	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	51 KB
1	gotrackier.com 1 redirects harvest.gotrackier.com — Cisco Umbrella Rank: 67496	286 B
1	muvkyd.com 1 redirects c.muvkyd.com — Cisco Umbrella Rank: 797014	573 B
1	je8fn.com 1 redirects je8fn.com — Cisco Umbrella Rank: 641820	822 B
1	yhs25.com 1 redirects www.yhs25.com — Cisco Umbrella Rank: 690362	797 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 2211
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 825	599 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 3102	16 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 883	828 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14551	407 B
1	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 1718	183 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682	21 KB
1	playster.xyz playster.xyz	2 KB
134	47

	Domain	Requested by
16	a.dtssrv.com	e.dtscout.com
15	t.sharethis.com	pd.sharethis.com t.sharethis.com playster.xyz
8	www.youtube.com	www.gxpowered.com www.youtube.com
7	ps.eyeota.net	5 redirects playster.xyz
7	match.adsrvr.org	7 redirects
6	tags.bluekai.com	3 redirects de.tynt.com playster.xyz tags.bkrtx.com
6	ws.rqtrk.eu	4 redirects playster.xyz
6	pd.sharethis.com	e.dtscout.com playster.xyz t.sharethis.com
6	t.dtscout.com	e.dtscout.com
5	www.gxpowered.com	directdexchange.com www.gxpowered.com
5	cm.g.doubleclick.net	5 redirects
4	jnn-pa.googleapis.com	www.youtube.com
4	i.liadm.com	4 redirects
4	sync.sharethis.com	playster.xyz
4	secure.adnxs.com	3 redirects playster.xyz
4	ce.lijit.com	2 redirects playster.xyz
4	de.tynt.com	cdn.tynt.com
4	onetag-geo.s-onetag.com	get.s-onetag.com
4	s4.histats.com	s10.histats.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.gxpowered.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	directdexchange.com	2 redirects
3	ap.lijit.com	get.s-onetag.com
3	bcp.crwdcntrl.net	1 redirects playster.xyz tags.crwdcntrl.net
3	idsync.rlcdn.com	2 redirects playster.xyz
3	pixel.tapad.com	3 redirects
2	c.clarity.ms	1 redirects
2	j.clarity.ms	bat.bing.com j.clarity.ms
2	11442918.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	p.adsymptotic.com	2 redirects
2	x.bidswitch.net	1 redirects playster.xyz
2	ml314.com	1 redirects playster.xyz
2	loadus.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	map.go.affec.tv	1 redirects playster.xyz
2	dp2.33across.com	2 redirects
2	partner.mediawallahscript.com	2 redirects
2	ws2.rqtrk.eu	playster.xyz
2	s10.histats.com	playster.xyz s10.histats.com
1	c.bing.com	1 redirects
1	www.google.com	www.youtube.com
1	adservice.google.com	11442918.fls.doubleclick.net
1	static.doubleclick.net	www.youtube.com
1	googleads.g.doubleclick.net	www.youtube.com
1	www.googletagmanager.com	www.gxpowered.com
1	fonts.googleapis.com	www.gxpowered.com
1	harvest.gotrackier.com	1 redirects
1	c.muvkyd.com	1 redirects
1	je8fn.com	1 redirects
1	www.yhs25.com	1 redirects
1	connect-metrics-collector.s-onetag.com	get.s-onetag.com
1	api.intentiq.com	data-beacons.s-onetag.com
1	i6.liadm.com	playster.xyz
1	um.simpli.fi	1 redirects
1	stags.bluekai.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	tags.crwdcntrl.net	cdn-tc.33across.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	cms.analytics.yahoo.com	1 redirects
1	t.dtscdn.com	e.dtscout.com
1	dp1.33across.com	1 redirects
1	beacon.krxd.net	playster.xyz
1	usermatch.krxd.net	1 redirects
1	spl.zeotap.com	playster.xyz
1	cdn-tc.33across.com	de.tynt.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	ic.tynt.com	playster.xyz
1	cdn.tynt.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	maxcdn.bootstrapcdn.com	playster.xyz
1	playster.xyz
134	72

This site contains links to these domains. Also see Links.

Domain
www.pwnprivacy.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-20` - `2022-11-19`	a year	crt.sh
histats.com R3	`2022-01-21` - `2022-04-21`	3 months	crt.sh
*.dtscout.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.s-onetag.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
sharethis.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cert1.a1.atm.aqfer.net R3	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.dtscdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-04` - `2022-12-04`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.intentiq.com Amazon	`2022-03-20` - `2023-04-17`	a year	crt.sh
directdexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-16` - `2023-02-16`	a year	crt.sh
downloadoperagx.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Frame ID: D8328912763C9665338813F871157C3D
Requests: 87 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Frame ID: 894FCADCA0082E9E1DE51ACCDE8AB6C5
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Frame ID: 286518407AA001B3FA78000E81B44630
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Frame ID: AD174137305B0DCBC98D84D5FEF47E5F
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Frame ID: BF1C0DA184280FE1EC3B6D6198D5537D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
Frame ID: 4FFFEAAEA43F6714B32687AEE51DC184
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
Frame ID: D2E03387A7667577FB88999308439D8C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
Frame ID: E55F107A965C1711C6407B8E97635BA8
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
Frame ID: 2084B76A0CC50831214BB2B304706F78
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C
Frame ID: 7919E85FE512FFDA9D4EF27A058ACBC8
Requests: 7 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: A7BD007F9C87105FEE63006A9127166F
Requests: 3 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=119080150605047&ret=html&random=1650208101
Frame ID: 4F568CDF90E7F5FD5A3A3FC0CA061601
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C
Frame ID: 37E4BCE70F94735C075832AA4F9B0A93
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C
Frame ID: 3200716749A74B2791AD7BF8EC708479
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C
Frame ID: 4FA791D0777D6DB12F7BEFB93A44AEC0
Requests: 2 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: BE7186B38C740DFE0E72F4464A4FC47A
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJeqReU2HXAR0AA0lPvwCmQ&google_cver=1
Frame ID: 9F62956A4D0EB2B5399C961F7A214DEC
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65439
Frame ID: 12C50D9C086F212471E00D326CE1470F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
Frame ID: 9645569BD8D8B88AC0F86738BF389DA4
Requests: 14 HTTP requests in this frame

Frame: https://11442918.fls.doubleclick.net/activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51
Frame ID: 19775E4072B658AB608FF94557C6ED63
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Opera GX

Page URL History Show full URLs

https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie Page URL
https://www.yhs25.com/scripts/un981c6l?a_aid=0c284681&a_bid=bd085dfb&chan=tolek HTTP 301
https://je8fn.com/g?visitorid=488ac8a81818fa4f51a217e7d52rr4QI&refid=0c284681&bannerid=bd085df... HTTP 302
https://c.muvkyd.com/click?pid=6&offer_id=370&ref_id=488ac8a81818fa4f51a217e7d52rr4QI_0c284681_bd... HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58 Page URL
https://directdexchange.com/jump/next.php?stamat=m%257CN2Yid7dhaQdHkAH0dEdHP3xP.cc8%252CS0kXXHXf2ck-DOZ9... HTTP 302
https://directdexchange.com/script/i.php?stamat=m%257C%252C%252CQ2FSoiFuoGU3BP-GH0dEdHP3xP.56b%252C0nX99... HTTP 302
https://harvest.gotrackier.com/click?campaign_id=3670&pub_id=72&p1=16502081022503514557199122023346942&sour... HTTP 302
https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&su... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

134
Requests

83 %
HTTPS

26 %
IPv6

47
Domains

72
Subdomains

54
IPs

5
Countries

1639 kB
Transfer

3941 kB
Size

83
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pwnprivacy.com/?domain=www.gxpowered.com
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie Page URL
https://www.yhs25.com/scripts/un981c6l?a_aid=0c284681&a_bid=bd085dfb&chan=tolek HTTP 301
https://je8fn.com/g?visitorid=488ac8a81818fa4f51a217e7d52rr4QI&refid=0c284681&bannerid=bd085dfb&extra_data1=&extra_data2= HTTP 302
https://c.muvkyd.com/click?pid=6&offer_id=370&ref_id=488ac8a81818fa4f51a217e7d52rr4QI_0c284681_bd085dfb&sub1=0c284681&sub8= HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58 Page URL
https://directdexchange.com/jump/next.php?stamat=m%257CN2Yid7dhaQdHkAH0dEdHP3xP.cc8%252CS0kXXHXf2ck-DOZ9HRvwuPJlkOmuSB08E0WxdyeWuFCoiw4fF4nf1_lcB0pm8V9VZ1wEbEP8KZC8USqQnuJlhyix1PeWhO2TdZtH016kV2mHrtTsExHuRLNoTtBHzGHOudLBOPuIlDJl_OUi65YOzg%252C%252C&cbpage=https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58&cbur=0.029735495661263878&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fplayster.xyz%2F HTTP 302
https://directdexchange.com/script/i.php?stamat=m%257C%252C%252CQ2FSoiFuoGU3BP-GH0dEdHP3xP.56b%252C0nX99XLFmzSzR3JuuZJP1tpHrjsb5RScGJJE69_y7IG-CVZ0os5CJiJw1kvlAHBxhQv9KeyRRyMQHQlq5LQSZUO8xkmTrz32tQQ8Bke7g4Gb7LPi5PHo7w-bQXpji4j8FB7Gvcalyzwp1Xqy-NYZ99tNuyoWBGWm_HJsDMKv3z6xtHmYMQHgGuvF_Z7PvGUKdKtlgth0m9Ln1wyNa_Gbl3lx5Z9YIZKHR-7eRDAFaul_ZzCOW1sE6BdPfU_DrO9eAsFTlqqO232Ow1Ex4ShUaTxwi95PBr2L2iWukWDoGL_xOVKTreLH075HIhspIfZsIxA3BOK-hXl1K2TUDlIlVOw42OPCxolImDyH8lVYEVL6kVvvxr1dUZrJqELYK5iWXXD8F3kiz0R9bIUkm4goQFV-8hUOk-g6nZk2q4ZQQt7AHLhokmXLq5Zx9FBfMbMJxcpZ3BG06eXrZlcT2kNbrLz1j3EB4Ujbs1BxF9MFkyQz82awPfKqrQpsCZZ2IUy6TkuqsQgl3s6g4Uo42ce4tBbmCwOpYqik66i7lWUfOG3hMilNawxuNJktPvIeVjosJHMowOEO4dKomPHBp9SyAtLxU7lVqrQBUzk3BI5QHpv9jp4jBw34lHOe1RwuvWLp HTTP 302
https://harvest.gotrackier.com/click?campaign_id=3670&pub_id=72&p1=16502081022503514557199122023346942&source=3052727-3411082179-0&p2=3052727 HTTP 302
https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e09figb&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e09figb&ttd_tpi=1 HTTP 302
https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548

Request Chain 43

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.3&gdpr_consent= HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=05271e8c-610e-44e1-a68b-fe97cfda3ab2&custom=&tag_format=img&tag_action=sync&cb=1650208612&rurl=https://ws.rqtrk.eu/push?dmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=05271e8c-610e-44e1-a68b-fe97cfda3ab2&custom=&tag_format=img&tag_action=sync&cb=1650208612&rurl=https%3A%2F%2Fws.rqtrk.eu%2Fpush%3Fdmp%3De873dca0-85f0-4b95-bfab-a8d855ece660%26uid%3D00000000-0000-0000-0000-000000000000&final=true&reqid=3850f3d0-be60-11ec-86b4-6df32ae0a0d9&timestamp=2022-04-17T15%3A08%3A21.261Z HTTP 302
https://ws.rqtrk.eu/push?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&uid=00000000-0000-0000-0000-000000000000

Request Chain 44

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.4&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.4&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBrV_raHYkgavGLEjigke0w&google_cver=1

Request Chain 45

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.5&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e09figb&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e09figb&ttd_tpi=1 HTTP 302
https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548

Request Chain 46

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.6&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=8093&3pid=30821410-044c-4098-8b75-d3d4a51917e2&us_privacy=&location=https://ws.rqtrk.eu/push?dmp%3D69937f41-9d0e-479c-b978-bf19bd713ee3%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=8093&3pid=30821410-044c-4098-8b75-d3d4a51917e2&us_privacy=&location=https%3A%2F%2Fws.rqtrk.eu%2Fpush&dnr=1 HTTP 302
https://ws.rqtrk.eu/push

Request Chain 47

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1650208100994.5 HTTP 302
https://tags.bluekai.com/site/27519?id=119080150605047&ret=html&random=1650208101

Request Chain 48

https://map.go.affec.tv/map/3a/?pid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&ts=1650208100994.2 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D625c2d65bea1e3000140a048%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D625c2d65bea1e3000140a048%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/8072659071983735566?ch=625c2d65bea1e3000140a048&chc=tt&floc=&redirect_url=

Request Chain 49

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&random=1650208100994.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&random=1650208100994.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cfb1d57a-bb43-4584-9c54-c3266872be74%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a214f457-5f91-43f3-a8d3-7429d0a3c548&ttd_puid=cfb1d57a-bb43-4584-9c54-c3266872be74%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 50

https://dp2.33across.com/ps/?pid=1205&random=1650208100994.4 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=2034885656543

Request Chain 51

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.6&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.6&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJy0YbCvg0MQ2LZ9f-FGjdE&google_cver=1

Request Chain 52

https://dp1.33across.com/ps/?pid=669&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&random=1650208100994.7 HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117634543882387&seg_code=33x&random=1650208101 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117634543882387%26seg_code%3D33x%26random%3D1650208101

Request Chain 58

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D001650208100DDF0088543B2D85FD1 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001650208100DDF0088543B2D85FD1

Request Chain 59

https://pixel.onaudience.com/?partner=137085098&mapped=6D001650208100DDF0088543B2D85FD1 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=8ed6c0dabeaddd14 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
https://tags.bluekai.com/site/19505?id=y-b6ZZH8xE2pKTewvU6UEhYei6cwP7VpXaVBo-~A

Request Chain 77

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=a214f457-5f91-43f3-a8d3-7429d0a3c548&gdpr=0&gdpr_consent=

Request Chain 78

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=588829331471b293743beeecdf686764

Request Chain 79

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=21lxGTyUXmsq4VmWuO2b2Q517Dp9ztjacTj_tTLgvcXw&gdpr=0&gdpr_consent=

Request Chain 80

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3626574204593766423 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNjU3NDIwNDU5Mzc2NjQyMxAAGg0I5drwkgYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=928b97df9a2af498ae6c3b34d2e2a8d6701af6423dd12ad6a13ad5a28ae23506f4cb09cee1a4f8eb&person_id=3626574204593766423&eid=50082

Request Chain 81

https://tags.bluekai.com/site/59574?id=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 88

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGQABWJcLWQAAAAJHon4Aw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.903.23335%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=74104695 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=a214f457-5f91-43f3-a8d3-7429d0a3c548&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=eDc1dG0yb1E5OWU5SmtoaQ%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJeqReU2HXAR0AA0lPvwCmQ&google_cver=1

Request Chain 92

https://um.simpli.fi/lj_match?r=42729 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=471DC666C0464988A83D83300782040C

Request Chain 93

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc HTTP 303
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc&_li_chk=true&previous_uuid=bcdbb10570fc4fddb82e5333cc5a2c67 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

Request Chain 94

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc&_li_chk=true&previous_uuid=38f3e6fba3fe451c8530bc62ffc944d0 HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc

Request Chain 95

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=e9a54c0fa923620b806f0ffc&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=5336 HTTP 302
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=e9a54c0fa923620b806f0ffc&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=5336&_expected_cookie=4484e65646bc7736c378ae55e832bcde HTTP 302
https://ce.lijit.com/merge?pid=5014&3pid=4484e65646bc7736c378ae55e832bcde

Request Chain 99

https://www.yhs25.com/scripts/un981c6l?a_aid=0c284681&a_bid=bd085dfb&chan=tolek HTTP 301
https://je8fn.com/g?visitorid=488ac8a81818fa4f51a217e7d52rr4QI&refid=0c284681&bannerid=bd085dfb&extra_data1=&extra_data2= HTTP 302
https://c.muvkyd.com/click?pid=6&offer_id=370&ref_id=488ac8a81818fa4f51a217e7d52rr4QI_0c284681_bd085dfb&sub1=0c284681&sub8= HTTP 302
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58

Request Chain 110

https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51 HTTP 302
https://11442918.fls.doubleclick.net/activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51

Request Chain 129

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=03C873E189014625A1CFEF3E5AEA1422&RedC=c.clarity.ms&MXFR=324E192D091A69012DE708A40D1A67C6 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03C873E189014625A1CFEF3E5AEA1422&MUID=16DF21E825316703119F3061249B6648

134 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 rc Show response
playster.xyz/ 4 KB
2 KB 119ms
91ms Document
text/html 2606:4700:3036::ac43:bdd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bdd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c82f55ab6c780f27d62107156eb476d263fa5ff7d255ef7e89269e2b675215

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6fd613535d477139-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Apr 2022 15:08:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhGArDIfGsXQW8ddMSUCNjikFHRcw93yX4dXE4Pu1XgaTSdPp5z1uEQMq5nVEoGfl%2B7gUEjlNUguCQZYExyNLNglaXQftI9ZPStqKxmPCPOoPtEto7%2Fzn5mE7Ne2ukT6dJgzVdNfyupc%2BYk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
21 KB 64ms
39ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 15879151
cdn-cachedat: 2021-06-08 13:00:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d2c2e1104460a14eefeed559f718bd56
cf-ray: 6fd613543e2e4bd6-YUL
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 32ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:07:02 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 41779846

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 376 B
511 B 40ms
16ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4621117&@f16&@g1&@h1&@i1&@j1650208100591&@k0&@l1&@mRedirecting%20to%20Secure%20Page&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:86934912&@b3:1650208101&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: close
Content-Length: 376
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 376 B
511 B 40ms
16ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4621117&@f16&@g1&@h1&@i1&@j1650208100591&@k0&@l1&@mRedirecting%20to%20Secure%20Page&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-7482672&@b3:1650208101&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: close
Content-Length: 376
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_511.js Show response
s10.histats.com/counters/ 15 KB
6 KB 10ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_511.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:00:26 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip: 137.74.122.0/26
etag: "1364484781"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 5984
x-request-id: 983139335

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 376 B
511 B 34ms
14ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4621117&@f16&@g0&@h2&@i1&@j1650208100598&@k7&@l2&@mRedirecting%20to%20Secure%20Page&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:137219090&@b3:1650208101&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: close
Content-Length: 376
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 376 B
511 B 34ms
13ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4621117&@f16&@g0&@h2&@i1&@j1650208100598&@k7&@l2&@mRedirecting%20to%20Secure%20Page&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:122780955&@b3:1650208101&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: close
Content-Length: 376
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 8 KB
9 KB 55ms
24ms Script
application/javascript 158.69.139.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4621117&@f16&@g1&@h1&@i1&@j1650208100591&@k0&@l1&@mRedirecting%20to%20Secure%20Page&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-7482672&@b3:1650208101&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b6a8f3e74a55b3a88abc6836bde247a6c3e44f8564d4374c5606467607023585

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
X-T: 1.48
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Sun, 17 Apr 2022 15:08:19 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 894F 1 KB
753 B 294ms
96ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22bd8b849feca208cf27f27825ff887972796d4b362cf1592f009e45db83963a

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 17 Apr 2022 15:08:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 70ms
20ms Script
text/javascript 99.84.118.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-126.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 24561
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 17 Apr 2022 08:18:59 GMT
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: tgbJi5C_R-JwfJkouA7haJ0ndHEoTj61dA1hHtuT9p6VpZcC-vGORw==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 144ms
34ms Script
application/javascript 3.129.85.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.85.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-85-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

dee8062c428a9f8a14d33abc941c2c0ae0e825be0195821dc5f9567955145cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 72ms
28ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
age: 189773
etag: W/"6129520b-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6fd61355c99aa1ec-YYZ
expires: Wed, 20 Apr 2022 15:08:20 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 51 B
319 B 314ms
102ms Script
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=playster.xyz&_ss=4f3zagf0j7&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=js18&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5350a85745d948765f1b333587235fd87412d8a3ece1ac4ce90cea6333c19b28

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
X-T: 0.183
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 17 Apr 2022 15:08:19 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 2865 1 KB
755 B 293ms
97ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 90c4710ed3de484531db9242dc5e116c296ed3bb0f60fa372304b857e2502e8d

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 17 Apr 2022 15:08:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame AD17 1 KB
754 B 289ms
96ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 882d6c7cc0a60a0257dde024589451b73b61f05e3c9a0fab0d86fb1d9061a253

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 17 Apr 2022 15:08:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame BF1C 1 KB
753 B 295ms
99ms Document
text/html 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ddd7d2ffd40a8fde7b6173de5e7242e076e1d06f6aa83a78b79230165d40ef82

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 17 Apr 2022 15:08:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
948 B 59ms
19ms Fetch
application/json 99.84.118.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-123.ewr52.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:18:14 GMT
via: 1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
age: 67806
x-amzn-requestid: df220b54-2730-444a-99ff-fd8169ecb602
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: IAD89-P2, EWR52-C3
x-amz-apigw-id: QsKlFF0UCYcFX8Q=
content-length: 535
x-amz-cf-id: PEw28noPvgLEmaHQBy2cTwV3rcrHGV0TUYrEToI2dfe9skH-ArBB_g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
949 B 57ms
20ms Fetch
application/json 99.84.118.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-123.ewr52.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:18:14 GMT
via: 1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
age: 67806
x-amzn-requestid: df220b54-2730-444a-99ff-fd8169ecb602
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: IAD89-P2, EWR52-C3
x-amz-apigw-id: QsKlFF0UCYcFX8Q=
content-length: 535
x-amz-cf-id: UvAGTF2bXnkqBa--_N3kxoDK4nHiF_6Lc99P7q_E-0nQKPabZWqd6A==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
949 B 54ms
21ms Fetch
application/json 99.84.118.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-123.ewr52.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:18:14 GMT
via: 1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
age: 67806
x-amzn-requestid: df220b54-2730-444a-99ff-fd8169ecb602
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: IAD89-P2, EWR52-C3
x-amz-apigw-id: QsKlFF0UCYcFX8Q=
content-length: 535
x-amz-cf-id: Wm933mxmLEQghlOEoaubkORj5y4u7sSqxF-L4UgQUX1GouVtydrpNw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
948 B 52ms
20ms Fetch
application/json 99.84.118.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.118.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-118-123.ewr52.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:18:14 GMT
via: 1.1 1bd7d779bed244375679d82e1821cc3c.cloudfront.net (CloudFront), 1.1 71bfaca5ce51bb05b39690ef2b0a4af2.cloudfront.net (CloudFront)
age: 67806
x-amzn-requestid: df220b54-2730-444a-99ff-fd8169ecb602
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: IAD89-P2, EWR52-C3
x-amz-apigw-id: QsKlFF0UCYcFX8Q=
content-length: 535
x-amz-cf-id: o5XUKblmK83IbVMqe6cdKNibO23tpLsROJ-13pdxer-hr5Y68tghCg==

GET
H2 200 p
ic.tynt.com/b/ 35 B
523 B 97ms
30ms Image
image/gif 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1650208100795&dn=AFWU&iso=0&t=Redirecting%20to%20Secure%20Page
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
etag: "4bc8846c-23"
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-type: image/gif
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 83ms
19ms Script
application/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6018254887197851&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

37d53e63893be4bbd11850c24f4cd87ff003fc599441572374e2ecc0c6354ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1360
Expires: Sun, 17 Apr 2022 16:08:20 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 39ms
36ms Image
image/gif 3.129.85.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&event_source=dtscout&rnd=0.6018254887197851&exptid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&fcmp=false

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.85.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-85-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 83ms
20ms Script
application/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8109653921265274&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

37d53e63893be4bbd11850c24f4cd87ff003fc599441572374e2ecc0c6354ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1360
Expires: Sun, 17 Apr 2022 16:08:20 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 76ms
36ms Image
image/gif 3.129.85.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&event_source=dtscout&rnd=0.8109653921265274&exptid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&fcmp=false

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.85.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-85-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 80ms
19ms Script
application/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.11890701017327276&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

37d53e63893be4bbd11850c24f4cd87ff003fc599441572374e2ecc0c6354ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1360
Expires: Sun, 17 Apr 2022 16:08:20 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 105ms
35ms Image
image/gif 3.129.85.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&event_source=dtscout&rnd=0.11890701017327276&exptid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&fcmp=false

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.85.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-85-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 80ms
20ms Script
application/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2864164825171176&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

37d53e63893be4bbd11850c24f4cd87ff003fc599441572374e2ecc0c6354ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1360
Expires: Sun, 17 Apr 2022 16:08:20 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 106ms
37ms Image
image/gif 3.129.85.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&event_source=dtscout&rnd=0.2864164825171176&exptid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&fcmp=false

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.85.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-85-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:20 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 113ms
36ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 55057b7223e56dd0720aacda4c0f7720b5d02b5b41e7367333492f8096449b86

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 1434
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 110ms
35ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 125c8e19f883a89dfdad41d040ce3e9f722f81e7d1af06402d83cfc4854ab07f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 1418
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 687 B
1 KB 109ms
34ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=3&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 199a51d89164e3eb82327dbaa09c04af55014ec305fc9fd7c62951e8b1d4ec21

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 687
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
258 B 111ms
36ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=4&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4FFF 2 KB
1 KB 21ms
19ms Document
text/html 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8109653921265274&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 24 Apr 2022 15:08:20 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame D2E0 2 KB
1 KB 19ms
18ms Document
text/html 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.11890701017327276&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 24 Apr 2022 15:08:20 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame E55F 2 KB
1 KB 19ms
19ms Document
text/html 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2864164825171176&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 24 Apr 2022 15:08:20 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 2084 2 KB
1 KB 20ms
19ms Document
text/html 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6018254887197851&stid=ZGQABWJcLWQAAAAJHon4Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 17 Apr 2022 15:08:20 GMT
Expires: Sun, 24 Apr 2022 15:08:20 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
835 B 66ms
22ms Fetch
application/json 13.226.36.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.36.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-36-35.ewr53.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 04:38:29 GMT
content-encoding: gzip
server: restify
age: 37792
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://playster.xyz
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C2
x-amz-cf-id: Jiu9PYOIPZBhgIc27c1zJddDapq8o9LKj7Ba8_7cR0maIfR6TJ-jBg==
via: 1.1 18bf85a0313cb4e24b1d0538b9294d9c.cloudfront.net (CloudFront)

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.903.23335/a/CA/ Frame 7919 20 KB
9 KB 21ms
20ms Script
text/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

cc9a9c01d98fb85b8535015f624e5647543235631174127a092de3816382b67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8750
Expires: Sun, 24 Apr 2022 15:08:21 GMT

GET
H/1.1

200
OK

push
ws2.rqtrk.eu/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.1&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e09figb&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e09figb&ttd_tpi=1
https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548

43 B
596 B

304ms
100ms

Image
image/gif

51.75.146.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 51.75.146.160 , France, ASN16276 (OVH, FR),
Reverse DNS: de03.roqad.pl
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Server: openresty
P3P: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 17 Apr 2022 15:08:20 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 181

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame A7BD 343 B
530 B 70ms
26ms Document
text/html 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1144
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 6fd613583dbaa247-YYZ
content-encoding: gzip
content-type: text/html
date: Sun, 17 Apr 2022 15:08:21 GMT
etag: W/"6129520b-157"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 20 Apr 2022 15:08:21 GMT
last-modified: Fri, 27 Aug 2021 20:58:51 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 z.png
spl.zeotap.com/ 0
183 B 80ms
45ms Image
text/plain 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/z.png?zdid=239&ctry=CA&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=Entertainment&zcluid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&ziid=1650208100994.1
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fd613581bcb4bca-YUL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2

200

push
ws.rqtrk.eu/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.3&gdpr_consent=
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=05271e8c-610e-44e1-a68b-fe97cfda3ab2&custom=&tag_format=img&tag_action=sync&cb=1650208612&rurl=https://ws.rqtrk.eu/push?dm...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2098&uid=05271e8c-610e-44e1-a68b-fe97cfda3ab2&custom=&tag_format=img&tag_action=sync&cb=1650208612&rurl=https%3A%2F%2Fws.rqtrk.eu%2...
https://ws.rqtrk.eu/push?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&uid=00000000-0000-0000-0000-000000000000

43 B
250 B

12ms
11ms

Image
image/gif

15.235.42.102
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.rqtrk.eu/push?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&uid=00000000-0000-0000-0000-000000000000
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 15.235.42.102 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-001.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43
expires: Sun, 17 Apr 2022 15:08:20 GMT

Redirect headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Server: nginx/1.16.1
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ws.rqtrk.eu/push?dmp=e873dca0-85f0-4b95-bfab-a8d855ece660&uid=00000000-0000-0000-0000-000000000000
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 128
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.4&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.4&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBrV_raHYkgavGLEjigke0w&google_cver=1

70 B
440 B

25ms
24ms

Image
image/gif

18.214.54.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBrV_raHYkgavGLEjigke0w&google_cver=1
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-54-215.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBrV_raHYkgavGLEjigke0w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

push
ws2.rqtrk.eu/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.5&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e09figb&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e09figb&ttd_tpi=1
https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548

43 B
596 B

299ms
97ms

Image
image/gif

51.75.146.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 51.75.146.160 , France, ASN16276 (OVH, FR),
Reverse DNS: de03.roqad.pl
Software: openresty /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Server: openresty
P3P: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 17 Apr 2022 15:08:20 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ws2.rqtrk.eu/push?dmp=ttdw&uid=a214f457-5f91-43f3-a8d3-7429d0a3c548
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 181

GET
H2

200

push
ws.rqtrk.eu/
Redirect Chain

https://ws.rqtrk.eu/push?dmp=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&pid=36edc7a7-11bf-4bcb-a499-d39a83f34fd1&g=1&tr=1&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&cb=1650208100994.6&gdpr_consent=
https://ce.lijit.com/merge?pid=8093&3pid=30821410-044c-4098-8b75-d3d4a51917e2&us_privacy=&location=https://ws.rqtrk.eu/push?dmp%3D69937f41-9d0e-479c-b978-bf19bd713ee3%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=8093&3pid=30821410-044c-4098-8b75-d3d4a51917e2&us_privacy=&location=https%3A%2F%2Fws.rqtrk.eu%2Fpush&dnr=1
https://ws.rqtrk.eu/push

43 B
134 B

11ms
11ms

Image
image/gif

15.235.42.102
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.rqtrk.eu/push
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 15.235.42.102 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-001.roqad.pl
Software: istio-envoy /
Resource Hash: 21ca32f479e9a12daac548f9ba27c1b6553f96cd11b8445b5e085b8712e4ed31

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
last-modified: Thu, 10 Mar 2022 12:47:33 GMT
server: istio-envoy
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
accept-ranges: bytes
content-length: 43
rqd-status: error
expires: Sun, 17 Apr 2022 15:08:20 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ws.rqtrk.eu/push
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ewr1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1

200
OK

27519 Show response
tags.bluekai.com/site/ Frame 4F56
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1650208100994.5
https://tags.bluekai.com/site/27519?id=119080150605047&ret=html&random=1650208101

71 B
766 B

183ms
128ms

Document
text/html

173.223.56.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=119080150605047&ret=html&random=1650208101
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

BK-Server: 1500
Connection: keep-alive
Content-Length: 71
Content-Type: text/html
Date: Sun, 17 Apr 2022 15:08:21 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sun, 17 Apr 2022 15:08:21 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=119080150605047&ret=html&random=1650208101
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 400000000040080C

GET
H2

204

8072659071983735566
map.go.affec.tv/map/an/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&ts=1650208100994.2
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D625c2d65bea1e3000140a048%26chc%3Dtt%26floc%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D625c2d65bea1e3000140a048%2526chc%253Dtt%2526floc%253D%2526redirect_url%253D
https://map.go.affec.tv/map/an/8072659071983735566?ch=625c2d65bea1e3000140a048&chc=tt&floc=&redirect_url=

0
626 B

81ms
81ms

Image
text/plain

52.85.61.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/an/8072659071983735566?ch=625c2d65bea1e3000140a048&chc=tt&floc=&redirect_url=
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 52.85.61.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-44.ewr53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
via: 1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
content-encoding: gzip
x-amz-cf-id: V2t4WKYlYC_k-jWFbiYDSj3BFfYe9PyetujT2IAdZ-HH2O8LSNKMyQ==
vary: Accept-Encoding
x-cache: Miss from cloudfront

Redirect headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: b0e6223b-f3d1-4089-9f2d-4996088cb64c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://map.go.affec.tv/map/an/8072659071983735566?ch=625c2d65bea1e3000140a048&chc=tt&floc=&redirect_url=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&random=1650208100994.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&random=1650208100994.3&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cfb1d57a-bb43-4584-9c54-c3266872be74%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a214f457-5f91-43f3-a8d3-7429d0a3c548&ttd_puid=cfb1d57a-bb43-4584-9c54-c3266872be74%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
337 B

79ms
26ms

Image
text/plain

34.194.202.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 34.194.202.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-202-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1650208101
x-served-by: beacon-n002-ash-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Sun, 17 Apr 2022 15:08:21 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a009-ash-prod.krxd.net

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&random=1650208100994.4
https://idsync.rlcdn.com/405716.gif?partner_uid=2034885656543

42 B
449 B

80ms
49ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=2034885656543
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 Apr 2022 15:08:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:20 GMT
referrer-policy: unsafe-url
server: 33XP005
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=2034885656543
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.6&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&33random=1650208100994.6&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MklTWHdQeTlPYjN6YmFoeTdYUzlnbXRqM1dHeW14aWxmaU04Q1dpbEE1UWM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJy0YbCvg0MQ2LZ9f-FGjdE&google_cver=1

70 B
440 B

26ms
26ms

Image
image/gif

18.214.54.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJy0YbCvg0MQ2LZ9f-FGjdE&google_cver=1
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 18.214.54.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-54-215.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEJy0YbCvg0MQ2LZ9f-FGjdE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKSWJcLWR%2Bc467EyJSAg%3D%3D&us_privacy=&random=1650208100994.7
https://secure.adnxs.com/mapuid?t=2&member=1001&user=117634543882387&seg_code=33x&random=1650208101
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117634543882387%26seg_code%3D33x%26random%3D1650208101

43 B
1 KB

21ms
20ms

Image
image/gif

68.67.161.206
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117634543882387%26seg_code%3D33x%26random%3D1650208101

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Server

68.67.161.206 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6fe779f0-b422-4c9d-b952-f5a355438f38
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
X-Proxy-Origin: 149.56.153.189; 149.56.153.189; 798.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 51545168-a521-47ad-9a26-38c36ab79229
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D117634543882387%26seg_code%3D33x%26random%3D1650208101
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.903.23335/a/CA/ Frame 37E4 20 KB
9 KB 21ms
21ms Script
text/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

cc9a9c01d98fb85b8535015f624e5647543235631174127a092de3816382b67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8750
Expires: Sun, 24 Apr 2022 15:08:21 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.903.23335/a/CA/ Frame 3200 20 KB
9 KB 22ms
20ms Script
text/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

cc9a9c01d98fb85b8535015f624e5647543235631174127a092de3816382b67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8750
Expires: Sun, 24 Apr 2022 15:08:21 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.903.23335/a/CA/ Frame 4FA7 20 KB
9 KB 21ms
20ms Script
text/javascript 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.903.23335/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

cc9a9c01d98fb85b8535015f624e5647543235631174127a092de3816382b67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8750
Expires: Sun, 24 Apr 2022 15:08:21 GMT

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 93ms
28ms Script
application/javascript 45.55.96.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=6D001650208100DDF0088543B2D85FD1&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.55.96.63 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 13:47:03 GMT
X-T: 0.74
x-server: web14.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Sun, 17 Apr 2022 13:47:02 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
308 B 60ms
32ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7224d4c0b89603b2ef345a7f46c195d0af5e49102386702423d33898b825d2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ISR5QrE37XSFKzeO7kLvmuw8ZHCSI9gOZ4OHVukj1RbKTMolnA13H5JNtnqaJAEOkCK46UJU4NfQ0OUufPiCOcZUS9z4EH2gC1tEE9QAtvuW2l4TQ9dHQgi%2FyZCMMMGiBs1Tft9zQ%2B8ll4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b61ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2

200

tpid=6D001650208100DDF0088543B2D85FD1
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D001650208100DDF0088543B2D85FD1
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001650208100DDF0088543B2D85FD1

49 B
545 B

54ms
51ms

Image
image/gif

52.1.175.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001650208100DDF0088543B2D85FD1
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 52.1.175.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-175-157.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.11.144
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D001650208100DDF0088543B2D85FD1
cache-control: no-cache
x-server: 10.40.8.64
content-length: 0
expires: 0

GET
H/1.1

200
OK

19505
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=6D001650208100DDF0088543B2D85FD1
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=8ed6c0dabeaddd14
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
https://tags.bluekai.com/site/19505?id=y-b6ZZH8xE2pKTewvU6UEhYei6cwP7VpXaVBo-~A

62 B
421 B

93ms
92ms

Image
image/gif

173.223.56.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/19505?id=y-b6ZZH8xE2pKTewvU6UEhYei6cwP7VpXaVBo-~A
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Sun, 17 Apr 2022 15:08:21 GMT
via: http/1.1 spdc0110.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://tags.bluekai.com/site/19505?id=y-b6ZZH8xE2pKTewvU6UEhYei6cwP7VpXaVBo-~A
content-length: 0

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
305 B 68ms
41ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a2a8ebe9740332ae623702346feb6f4bcc04037dd5c9e556672a1f69d8d252a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaadRo%2FfUFkXr%2FQzPRBtLFmpd4kqccQJwfC7kxKrnoAIZqC2Eg0F7khmWNWWshWp6SDIK58cCys4jxbqyYVhsetsjgclKdKqYtLBxnXDqJmAXCpYWeYtRBZX1pdRLL7WXyb2aMz1Qj3IR6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b62ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
305 B 59ms
35ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e43dad87aa1a3ba0604fdc9b7a89d911017b574022adf33207c23cdc4327ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKzet3ngIBPFyEZv8Oy7GX0I3WDwVwKTInJvCM8HMx3lUSQle0WipJD480ZaxpWilF4eEA4Znw4jAp071ianZkfBdIIsIESPWoIkJ%2FwYVCJ3Pp%2BuSBmoz99CKW7jJm1gJbkWvtsa9MKMipo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b63ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
309 B 56ms
34ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ce5818d3471eddd0a370161ef6a792048deda4fd50256ba4ed1cb73c8c9667

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjUCD7XC1T%2FyIiBfyK0sWkLHgYs2Sdi1%2FgqRfND7WOXYLclpiS2OUs6ynzhrXfgWUi8Xy3l34Uq%2FhylleqgYhmnJVooGp5LZz%2FNjvEA5ybwJsJ5WFQkGYf2WyNAYyC0v3pUp0xU8qf%2B2aK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b75ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
308 B 59ms
38ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1e7683de98a9d5c1aa96a11488e739396b8cf84fada8a0b25aeca1ec453287

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IGpuQfte%2FjF5FEj2SP0%2FKPbme0rh2xnsG34CJf2NTsYE8k20bWWcYyeCJgCSK5FwpybaRv8xVKhIrf0h%2B4zlpUTQz6USzJFuFyhYqh%2FSqRpP8vIUoXmaoPT8vs5TlPHpxYYCD3uI67OXTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b74ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
310 B 58ms
39ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8594b20195a5bb1d84b57943088e34c9acddfa67c352164ce446cb7b47415df2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6swOLzKyL43h%2BnWhJMXV5jGORUsnBTdFajn4ixHFi4%2FS2foDfbtC4m1fPA1P5I4jpopLwKCtENB3MHS7uKvl7Dlg%2B5me7NUF6pbRUTbV4ZS3dQVOaES8jsiUfx6%2Bv90Ltxn1TcidxO%2BJyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b69ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
662 B 46ms
31ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b17e5e994eccf6a321d42410e3e147fded267f0204a6c204eec3e84f1cd66df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuD8CrdgJBXC19H8fGb4k7Ppjl7Bvn9bSGTtelmxMaSIGF81hXB%2FiPNC71eM1hDuHFGopuoSfPvMJgSE0ruW6Vq82Y05H%2Fw1ttTZpeosHDMhKuZZPEsihpG%2FS%2FXTma6KKfaWqQjXBMwSf%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b71ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 20 B
307 B 45ms
31ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bfcfb31cf096145f9e2b3984af3a6f4af31146abbd7995b3eac1e418c434d82

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLbB7jPXP73o5pQDjVELEqR9UhQQQo71WKnicyxB7CWNf5BIYTH09evVhxUUzOHLOyXEsmvsFOWWMfWTPleipuf%2Fws%2BHFFsyKfCMjAmbLXH%2FnkQrPqmht7TPdfLeCe09w5yZKPvIerOzG3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b73ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
648 B 49ms
38ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e592a2373f3ea49ed8d28758e97e418532cc2127157535fe8d8c33d387ddd478

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTZpGnuP7z0G1E89khX287blNRuwho6LJ%2BYZrbSECpn3nqm8gogEjUQQ9%2FI2XAF4D6vfHES3yg5FfuulqUljQT4%2FP%2FhyJ6TzYvhNoiRAUIixrZQR0d20aqEHzsG%2BSuQy8UGu4x8P8evXhXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b72ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
301 B 47ms
36ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be43e1982797ac7fa27ff1d73c735831673c5f3759270d8efd343ac750b8dbf4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzVPZXiSuNZX6rwt1Rm6plrrRfRKpwRm4Li6NL9SBwqsl181AfAsfK54T9jbH71uh0vvrza6gqElBaMYg5A1hEZ6zweLVI36vsReo32r122xB23s52OaWcf%2BLVEbChbnjX46NqZdELbeU8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b64ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
312 B 51ms
42ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b30472e365b5787e849fe37c44674ad4bc3901e00c1d25a4091b661319a7f072

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lyxZEnOCkPXV%2F9fkUI1GbovkLrb%2FoiLcWG0iR%2F%2BL0UxYhAPxyfoOhqWuYOQvIJJMol8snwEpLyjE66tiC%2Ft1AGgECTwkRBJCChNpUgE1j1EgQeCLhADIU%2Fg71TT%2BWz41gUebM240VFYJDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b65ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
306 B 45ms
37ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ded918ba1c8e3f3a9cd667a8ba556bd6f263ed20086454be748c1fa0b983066

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBGo1%2B4xMep72cA5M2uC1FsZ7YC%2Bl9K4%2BWuR8JRdUSdiP9wWFns9f7FPJc0nJuYc3bQUYXXbKq62lhemyGewc3lffwBAF4yVO4cPJ%2FYv6nThpxp7nWZ1Ep5hd0s19R5OqtV7LbC2K56x0TA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b76ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
311 B 46ms
40ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9aa5885857aaa029dd8b7be0131180746d7785899eb663bb22ab22bf0243970

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fwreDgX9XApSFAZgQ7jkdgk4Qp7fI%2FkpCxcpzsgknlexZuWKE1KJ%2FpsdtucmluBvH%2BGlJIGkm9MrJivgYgE8dIUGXPMjW0r%2BArqy%2BxWWZzyVTLuiIznxI3zJ851aiDN9JaptK%2FEbV4RR7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b66ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
313 B 46ms
41ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6ac5680c80db4cfcfaf5a46bcd56f311df117a996a51ef6d5b48949c6eeab9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gLpHLaZH%2F4FuvbuIGvU1O9WFCjQqBU%2FvpgqiSAkujC0KH%2FbaRoEiuhXvz%2FxtvMlXFEAbS7rSLQx5fXgXxk%2BBrupuB5MK7z3mxVdgXktD2qa6iSiGOd4IB4qjHEFiMbllClOVtkHTvJv730%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613587b68ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 20 B
306 B 37ms
33ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87d830f2daef9d3e7b99fd1561d9a441fc312c9c3f8d661b61c9e87bc44f8e40

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9J%2B5RLrOrdNkzdBwvP5bqXcoE1iiLq4zsqTrRxCGN3sgzkj4iufN8t8NtuBjxU1gUVX0mM6E4tpGEm2Xq810J%2F5b411Xm%2BRB7ka68NTTLgcgOhat66LiZtgPil%2FTpbD6rz87dtVekX%2FRlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b6eece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
313 B 38ms
35ms XHR
application/json 2606:4700:3032::ac43:dc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=6D001650208100DDF0088543B2D85FD1
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1f363c8fcd9bd047fd39650767a6d364805341f2dcdc3a3c1e9ba0547c1128

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMNQJSfpEnFOvaxygCohrMghtlXugyg%2FM8IRbDIdyoz8cdmGhCg%2B%2BiD5nHkpDt5sJ0Vs63WAxZzz%2FlFfil%2ByK0bFuk79V%2BPfZm1WJ%2BY5iqcJRBaOL2TD7Lz%2B0x1id3HJBp7UbDBV39sDQmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playster.xyz
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 6fd613588b70ece2-YUL
expires: Sun, 17 Apr 2022 17:08:21 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 6 KB
2 KB 65ms
17ms Script
text/javascript 13.225.209.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.209.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-209-127.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: syrhL4HxyQ94RzTlcl0y8HYCMGvvMWLr
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 16:31:37 GMT
server: AmazonS3
age: 102
etag: W/"5ff42869b876a4eddafd981cab0b8818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 6c54d5aad34fd574d1282c92c7b7e104.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Sun, 17 Apr 2022 15:06:40 GMT
x-amz-cf-pop: EWR50-C1
x-amz-cf-id: LpNI_jt-cAxdjHkDj-VIa2UqE81sS1j0UBulIPdjf8Jyh3_Bg802XA==

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame BE71 438 B
675 B 37ms
36ms Script
application/javascript 3.129.85.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.85.225 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-129-85-225.us-east-2.compute.amazonaws.com

Software

Resource Hash

9d9467e614a86aa4af8ceea0813fee03a9ebdbc2868db887a64518d8be0f3b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 7919
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=a214f457-5f91-43f3-a8d3-7429d0a3c548&gdpr=0&gdpr_consent=

42 B
297 B

153ms
35ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=a214f457-5f91-43f3-a8d3-7429d0a3c548&gdpr=0&gdpr_consent=

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Length: 42
Stid: ZGQABWJcLWQAAAAJHon4Aw==
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=a214f457-5f91-43f3-a8d3-7429d0a3c548&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 7919
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=588829331471b293743beeecdf686764

42 B
297 B

110ms
38ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=588829331471b293743beeecdf686764

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Length: 42
Stid: ZGQABWJcLWQAAAAJHon4Aw==
Content-Type: image/gif

Redirect headers

date: Sun, 17 Apr 2022 15:08:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=588829331471b293743beeecdf686764
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 7919
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=21lxGTyUXmsq4VmWuO2b2Q517Dp9ztjacTj_tTLgvcXw&gdpr=0&gdpr_consent=

42 B
297 B

151ms
36ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=21lxGTyUXmsq4VmWuO2b2Q517Dp9ztjacTj_tTLgvcXw&gdpr=0&gdpr_consent=

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Length: 42
Stid: ZGQABWJcLWQAAAAJHon4Aw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=21lxGTyUXmsq4VmWuO2b2Q517Dp9ztjacTj_tTLgvcXw&gdpr=0&gdpr_consent=
Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 7919
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3626574204593766423
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYyNjU3NDIwNDU5Mzc2NjQyMxAAGg0I5drwkgYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=928b97df9a2af498ae6c3b34d2e2a8d6701af6423dd12ad6a13ad5a28ae23506f4cb09cee1a4f8eb&person_id=3626574204593766423&eid=50082

43 B
139 B

57ms
56ms

Image
image/gif

34.111.234.236
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=928b97df9a2af498ae6c3b34d2e2a8d6701af6423dd12ad6a13ad5a28ae23506f4cb09cee1a4f8eb&person_id=3626574204593766423&eid=50082
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: H2
Server: 34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:20 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: clear
content-length: 43
expires: Mon, 18 Apr 2022 11:08:21 GMT

Redirect headers

date: Sun, 17 Apr 2022 15:08:21 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=928b97df9a2af498ae6c3b34d2e2a8d6701af6423dd12ad6a13ad5a28ae23506f4cb09cee1a4f8eb&person_id=3626574204593766423&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 7919
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGQABWJcLWQAAAAJHon4Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

53ms
36ms

Image
image/gif

3.13.44.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Server

3.13.44.106 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-44-106.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Length: 42
Stid: ZGQABWJcLWQAAAAJHon4Aw==
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Date: Sun, 17 Apr 2022 15:08:21 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 37E4 0
289 B 20ms
19ms Image
text/plain 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQABWJcLWQAAAAJHon4Aw%253D%253D&tt=t.dhj&dhjLcy=1650208100950&lbl=pxcel&flbl=pxcel&ll=d&ver=1.903.23335&ell=d&cck=__stid&dmn=playster.xyz&pn=%2Frc&qs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&rdn=playster.xyz&rpn=%2Frc&rqs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&cc=CA&cont=NA&evid=XOVE4AYAPYrojqL70WjM&urls=&rnd=1650208101274&cid=c010&version=1.903.23335&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=120

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Expires: Sun, 17 Apr 2022 15:08:21 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame A7BD 23 KB
8 KB 73ms
20ms Script
text/javascript 13.225.223.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-117.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 16 Apr 2022 15:58:50 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 20:35:46 GMT
server: AmazonS3
age: 83372
etag: W/"01cacbace375528e9789d3b3ed3804c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: JFK51-C1
x-amz-cf-id: E5gND4UDflsGW8RaGEcXnWOYBCNvfyBCJo2CpCuOVnqlrPmlzDyDww==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3200 0
289 B 20ms
19ms Image
text/plain 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQABWJcLWQAAAAJHon4Aw%253D%253D&tt=t.dhj&dhjLcy=1650208100956&lbl=pxcel&flbl=pxcel&ll=d&ver=1.903.23335&ell=d&cck=__stid&dmn=playster.xyz&pn=%2Frc&qs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&rdn=playster.xyz&rpn=%2Frc&rqs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&cc=CA&cont=NA&evid=uOVE4AYA7Z5X6sRVySpT&urls=&rnd=1650208101296&cid=c010&version=1.903.23335&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=154

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Expires: Sun, 17 Apr 2022 15:08:21 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 4FA7 0
289 B 20ms
19ms Image
text/plain 23.217.18.225
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQABWJcLWQAAAAJHon4Aw%253D%253D&tt=t.dhj&dhjLcy=1650208100961&lbl=pxcel&flbl=pxcel&ll=d&ver=1.903.23335&ell=d&cck=__stid&dmn=playster.xyz&pn=%2Frc&qs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&rdn=playster.xyz&rpn=%2Frc&rqs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&cc=CA&cont=NA&evid=0OVE4AYA2pgozQeezmpj&urls=&rnd=1650208101302&cid=c010&version=1.903.23335&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=148

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.217.18.225 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-217-18-225.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.903.23335&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Expires: Sun, 17 Apr 2022 15:08:21 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ Frame BE71 51 KB
16 KB 68ms
21ms Script
application/javascript 23.5.229.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.5.229.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-5-229-102.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Sun, 17 Apr 2022 15:08:21 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Sun, 24 Apr 2022 15:08:21 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame A7BD 227 B
606 B 39ms
36ms XHR
application/json 52.1.175.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.175.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-175-157.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 69b84cf4994fdd9d5e8bf23944aaed0248c149f48ce589a0da783a08d6aede11

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.7.46
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 227
expires: 0

GET
H/1.1

200
OK

2981 Show response
tags.bluekai.com/site/ Frame 9F62
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGQABWJcLWQAAAAJHon4Aw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.903.23335%26cid%3Dc010%26cl...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=a214f457-5f91-43f3-a8d3-7429d0a3c548&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=eDc1dG0yb1E5OWU5SmtoaQ%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJeqReU2HXAR0AA0lPvwCmQ&google_cver=1

62 B
550 B

189ms
189ms

Document
image/gif

173.223.56.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJeqReU2HXAR0AA0lPvwCmQ&google_cver=1
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-56-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

BK-Server: 650e
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 62
Content-Type: image/gif
Date: Sun, 17 Apr 2022 15:08:21 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 15:08:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJeqReU2HXAR0AA0lPvwCmQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ 41 B
460 B 62ms
18ms Fetch
application/json 63.251.114.137
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: edef54cf169c11ed5b0ce5ee630aeb6873be823806bcf66ba882b56392b967ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://playster.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ 41 B
460 B 61ms
19ms Fetch
application/json 63.251.114.137
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: edef54cf169c11ed5b0ce5ee630aeb6873be823806bcf66ba882b56392b967ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://playster.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ 41 B
460 B 64ms
22ms Fetch
application/json 63.251.114.137
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.114.137 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: edef54cf169c11ed5b0ce5ee630aeb6873be823806bcf66ba882b56392b967ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://playster.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=42729
https://ce.lijit.com/merge?pid=2&3pid=471DC666C0464988A83D83300782040C

43 B
1 KB

25ms
19ms

Image
image/gif

63.251.114.182
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=471DC666C0464988A83D83300782040C
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 17 Apr 2022 15:08:21 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=471DC666C0464988A83D83300782040C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 16 Apr 2022 15:08:21 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc&_li_chk=true&previous_uuid=bcdbb10570fc4fddb82e5333cc5a2c67
https://x.bidswitch.net/sync?dsp_id=42&user_id=
https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=

43 B
510 B

37ms
36ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=42&user_id=
Date: Sun, 17 Apr 2022 15:08:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc&_li_chk=true&previous_uuid=38f3e6fba3fe451c8530bc62ffc944d0
https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc

43 B
419 B

76ms
24ms

Image
image/gif

2600:1f18:444a:4602:f850:4eec:7dd:fbc1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc

Requested by

Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 17 Apr 2022 15:08:21 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&bidder_uuid=e9a54c0fa923620b806f0ffc
Date: Sun, 17 Apr 2022 15:08:21 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=e9a54c0fa923620b806f0ffc&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=e9a54c0fa923620b806f0ffc&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra...
https://ce.lijit.com/merge?pid=5014&3pid=4484e65646bc7736c378ae55e832bcde

43 B
1 KB

20ms
19ms

Image
image/gif

63.251.114.182
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5014&3pid=4484e65646bc7736c378ae55e832bcde
Requested by: Host: playster.xyz
URL: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Protocol: HTTP/1.1
Server: 63.251.114.182 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://playster.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Apr 2022 15:08:21 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 17 Apr 2022 15:08:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP='NON DSP COR CONi OUR BUS CNT'
location: https://ce.lijit.com/merge?pid=5014&3pid=4484e65646bc7736c378ae55e832bcde
cf-ray: 6fd6135b684ca1f9-YYZ
content-length: 0

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 12C5 0
0 106ms
51ms Document
text/plain 18.67.76.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65439
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.76.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-76-103.iad89.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://playster.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

date: Sun, 17 Apr 2022 15:08:21 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 ec18462cf9d88c8bdb0cd5e50dbe442a.cloudfront.net (CloudFront)
x-amz-cf-id: zRGnK9QE8k_lrlPp23WWxC5Wotyn6-ZxNac3ahseS0SyfcwvC1sQ2w==
x-amz-cf-pop: IAD89-P2
x-cache: Miss from cloudfront

POST
H/1.1 200
OK /
t.dtscout.com/pv/ 0
262 B 304ms
103ms Ping
application/javascript 51.89.24.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fplayster.xyz%2Frc%3Fsub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip70.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://playster.xyz/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0J4tiRASUI61fiKT

Response headers

Date: Sun, 17 Apr 2022 15:08:22 GMT
X-T: 0.102
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Sun, 17 Apr 2022 15:08:21 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 108ms
35ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://playster.xyz/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 17 Apr 2022 15:08:22 GMT
content-length: 0
vary: Origin

GET
H2

200

next.php
directdexchange.com/jump/
Redirect Chain

https://www.yhs25.com/scripts/un981c6l?a_aid=0c284681&a_bid=bd085dfb&chan=tolek
https://je8fn.com/g?visitorid=488ac8a81818fa4f51a217e7d52rr4QI&refid=0c284681&bannerid=bd085dfb&extra_data1=&extra_data2=
https://c.muvkyd.com/click?pid=6&offer_id=370&ref_id=488ac8a81818fa4f51a217e7d52rr4QI_0c284681_bd085dfb&sub1=0c284681&sub8=
https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58

7 KB
3 KB

73ms
47ms

Document
text/html

35.201.70.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.70.46 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 46.70.201.35.bc.googleusercontent.com
Software: openresty /
Resource Hash

Request headers

Referer: https://playster.xyz/rc?sub_id=?sound-of-freedom-eng-subtitle-full-movie
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: clear
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 17 Apr 2022 15:08:22 GMT
server: openresty
via: 1.1 google

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fd613605c9a7145-YUL
content-length: 0
date: Sun, 17 Apr 2022 15:08:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoxHrwNalLLbjA%2F1d7P9FGXPwkBXw%2Fmum4D5xE9Bt33Hdp%2FWdcOC0ukK4j8mDaJho6qCJ9N0TJ2zIbizCzcpsAQ4BNT4zFuEeTwpVv5B4R7UckOiNR0M0igLFA8f15sgIpGaGJEUnd%2FFtQk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST a.gif
t.sharethis.com/d/ Frame 7919 0
0

GET
H2

200

Primary Request / Show response
www.gxpowered.com/ef/
Redirect Chain

https://directdexchange.com/jump/next.php?stamat=m%257CN2Yid7dhaQdHkAH0dEdHP3xP.cc8%252CS0kXXHXf2ck-DOZ9HRvwuPJlkOmuSB08E0WxdyeWuFCoiw4fF4nf1_lcB0pm8V9VZ1wEbEP8KZC8USqQnuJlhyix1PeWhO2TdZtH016kV2mHr...
https://directdexchange.com/script/i.php?stamat=m%257C%252C%252CQ2FSoiFuoGU3BP-GH0dEdHP3xP.56b%252C0nX99XLFmzSzR3JuuZJP1tpHrjsb5RScGJJE69_y7IG-CVZ0os5CJiJw1kvlAHBxhQv9KeyRRyMQHQlq5LQSZUO8xkmTrz32tQ...
https://harvest.gotrackier.com/click?campaign_id=3670&pub_id=72&p1=16502081022503514557199122023346942&source=3052727-3411082179-0&p2=3052727
https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51

34 KB
9 KB

77ms
18ms

Document
text/html

143.204.146.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Requested by: Host: directdexchange.com
URL: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-107.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f311fb6cd660d371c1f380c71e5ad341ee467ecef5f563d51629f3ee41dd4edc

Request headers

Referer: https://directdexchange.com/jump/next.php?r=3052727&sub1=pcpa1-60c284681-370-5e99c95d8fd9b7b4b7254a58
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 67385
content-encoding: gzip
content-type: text/html
date: Sat, 16 Apr 2022 20:25:23 GMT
etag: W/"c1a229519b4038e2a3e01d0b5dfd7870"
last-modified: Wed, 23 Mar 2022 18:56:12 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
x-amz-cf-id: VOdPBx3hRD0hR3Iw7wUztaAgZumI7rhXhuVrExFSPC-8fT6zde9NGQ==
x-amz-cf-pop: EWR52-C2
x-cache: Hit from cloudfront

Redirect headers

alt-svc: clear
content-length: 0
date: Sun, 17 Apr 2022 15:08:22 GMT
location: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
referer
referrer-policy: no-referrer
server: nginx
via: 1.1 google
x-rt: 0

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1016 B 85ms
36ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap

Requested by

Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4c7d24c14014861572f6cba513a8edffde8385d3bfefebdc32d1939332711fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Apr 2022 13:18:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 17 Apr 2022 15:08:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Apr 2022 15:08:23 GMT

GET
H2 200 3809.png
www.gxpowered.com/ef/assets/ 7 KB
7 KB 18ms
17ms Image
image/png 143.204.146.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gxpowered.com/ef/assets/3809.png
Requested by: Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-107.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a9a18c629393d37153b6e200a557b36ab68bb6bb5068061f4d2a752733e720c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 19:23:53 GMT
via: 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2022 14:50:52 GMT
server: AmazonS3
age: 71076
etag: "21f7ce215aae34f2e02075c53073aad6"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-length: 7265
x-amz-cf-id: 4G6ciNVZxr-xRAlzkR5XSqjlR3J7DQE6QAI9J-Et99xnWfXpGddKQw==

GET
H2 200 xm1k.png
www.gxpowered.com/ef/assets/ 119 KB
120 KB 19ms
19ms Image
image/png 143.204.146.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gxpowered.com/ef/assets/xm1k.png
Requested by: Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-107.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5e800a0f0f0b3b5ee1e6be0d7dceef5b7c2f88a33345e310afea6aa846fd01e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:23:35 GMT
via: 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2022 14:50:52 GMT
server: AmazonS3
age: 67488
etag: "fb296fd6be55555670e23ef9e4d3176a"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-length: 121947
x-amz-cf-id: 8aEP9nxm_6QLqCYj53PkSbYVcGWzJJa94kMgsCEUOBb7jc0POxxolQ==

GET
H2 200 brazil.png
www.gxpowered.com/ef/assets/ 157 KB
158 KB 18ms
18ms Image
image/png 143.204.146.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gxpowered.com/ef/assets/brazil.png
Requested by: Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-107.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 707a37320e6f6123c37faeb10a457b84524a350556414863f59f4266a44a0eb2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 20:51:33 GMT
via: 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2022 14:50:49 GMT
server: AmazonS3
age: 65814
etag: "7159e04db522cc24e82254743f459124"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-length: 161255
x-amz-cf-id: JP5oj04xh-IaUfQ_OCTPF8UrTsJINS8B77ZsFv6OlI4YrfUD03EBQA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
51 KB 86ms
38ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP

Requested by

Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d41e072355372c3b62aba8799181c25d77513644268e7b0eed08ee23fc99ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51959
x-xss-protection: 0
expires: Sun, 17 Apr 2022 15:08:23 GMT

GET
H2 200 xwk9.png
www.gxpowered.com/ef/assets/ 319 KB
320 KB 20ms
15ms Image
image/png 143.204.146.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gxpowered.com/ef/assets/xwk9.png
Requested by: Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.146.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-146-107.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8065cf86dfb65f5edf4a56a0dabb581f5248216922d4e4a198f2358279721565

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 21:30:07 GMT
via: 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
last-modified: Tue, 22 Mar 2022 14:50:52 GMT
server: AmazonS3
age: 63506
etag: "98bad9c0e22d83f92c81af7450e962a3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: EWR52-C2
accept-ranges: bytes
content-length: 326592
x-amz-cf-id: 4gAqANw1rhXNgvdKxZnsKKH9G2uEI2JvzT1WrGGqqlMWbrjDH2wIHA==

GET
H2 200 cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v8/ 9 KB
10 KB 65ms
19ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v8/cIflMapbsEk7TDLdtEz1BwkeQI51R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gxpowered.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 00:13:55 GMT
x-content-type-options: nosniff
age: 312868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9156
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Apr 2023 00:13:55 GMT

GET
H2 200 cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2
fonts.gstatic.com/s/chakrapetch/v8/ 9 KB
9 KB 68ms
22ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v8/cIflMapbsEk7TDLdtEz1BwkeNIh1R5_F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@300;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gxpowered.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 00:13:55 GMT
x-content-type-options: nosniff
age: 312868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9104
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Apr 2023 00:13:55 GMT

GET
H2 200 Uv-jwjKxZsk Show response
www.youtube.com/embed/ Frame 9645 61 KB
26 KB 128ms
69ms Document
text/html 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0

Requested by

Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

04082129334e54ad301cca90954443059b0cf589d0965f330a97bfa99b578e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gxpowered.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 17 Apr 2022 15:08:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3... Show response
11442918.fls.doubleclick.net/ Frame 1977
Redirect Chain

https://11442918.fls.doubleclick.net/activityi;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ft...
https://11442918.fls.doubleclick.net/activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%...

519 B
450 B

83ms
56ms

Document
text/html

142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11442918.fls.doubleclick.net/activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

de3460d37bed81741cdf2364ed2dff3e5f4ab800eaaff7ba86bcd5e295abd8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 427
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 15:08:23 GMT
expires: Sun, 17 Apr 2022 15:08:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 15:08:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11442918.fls.doubleclick.net/activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 71ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W22TDPP

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9EF30ED2C06E4CA89402CD0B08A53D88 Ref B: YTO01EDGE0506 Ref C: 2022-04-17T15:08:23Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Sun, 17 Apr 2022 15:08:22 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 www-player.css
www.youtube.com/s/player/fae06c11/ Frame 9645 346 KB
46 KB 49ms
20ms Stylesheet
text/css 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fae06c11/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58673cd08a66c704c471054d9eafe0f32288dfd8baa0f3b0ca968aed77b0f016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47446
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 00:15:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Apr 2023 15:45:12 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9645 15 KB
15 KB 46ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 428912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Apr 2023 15:59:51 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/fae06c11/www-embed-player.vflset/ Frame 9645 278 KB
86 KB 40ms
20ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d725677bd5195e0d548c51683dc017e117c4c396f6cecd329c079d80a8734d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87880
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 00:15:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Apr 2023 15:47:36 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/ Frame 9645 2 MB
523 KB 62ms
42ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccd1c299d5b88a6759e53d057340bd39f5bf43ec17f2f7f67f02860353f46ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:45:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535949
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 00:15:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Apr 2023 15:45:10 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/fae06c11/fetch-polyfill.vflset/ Frame 9645 9 KB
3 KB 69ms
50ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fae06c11/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:47:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 00:15:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Apr 2023 15:47:36 GMT

GET
H2 200 11002730.js Show response
bat.bing.com/p/action/ 844 B
842 B 74ms
72ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/11002730.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3990ea13c8c6b408221ec703da36c5952d4a633889329fa75d3194767faa8dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77394BB037524D3D9EAE08C1751A71E8 Ref B: YTO01EDGE0506 Ref C: 2022-04-17T15:08:23Z
date: Sun, 17 Apr 2022 15:08:22 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 665

GET
H2 204 0
bat.bing.com/action/ 0
177 B 33ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11002730&tm=gtm002&Ver=2&mid=c8747837-02f0-4e7d-af1f-7f82d589c835&sid=39bb40c0be6011ecaf998fade6750d97&vid=39bbafc0be6011ec85e6479844594382&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Opera%20GX&p=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51&r=&lt=620&evt=pageLoad&msclkid=N&sv=1&rn=682797

Requested by

Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE37116D5A5D491EA09DDC446466D7AE Ref B: YTO01EDGE0506 Ref C: 2022-04-17T15:08:23Z
date: Sun, 17 Apr 2022 15:08:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 142ms
32ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/11002730.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:23 GMT
content-encoding: br
etag: "1d84ac37b962954"
last-modified: Thu, 07 Apr 2022 21:07:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 9645 113 B
723 B 81ms
33ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32bc87c0cf5f26e5ebb7de8ef6b41a25371d5842c724bda710ffb89575a603aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 9645 29 B
587 B 74ms
19ms Script
text/javascript 2607:f8b0:4006:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:07:35 GMT
x-content-type-options: nosniff
age: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Apr 2022 15:22:35 GMT

GET
H2 200 dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=*;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5j...
adservice.google.com/ddm/fls/z/ Frame 1977 42 B
494 B 139ms
82ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=*;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51

Requested by

Host: 11442918.fls.doubleclick.net
URL: https://11442918.fls.doubleclick.net/activityi;dc_pre=CJCTy56wm_cCFYInDAod3GIKwg;src=11442918;type=pageview;cat=opera0;ord=1;num=3543492623541;gtm=2wg4d0;auiddc=881223002.1650208104;~oref=https%3A%2F%2Fwww.gxpowered.com%2Fef%2F%3Ftl%3DIGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv%26sub1%3D72_0%26sub2%3D625c2d67755bff0342d20d51?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://11442918.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 100ms
34ms Preflight
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 17 Apr 2022 15:08:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9645 45 KB
22 KB 73ms
43ms XHR
application/json+protobuf 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67e21480ec535cba1c26da815b0cc4c37b15bf7620ffb7606afb3e3253c78056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Apr 2022 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22198
x-xss-protection: 0

GET
H2 200 4oMByJh1q-5iQTeULa1T5dHvkxHqEtzS8fNkzvg1raE.js Show response
www.google.com/js/th/ Frame 9645 35 KB
14 KB 70ms
21ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/4oMByJh1q-5iQTeULa1T5dHvkxHqEtzS8fNkzvg1raE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e28301c89875abee624137942dad53e5d1ef9311ea12dcd2f1f364cef835ada1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 00:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13598
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 00:19:53 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/ Frame 9645 27 KB
8 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7d45c894b955e64b314fbadf4da2538efea10e9fabc40265647d2b34118ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 256799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8099
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 00:15:26 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Apr 2023 15:48:24 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 9645 0
9 B 23ms
19ms Image
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?SAh0zA
Requested by: Host: www.gxpowered.com
URL: https://www.gxpowered.com/ef/?tl=IGh0dHBzOi8vd3d3Lm9zdGxvbi5jb20vY21wL1MxQjhRMS9QNUhQSEIv&sub1=72_0&sub2=625c2d67755bff0342d20d51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:08:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 collect Show response
j.clarity.ms/ 0
72 B 33ms
30ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.gxpowered.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: https://www.gxpowered.com
date: Sun, 17 Apr 2022 15:08:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=03C873E189014625A1CFEF3E5AEA1422&RedC=c.clarity.ms&MXFR=324E192D091A69012DE708A40D1A67C6
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03C873E189014625A1CFEF3E5AEA1422&MUID=16DF21E825316703119F3061249B6648

42 B
442 B

31ms
31ms

Image
image/gif

20.36.253.92
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03C873E189014625A1CFEF3E5AEA1422&MUID=16DF21E825316703119F3061249B6648
Protocol: H2
Server: 20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gxpowered.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:23 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 17 Apr 2022 15:08:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5BEF42107BDE48FE99F02578BDBDDBD4 Ref B: YTO01EDGE0506 Ref C: 2022-04-17T15:08:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=03C873E189014625A1CFEF3E5AEA1422&MUID=16DF21E825316703119F3061249B6648
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9645 98 B
142 B 38ms
38ms XHR
application/json+protobuf 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57fd6687fc6eefef9989f97ce3482fd065bc584c5a9ef1eb8df237e1fbf8e904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 17 Apr 2022 15:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 33ms
32ms Preflight
text/html 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 17 Apr 2022 15:08:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 9645 28 B
50 B 40ms
39ms XHR
application/json 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fae06c11/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Uv-jwjKxZsk?controls=0
X-YouTube-Client-Version: 1.20220413.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgtrd1Bva2dnRkRYZyjn2vCSBg%3D%3D
X-YouTube-Ad-Signals: dt=1650208103702&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKp1Yv8nK-AY4e_CzRyPTgslgkrPc4OOJF_M_x3Xl9P5Fftse4QbEVmGrjKQK65WCjB6D-ZXkz-cVKdm9DKB8GvFTgnxaA

Response headers

date: Sun, 17 Apr 2022 15:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.sharethis.com
URL: https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQABWJcLWQAAAAJHon4Aw%253D%253D&tt=t.dhj&dhjLcy=1650208100945&lbl=pxcel&flbl=pxcel&ll=d&ver=1.903.23335&ell=d&cck=__stid&dmn=playster.xyz&pn=%2Frc&qs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&rdn=playster.xyz&rpn=%2Frc&rqs=sub_id%3D%3Fsound-of-freedom-eng-subtitle-full-movie&cc=CA&cont=NA&evid=TNVE4AYAsFvt_v44WDIP&urls=!1!256!b-13j,!1!296!b-13h,!1!258!b-14s,!1!0!b-14t,!1!287!b-150,!1!266!b-16f&rnd=1650208102798&cid=c010&version=1.903.23335&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=118&bcnLcy=29&sndBcn=1

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 03:06:40	Name: _li_ss Value: MgkI_____wcQiRI
playster.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2d9353c9bc66f5b0d9dde6f113425e22
playster.xyz/	1970-01-20 11:09:04	Name: HstCfa4621117 Value: 1650208100591
playster.xyz/	1970-01-20 11:09:04	Name: HstCmu4621117 Value: 1650208100591
playster.xyz/	1970-01-20 11:09:04	Name: HstCnv4621117 Value: 1
playster.xyz/	1970-01-20 11:09:04	Name: HstCns4621117 Value: 1
playster.xyz/	1970-01-20 11:09:04	Name: HstCla4621117 Value: 1650208100598
playster.xyz/	1970-01-20 11:09:04	Name: HstPn4621117 Value: 2
playster.xyz/	1970-01-20 11:09:04	Name: HstPt4621117 Value: 2
.dtscout.com/	1970-01-20 02:23:33	Name: m Value: 1
.dtscout.com/	1970-01-20 02:23:31	Name: st Value: 1
.dtscout.com/	1970-01-20 02:23:42	Name: oa Value: 1
.dtscout.com/	1970-01-20 04:47:28	Name: df Value: 1650208100
.dtscout.com/	1970-01-20 04:31:37	Name: l Value: 6D001650208100DDF0088543B2D85FD1
.sharethis.com/	1970-01-20 11:09:04	Name: __stid Value: ZGQABWJcLWQAAAAJHon4Aw==
.sharethis.com/	1970-01-20 11:09:04	Name: __stidv Value: 2
.tynt.com/	1970-01-20 11:09:04	Name: uid Value: CoIKSWJcLWR+c467EyJSAg==
.tynt.com/	1970-01-20 04:33:04	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%2C%7B%22p%22%3A%222a1349c163%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1650208100994%7D%5D
.playster.xyz/	1970-01-20 04:28:44	Name: __dtsu Value: 6D001650208100DDF0088543B2D85FD1
.tapad.com/	1970-01-20 03:49:52	Name: TapAd_TS Value: 1650208101153
.tapad.com/	1970-01-20 03:49:52	Name: TapAd_DID Value: cfb1d57a-bb43-4584-9c54-c3266872be74
.eyeota.net/	1970-01-20 11:09:04	Name: mako_uid Value: 18038115353-4fb70000010a5d4a
.eyeota.net/	1970-01-20 02:23:28	Name: SERVERID Value: 23882~DM
.lijit.com/	1970-01-20 11:09:04	Name: ljt_reader Value: e9a54c0fa923620b806f0ffc
.go.affec.tv/	1970-01-20 11:09:04	Name: ck Value: 625c2d65bea1e3000140a047
.go.affec.tv/	1970-01-20 11:09:04	Name: oo Value: 1
.adsrvr.org/	1970-01-20 11:09:04	Name: TDID Value: a214f457-5f91-43f3-a8d3-7429d0a3c548
.33across.com/	1970-01-20 11:09:04	Name: 33x_ps Value: u%3D117634543882387%3As1%3D1650208101272%3Ats%3D1650208101272
.lijit.com/	1970-01-20 11:09:04	Name: _ljtrtb_8093 Value: 30821410-044c-4098-8b75-d3d4a51917e2
.t.sharethis.com/	1970-01-20 02:43:37	Name: pxcelPage_default_c010_C Value: 4_0_1650208101235
.ml314.com/	1970-01-20 11:09:04	Name: pi Value: 3626574204593766423
.exelator.com/	1970-01-20 05:16:16	Name: EE Value: "588829331471b293743beeecdf686764"
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 29
.crwdcntrl.net/	1970-01-20 08:52:15	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 08:52:15	Name: _cc_id Value: 7b27ef8df5e8bb617d346c88f3a782b6
.exelator.com/	1970-01-20 05:16:16	Name: ud Value: "eJxrXxzq6XKLQcHUwsLCyNLY2NDE3DAJyDA3MU5KTU1NTkkzszAzNzNZXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi02NDBYkl%252BUmb7I2XFxUUoaw6KS4lPBB2Q4AV%252B2KMo%253D"
.tapad.com/	1970-01-20 03:49:52	Name: TapAd_3WAY_SYNCS Value: 1!2583
.adnxs.com/	1970-01-20 04:33:04	Name: uuid2 Value: 8072659071983735566
.rlcdn.com/	1970-01-20 11:09:04	Name: rlas3 Value: umaJ2JFOPYVButhwlJnY9uBgfYOIOaM/PQ8tt8WEQZQ=
.mediawallahscript.com/	1970-01-20 19:54:40	Name: mCookie Value: 386195a0-be60-11ec-a8ee-5bc28fea3589
.mediawallahscript.com/	1970-01-20 19:54:40	Name: mUserCookie Value: %7B%7D
.bluekai.com/	1970-01-20 06:42:40	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 06:42:40	Name: bku Value: 4tL99sD+Usn74cRf
.rqtrk.eu/	1970-01-20 11:09:04	Name: browser_id Value: 05271e8c-610e-44e1-a68b-fe97cfda3ab2
.rqtrk.eu/	1970-01-20 02:24:54	Name: rc Value: 7:
.adnxs.com/	1970-01-20 04:33:04	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E>:qgkTb!]tbP6j2F-XstGt!@Dc8$lwaU
.dtscdn.com/	1970-01-20 06:41:13	Name: uid Value: 6D001650208100DDF0088543B2D85FD1
.rlcdn.com/	1970-01-20 03:49:52	Name: pxrc Value: COXa8JIGEgUI6AcQABIFCNtOEAA=
.doubleclick.net/	1970-01-20 19:54:40	Name: IDE Value: AHWqTUnKu-V-Tuq5QLLNLWDa4BbcUoIFF_UtvS3iJWEZrgOFmxCJRVHN8DdGNlJpmws
.go.affec.tv/	1970-01-20 11:09:04	Name: pt Value: eyJhbiI6eyJkdCI6MTY1MDIwODEwMSwiaWQiOiI4MDcyNjU5MDcxOTgzNzM1NTY2IiwibHMiOjE2NTAyMDgxMDF9LCJ0dCI6eyJkdCI6MTY1MDIwODEwMSwiaWQiOiJDb0lLU1dKY0xXUitjNDY3RXlKU0FnPT0iLCJscyI6MTY1MDIwODEwMX0sInYiOjB9\|1650208101\|fd3d2efd5973de9ab4d54cf61a9073898992acf4
.krxd.net/	1970-01-20 06:42:40	Name: _kuid_ Value: OyLWSs5A
.adsrvr.org/	1970-01-20 11:09:04	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjGqrnNxKPQOhAFEhYKB2JsdWVrYWkSCwjA4InQxKPQOhAFGAEgAigCMgsIxqK8-tqj0DoQBTgBWgV0YXBhZGAC
.adsymptotic.com/	1970-01-20 04:33:04	Name: U Value: 4484e65646bc7736c378ae55e832bcde
.onaudience.com/	1970-01-20 11:09:04	Name: cookie Value: 4f57f719c5208768
.onaudience.com/	1970-01-20 02:24:54	Name: done_redirects109 Value: 1
.intentiq.com/	1970-01-20 19:54:40	Name: IQver Value: 1.9
.simpli.fi/	1970-01-20 11:10:30	Name: suid Value: 471DC666C0464988A83D83300782040C
.liadm.com/	1970-01-20 19:54:40	Name: lidid Value: 38f3e6fb-a3fe-451c-8530-bc62ffc944d0
.lijit.com/	1970-01-20 11:09:04	Name: ljtrtb Value: eJwFwckNACAIBMBe%2BJMsskawG68qjL07cyWQLl0cUYwGBbmUyNCYrer2zVEtrZ0i7wP3AQra
.lijit.com/	1970-01-20 11:09:04	Name: _ljtrtb_5014 Value: 4484e65646bc7736c378ae55e832bcde
.lijit.com/	1970-01-20 11:09:04	Name: _ljtrtb_2 Value: 471DC666C0464988A83D83300782040C
.bidswitch.net/	1970-01-20 11:09:04	Name: tuuid Value: 2e80948a-6a1c-45f4-8988-58dd77363498
.bidswitch.net/	1970-01-20 11:09:04	Name: c Value: 1650208101
.bidswitch.net/	1970-01-20 11:09:04	Name: tuuid_lu Value: 1650208101
.yahoo.com/	1970-01-20 11:09:25	Name: A3 Value: d=AQABBGUtXGICEDyFV1POLxqg3IQ2CPXDGTMFEgEBAQF-XWJmYgAAAAAA_eMAAA&S=AQAAAksVLu92Is6rvt4d1Xfcp3U
www.yhs25.com/	1970-01-20 11:09:04	Name: PAPVisitorId Value: 488ac8a81818fa4f51a217e7d52rr4QI
harvest.gotrackier.com/	1970-01-20 02:33:32	Name: sess_623e229b85a48333e76c2fa9 Value: 620c0e5e5c53171a633041b4
.gxpowered.com/	1970-01-20 04:33:04	Name: _gcl_au Value: 1.1.881223002.1650208104
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 4bVbOEWgpws
.youtube.com/	1970-01-20 06:42:40	Name: VISITOR_INFO1_LIVE Value: kwPokggFDXg
.bing.com/	1970-01-20 11:45:04	Name: MUID Value: 16DF21E825316703119F3061249B6648
.bat.bing.com/	1970-01-20 02:33:32	Name: MR Value: 0
.gxpowered.com/	1970-01-20 02:24:54	Name: _uetsid Value: 39bb40c0be6011ecaf998fade6750d97
.gxpowered.com/	1970-01-20 11:45:04	Name: _uetvid Value: 39bbafc0be6011ec85e6479844594382
.gxpowered.com/	1970-01-20 11:09:04	Name: _clck Value: w4sslz\|1\|f0p\|0
.gxpowered.com/	1970-01-20 02:24:54	Name: _clsk Value: 12r6ztk\|1650208104073\|1\|0\|j.clarity.ms/collect
.c.bing.com/	1970-01-20 02:33:32	Name: MR Value: 0
.c.bing.com/	1970-01-20 11:45:04	Name: SRM_B Value: 16DF21E825316703119F3061249B6648
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 11:45:04	Name: MUID Value: 16DF21E825316703119F3061249B6648
.c.clarity.ms/	1970-01-20 02:33:32	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 02:23:28	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442918.fls.doubleclick.net
a.dtssrv.com
adservice.google.com
ap.lijit.com
api.intentiq.com
bat.bing.com
bcp.crwdcntrl.net
beacon.krxd.net
c.bing.com
c.clarity.ms
c.muvkyd.com
cdn-tc.33across.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect-metrics-collector.s-onetag.com
data-beacons.s-onetag.com
de.tynt.com
directdexchange.com
dp1.33across.com
dp2.33across.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
harvest.gotrackier.com
i.liadm.com
i6.liadm.com
ic.tynt.com
idsync.rlcdn.com
j.clarity.ms
je8fn.com
jnn-pa.googleapis.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
maxcdn.bootstrapcdn.com
ml314.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
p.adsymptotic.com
partner.mediawallahscript.com
pd.sharethis.com
pixel.onaudience.com
pixel.tapad.com
playster.xyz
ps.eyeota.net
s10.histats.com
s4.histats.com
secure.adnxs.com
spl.zeotap.com
stags.bluekai.com
static.doubleclick.net
sync.sharethis.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
um.simpli.fi
usermatch.krxd.net
ws.rqtrk.eu
ws2.rqtrk.eu
www.google.com
www.googletagmanager.com
www.gxpowered.com
www.yhs25.com
www.youtube.com
x.bidswitch.net
t.sharethis.com
104.18.35.34
104.18.99.194
107.178.246.49
107.21.144.67
13.225.209.127
13.225.223.117
13.226.36.35
141.94.170.77
142.250.80.38
142.251.40.226
143.204.146.107
15.235.42.102
158.69.139.226
172.64.151.83
173.223.56.123
18.214.54.215
18.67.76.103
192.99.0.58
20.36.253.92
20.85.30.134
23.217.18.225
23.5.229.102
2600:1f18:444a:4602:f850:4eec:7dd:fbc1
2606:4700:10::ac43:db6
2606:4700:3030::6815:279d
2606:4700:3032::ac43:dc33
2606:4700:3033::6815:5dd8
2606:4700:3036::6815:34ef
2606:4700:3036::ac43:bdd4
2606:4700::6812:acf
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2006
2607:f8b0:4006:81c::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2008
2607:f8b0:4006:824::2003
2620:1ec:c11::200
3.129.85.225
3.13.44.106
34.111.234.236
34.194.202.217
34.229.3.43
35.190.60.146
35.201.70.46
35.211.178.172
35.241.7.124
35.71.131.137
44.196.45.105
45.55.96.63
46.105.201.240
51.75.146.160
51.89.24.70
52.1.175.157
52.85.61.44
54.89.141.202
63.251.114.137
63.251.114.182
67.202.105.22
67.202.105.33
67.202.105.34
68.67.161.206
75.126.248.142
76.13.32.147
99.83.181.31
99.84.118.123
99.84.118.126
04082129334e54ad301cca90954443059b0cf589d0965f330a97bfa99b578e9b
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
125c8e19f883a89dfdad41d040ce3e9f722f81e7d1af06402d83cfc4854ab07f
199a51d89164e3eb82327dbaa09c04af55014ec305fc9fd7c62951e8b1d4ec21
1b17e5e994eccf6a321d42410e3e147fded267f0204a6c204eec3e84f1cd66df
21ca32f479e9a12daac548f9ba27c1b6553f96cd11b8445b5e085b8712e4ed31
22bd8b849feca208cf27f27825ff887972796d4b362cf1592f009e45db83963a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31e12a7a30e633b99dc01daa1c2064b8b78098f5d9cccfe3aad2d2904125a775
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
32bc87c0cf5f26e5ebb7de8ef6b41a25371d5842c724bda710ffb89575a603aa
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
37d53e63893be4bbd11850c24f4cd87ff003fc599441572374e2ecc0c6354ba4
3990ea13c8c6b408221ec703da36c5952d4a633889329fa75d3194767faa8dee
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5350a85745d948765f1b333587235fd87412d8a3ece1ac4ce90cea6333c19b28
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55057b7223e56dd0720aacda4c0f7720b5d02b5b41e7367333492f8096449b86
5640e2177d8a24c6aef1d923c981591689205237b9c2fcba5215d10aa7bcf52e
57fd6687fc6eefef9989f97ce3482fd065bc584c5a9ef1eb8df237e1fbf8e904
58673cd08a66c704c471054d9eafe0f32288dfd8baa0f3b0ca968aed77b0f016
5d725677bd5195e0d548c51683dc017e117c4c396f6cecd329c079d80a8734d3
5ded918ba1c8e3f3a9cd667a8ba556bd6f263ed20086454be748c1fa0b983066
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
67e21480ec535cba1c26da815b0cc4c37b15bf7620ffb7606afb3e3253c78056
69b84cf4994fdd9d5e8bf23944aaed0248c149f48ce589a0da783a08d6aede11
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
707a37320e6f6123c37faeb10a457b84524a350556414863f59f4266a44a0eb2
7a2a8ebe9740332ae623702346feb6f4bcc04037dd5c9e556672a1f69d8d252a
7bfcfb31cf096145f9e2b3984af3a6f4af31146abbd7995b3eac1e418c434d82
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
8065cf86dfb65f5edf4a56a0dabb581f5248216922d4e4a198f2358279721565
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8594b20195a5bb1d84b57943088e34c9acddfa67c352164ce446cb7b47415df2
87d830f2daef9d3e7b99fd1561d9a441fc312c9c3f8d661b61c9e87bc44f8e40
882d6c7cc0a60a0257dde024589451b73b61f05e3c9a0fab0d86fb1d9061a253
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262
8a9a18c629393d37153b6e200a557b36ab68bb6bb5068061f4d2a752733e720c
8e1e7683de98a9d5c1aa96a11488e739396b8cf84fada8a0b25aeca1ec453287
90c4710ed3de484531db9242dc5e116c296ed3bb0f60fa372304b857e2502e8d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d9467e614a86aa4af8ceea0813fee03a9ebdbc2868db887a64518d8be0f3b1c
9da93eacb66618ccecea55a6d5adc410352d1932901b063a06ed65e7a5e37248
a4c7d24c14014861572f6cba513a8edffde8385d3bfefebdc32d1939332711fc
a6e43dad87aa1a3ba0604fdc9b7a89d911017b574022adf33207c23cdc4327ba
ac1f363c8fcd9bd047fd39650767a6d364805341f2dcdc3a3c1e9ba0547c1128
ace012ca5db0bd782a22d938f8bf4a7ecdda284f9515f0c79418356efd5153f5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b30472e365b5787e849fe37c44674ad4bc3901e00c1d25a4091b661319a7f072
b6a8f3e74a55b3a88abc6836bde247a6c3e44f8564d4374c5606467607023585
be43e1982797ac7fa27ff1d73c735831673c5f3759270d8efd343ac750b8dbf4
c5e800a0f0f0b3b5ee1e6be0d7dceef5b7c2f88a33345e310afea6aa846fd01e
c9aa5885857aaa029dd8b7be0131180746d7785899eb663bb22ab22bf0243970
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc9a9c01d98fb85b8535015f624e5647543235631174127a092de3816382b67c
ce7d45c894b955e64b314fbadf4da2538efea10e9fabc40265647d2b34118ba7
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d41e072355372c3b62aba8799181c25d77513644268e7b0eed08ee23fc99ffc9
d7c82f55ab6c780f27d62107156eb476d263fa5ff7d255ef7e89269e2b675215
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
ddd7d2ffd40a8fde7b6173de5e7242e076e1d06f6aa83a78b79230165d40ef82
de3460d37bed81741cdf2364ed2dff3e5f4ab800eaaff7ba86bcd5e295abd8ad
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dee8062c428a9f8a14d33abc941c2c0ae0e825be0195821dc5f9567955145cea
e28301c89875abee624137942dad53e5d1ef9311ea12dcd2f1f364cef835ada1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e592a2373f3ea49ed8d28758e97e418532cc2127157535fe8d8c33d387ddd478
e6ac5680c80db4cfcfaf5a46bcd56f311df117a996a51ef6d5b48949c6eeab9d
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
eccd1c299d5b88a6759e53d057340bd39f5bf43ec17f2f7f67f02860353f46ed
edef54cf169c11ed5b0ce5ee630aeb6873be823806bcf66ba882b56392b967ef
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f311fb6cd660d371c1f380c71e5ad341ee467ecef5f563d51629f3ee41dd4edc
f9ce5818d3471eddd0a370161ef6a792048deda4fd50256ba4ed1cb73c8c9667
fc7224d4c0b89603b2ef345a7f46c195d0af5e49102386702423d33898b825d2

www.gxpowered.com Open in urlscan Pro 143.204.146.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

83 %HTTPS

26 %IPv6

47 Domains

72 Subdomains

54 IPs

5 Countries

1639 kBTransfer

3941 kBSize

83 Cookies

1 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gxpowered.com Open in urlscan Pro
143.204.146.107 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

83 %
HTTPS

26 %
IPv6

47
Domains

72
Subdomains

54
IPs

5
Countries

1639 kB
Transfer

3941 kB
Size

83
Cookies

134 HTTP transactions
0 data transactions