creativemind.media Open in urlscan Pro
2606:4700:3034::6815:4bf0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0ch...
Effective URL:
https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=Ne...
Submission: On April 08 via api (April 8th 2024, 9:35:22 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 15 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3034::6815:4bf0, located in and belongs to . The main domain is creativemind.media.
TLS certificate: Issued by E1 on March 30th 2024. Valid for: 3 months.

This is the only time creativemind.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12 24	173.214.240.15 173.214.240.15	15317 (SERVEREL-AS) (SERVEREL-AS)
4	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
5 5	199.182.164.180 199.182.164.180	15317 (SERVEREL-AS) (SERVEREL-AS)
1 6	2606:4700:1::... 2606:4700:1::6813:834c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4004:c07::5e	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2606:4700:1::... 2606:4700:1::6813:854c	() ()
1 9	2606:4700:303... 2606:4700:3034::6815:4bf0	() ()
3	2606:4700::68... 2606:4700::6811:180e	() ()
6	2606:4700::68... 2606:4700::6812:b74	() ()
5	3.162.3.33 3.162.3.33	() ()
2	2607:f8b0:400... 2607:f8b0:4004:c1d::5d	() ()
66	12

24 173.214.240.15 (United States) 12 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net

glamournews3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freetrckr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jamgame3.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
roselocation5.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
news-life2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
game2win2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.182.164.180 (United States) 5 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net

xml.pushking.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xml.planetpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:834c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clck.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:1::6813:844c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:854c (None, ) 2 redirects

ASN- ()

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::6815:4bf0 (None, ) 1 redirects

ASN- ()

creativemind.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:b74 (None, )

ASN- ()

www.vivint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.162.3.33 (None, )

ASN- ()

cdn.assets.vivint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::5d (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgid.com 4 redirects c.mgid.com — Cisco Umbrella Rank: 6445 s-img.mgid.com — Cisco Umbrella Rank: 7527 clck.mgid.com a.mgid.com	67 KB
11	vivint.com www.vivint.com Failed cdn.assets.vivint.com	961 KB
9	creativemind.media 1 redirects creativemind.media	274 KB
8	gstatic.com fonts.gstatic.com	126 KB
7	freetrckr.com 7 redirects freetrckr.com — Cisco Umbrella Rank: 574210	2 KB
4	game2win2.xyz 1 redirects game2win2.xyz	3 KB
4	news-life2.xyz 1 redirects news-life2.xyz	3 KB
4	roselocation5.xyz 1 redirects roselocation5.xyz	3 KB
4	pushking.net 4 redirects xml.pushking.net — Cisco Umbrella Rank: 47452	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	5 KB
4	jamgame3.xyz 1 redirects jamgame3.xyz	3 KB
3	cloudflare.com cdnjs.cloudflare.com	42 KB
2	youtube.com www.youtube.com	69 KB
1	planetpush.net 1 redirects xml.planetpush.net — Cisco Umbrella Rank: 78269	655 B
1	glamournews3.xyz 1 redirects glamournews3.xyz	120 B
66	15

	Domain	Requested by
9	creativemind.media	1 redirects clck.mgid.com creativemind.media
8	fonts.gstatic.com	fonts.googleapis.com
8	s-img.mgid.com	jamgame3.xyz roselocation5.xyz news-life2.xyz game2win2.xyz
7	freetrckr.com	7 redirects
6	www.vivint.com	creativemind.media
5	cdn.assets.vivint.com	creativemind.media
4	game2win2.xyz	1 redirects news-life2.xyz game2win2.xyz
4	news-life2.xyz	1 redirects roselocation5.xyz news-life2.xyz
4	roselocation5.xyz	1 redirects jamgame3.xyz roselocation5.xyz
4	c.mgid.com	4 redirects
4	xml.pushking.net	4 redirects
4	fonts.googleapis.com	jamgame3.xyz roselocation5.xyz news-life2.xyz game2win2.xyz
4	jamgame3.xyz	1 redirects jamgame3.xyz
3	cdnjs.cloudflare.com	creativemind.media
2	www.youtube.com	creativemind.media www.youtube.com
2	a.mgid.com	creativemind.media
1	clck.mgid.com	game2win2.xyz
1	xml.planetpush.net	1 redirects
1	glamournews3.xyz	1 redirects
66	19

This site contains no links.

Subject Issuer	Validity	Valid
politicalsale3.xyz R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
mgid.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
spectrumtop5.xyz R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
goldnews2.xyz R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
creativemind.media E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.vivint.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-12-27`	a year	crt.sh
cdn.assets.vivint.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-24` - `2024-08-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Frame ID: 49953560DB7DD3EF3EA25E2DB6C6270E
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymi... HTTP 307
https://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymi... HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0Ew... Page URL
https://xml.pushking.net/click?s=1&tid=534&sid=0a6f33dbf3ae7a88d12faf0058283779&rnd=604098447 HTTP 302
https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJl... Page URL
https://creativemind.media/landing/display/smartsecurity?click_id=b2a52814a63da87f4ae93626d54f747f&widg... HTTP 301
http://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&wid... HTTP 307
https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&wid... Page URL

Detected technologies

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

66
Requests

83 %
HTTPS

75 %
IPv6

15
Domains

19
Subdomains

12
IPs

1
Countries

1551 kB
Transfer

4186 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0chvzac5wcm8lmjilmkmlmjj1jtiyjtnbjtvcjtiymtgync04ztljmgviywmzmmu0yjc0ogizmwzlmzvhyty5mzjkmi0zndqzltaumdawnteyjtiyjtjdjtiymtgync05nzc2mdgzotg2yzllyzg4njbkzgqwyza...~311~...xow5qx3jlef9mciuymiu3ra==&if=1 HTTP 307
https://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0chvzac5wcm8lmjilmkmlmjj1jtiyjtnbjtvcjtiymtgync04ztljmgviywmzmmu0yjc0ogizmwzlmzvhyty5mzjkmi0zndqzltaumdawnteyjtiyjtjdjtiymtgync05nzc2mdgzotg2yzllyzg4njbkzgqwyza...~311~...xow5qx3jlef9mciuymiu3ra==&if=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
https://xml.pushking.net/click?s=1&tid=534&sid=0a6f33dbf3ae7a88d12faf0058283779&rnd=604098447 HTTP 302
https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&tt=Direct&att=3&pubsrcid=878281&cpm=1&ct=1&st=-240&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&euid=5b3c53dbf32b63dfa83d11888ada2fca Page URL
https://creativemind.media/landing/display/smartsecurity?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id HTTP 301
http://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id HTTP 307
https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0chvzac5wcm8lmjilmkmlmjj1jtiyjtnbjtvcjtiymtgync04ztljmgviywmzmmu0yjc0ogizmwzlmzvhyty5mzjkmi0zndqzltaumdawnteyjtiyjtjdjtiymtgync05nzc2mdgzotg2yzllyzg4njbkzgqwyza...~311~...xow5qx3jlef9mciuymiu3ra==&if=1 HTTP 307
https://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0chvzac5wcm8lmjilmkmlmjj1jtiyjtnbjtvcjtiymtgync04ztljmgviywmzmmu0yjc0ogizmwzlmzvhyty5mzjkmi0zndqzltaumdawnteyjtiyjtjdjtiymtgync05nzc2mdgzotg2yzllyzg4njbkzgqwyza...~311~...xow5qx3jlef9mciuymiu3ra==&if=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 2

https://jamgame3.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDViZDk3MjI3YTVmNDdmMjY4ZDU0MWQwNzE4Y2M5ZDZjJTI2cm5kJTNEMTM1MTI4NjM3&t=1712612110296&rnd=577887573&i=1 HTTP 302
https://xml.pushking.net/icon?sid=5bd97227a5f47f268d541d0718cc9d6c&rnd=135128637 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|2FnRKP8P_AdMP9tp-px3oTIgHkIEJlHnCspOU5kRbG-C0wVWVwad4S-5w53Td6Q3wkjzShpcrtmsP3xXfuMC7MjOY7eILkvXYYYg0COzOWo*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UY7HXMHW6_sJWt1Ovogd1Bf&rid=dffe67c0-f5ef-11ee-a572-c84bd68370b4&psid=878228&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1ETXZOelF5TVRZMUx6WmpNbU13TlRnNU9ETXdZVEUyT0dRd09USXdObU5tTWpSaE9UQm1ZelppTG1wd1pXYy53ZWJwP3Y9MTcxMjYxMjEwOS1GNW8zR1dKYkh2aG5zNjZjSGNTckc4QkVWNTZjNzBBQ181eFEyNXlGNHY4 HTTP 301
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612109-F5o3GWJbHvhns66cHcSrG8BEV56c70AC_5xQ25yF4v8

Request Chain 8

https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 10

https://roselocation5.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEYzI4NjIwNWZkZjU2YjYwNDhhZTYxN2MxODgzM2VmN2IlMjZybmQlM0Q2ODA1MDk5&t=1712612112351&rnd=795399900&i=1 HTTP 302
https://xml.planetpush.net/icon?sid=c286205fdf56b6048ae617c18833ef7b&rnd=6805099 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|Zycap9eI_wwnstcUDlCsscTytNz8IOqfWz_5p16JFx_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7OZev5uyvyyPAp6kZfhTzAI*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&rid=e1391744-f5ef-11ee-be76-c84bd68370c0&psid=1283231&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE0LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpJdE1Ea3ZOelF5TVRZMUx6ZzFaVFl4Tm1Wa01ERTVZelEzWmpFek56SmxNelJqWW1Jek1XUTBNVGszTG1wd1p3LndlYnA_dj0xNzEyNjEyMTExLVVNWUZ6TG1OU1pRczMxMDZvR0U2YlMzUTF3QlpKLXk0Rl9hTFJjNExiUU0= HTTP 301
https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxNmVkMDE5YzQ3ZjEzNzJlMzRjYmIzMWQ0MTk3LmpwZw.webp?v=1712612111-UMYFzLmNSZQs3106oGE6bS3Q1wBZJ-y4F_aLRc4LbQM

Request Chain 16

https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 18

https://news-life2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_3285_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGRmYjMwZTk3MDY4YTdlZDAxYzE5NWY0NjgxODQwOGUzJTI2cm5kJTNENTQxMDY1MTg3&t=1712612114475&rnd=134993985&i=1 HTTP 302
https://xml.pushking.net/icon?sid=dfb30e97068a7ed01c195f46818408e3&rnd=541065187 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|8I2zEb8DmKN9IBCdU-mShjIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7H4aehrn_9LWFAWCBVBMyS4*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZpPGQVKx86_5o9IwUn-HU5m4OlIXs8iZL_xdLOXz4UEm&rid=e27d9986-f5ef-11ee-be76-c84bd68370c0&psid=878275&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1ETXZOelF5TVRZMUx6WmpNbU13TlRnNU9ETXdZVEUyT0dRd09USXdObU5tTWpSaE9UQm1ZelppTG1wd1pXYy53ZWJwP3Y9MTcxMjYxMjExNC1xUlMwcWV6VzMwZmRidk1fX0RuUkVxZ25FckNnaGVUUV9NSFN4dkNORi1n HTTP 301
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612114-qRS0qezW30fdbvM__DnREqgnErCgheTQ_MHSxvCNF-g

Request Chain 24

https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1 HTTP 302
https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Request Chain 26

https://game2win2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDBhNmYzM2RiZjNhZTdhODhkMTJmYWYwMDU4MjgzNzc5JTI2cm5kJTNENzI0MzQ0Njk%3D&t=1712612117438&rnd=584667584&i=1 HTTP 302
https://xml.pushking.net/icon?sid=0a6f33dbf3ae7a88d12faf0058283779&rnd=72434469 HTTP 302
https://c.mgid.com/c?pv=2&v=0|0|0|iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&psid=878281&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1ETXZOelF5TVRZMUx6WmpNbU13TlRnNU9ETXdZVEUyT0dRd09USXdObU5tTWpSaE9UQm1ZelppTG1wd1pXYy53ZWJwP3Y9MTcxMjYxMjExNy1rV2E3ZGttTGFzbmdQMU8tRUo2dHMwQnBWNUpKczN2NHVhb0tPcnVMcWtn HTTP 301
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612117-kWa7dkmLasngP1O-EJ6ts0BpV5JJs3v4uaoKOruLqkg

Request Chain 32

https://xml.pushking.net/click?s=1&tid=534&sid=0a6f33dbf3ae7a88d12faf0058283779&rnd=604098447 HTTP 302
https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&tt=Direct&att=3&pubsrcid=878281&cpm=1&ct=1&st=-240&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&euid=5b3c53dbf32b63dfa83d11888ada2fca

66 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js Show response
jamgame3.xyz/
Redirect Chain

http://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0chvzac5wcm8lmjilmkmlmjj1jtiyjtnbjtvcjtiymtgync04ztljmgviywmzmmu0yjc0ogizmwzlmzv...
https://glamournews3.xyz/event_753d538c-ecf7-3e19-87a6-9ac9c147e021_421_0_2008?payload=jtdcjtiyacuymiuzqsuymnhtbc5qdxn0chvzac5wcm8lmjilmkmlmjj1jtiyjtnbjtvcjtiymtgync04ztljmgviywmzmmu0yjc0ogizmwzlmz...
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

241ms
78ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 4fd886fd65cd08ad9144d5638d5408172078620be6d10069aa0cd567aa4b5b0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 08 Apr 2024 21:35:10 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Mon, 08 Apr 2024 21:35:10 GMT
location: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 73ms
32ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: jamgame3.xyz
URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jamgame3.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Apr 2024 21:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:39:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Apr 2024 21:35:10 GMT

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwN...
s-img.mgid.com/g/18013315/328x328/-/
Redirect Chain

https://jamgame3.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDViZDk3MjI3YTVmNDdmMjY4ZDU0MWQwNzE4Y2M5ZDZjJTI2cm5...
https://xml.pushking.net/icon?sid=5bd97227a5f47f268d541d0718cc9d6c&rnd=135128637
https://c.mgid.com/c?pv=2&v=0|0|0|2FnRKP8P_AdMP9tp-px3oTIgHkIEJlHnCspOU5kRbG-C0wVWVwad4S-5w53Td6Q3wkjzShpcrtmsP3xXfuMC7MjOY7eILkvXYYYg0COzOWo*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47...
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

5 KB
5 KB

22ms
21ms

Image
image/webp

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612109-F5o3GWJbHvhns66cHcSrG8BEV56c70AC_5xQ25yF4v8

Requested by

Host: jamgame3.xyz
URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274521d9954dbeea56152c7ef89853d12215b7d8fd118b70fcf06578e44b5e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jamgame3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Apr 2024 21:35:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 3fbba018-aca4-4c2a-a1bb-a8e974113627
age: 2268129
alt-svc: h3=":443"; ma=86400
content-length: 4958
last-modified: Fri, 08 Mar 2024 04:33:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562bbfe810f4f-EWR

Redirect headers

date: Mon, 08 Apr 2024 21:35:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: cdfc0889-e7f6-493b-9f0d-0082cdc0dbd1
server: cloudflare
location: https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612109-F5o3GWJbHvhns66cHcSrG8BEV56c70AC_5xQ25yF4v8
cf-ray: 871562bbce550f4f-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzc0MjE2NS82YzJjM...
s-img.mgid.com/g/18013315/453x227/-/ 5 KB
5 KB 50ms
22ms Image
image/webp 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013315/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzc0MjE2NS82YzJjMDU4OTgzMGExNjhkMDkyMDZjZjI0YTkwZmM2Yi5qcGVn.webp?v=1712612109-J4_GHJe0AICDWcXISCkOOBhwo0syXO-a3mD7ZO9GWt4

Requested by

Host: jamgame3.xyz
URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42bb0284b724614d86d789c5dea479d30a53b4f4ae47c50703d5bb396b59b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jamgame3.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 44730ad4-955c-4fa8-9643-206ed7b17d11
age: 2254411
alt-svc: h3=":443"; ma=86400
content-length: 4804
last-modified: Fri, 08 Dec 2023 00:33:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562b9dcad0f4f-EWR

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 61ms
24ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://jamgame3.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:35 GMT
x-content-type-options: nosniff
age: 480515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 54ms
18ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://jamgame3.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:23 GMT
x-content-type-options: nosniff
age: 480527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:23 GMT

GET
H2 404 favicon.ico
jamgame3.xyz/ 548 B
245 B 77ms
77ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jamgame3.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:10 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_2000
jamgame3.xyz/ 114 B
206 B 78ms
77ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jamgame3.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTViZDk3MjI3YTVmNDdmMjY4ZDU0MWQwNzE4Y2M5ZDZjLTMyODUtMC4wMDM5MDElMjIlNUQlN0Q%3D&t=1712612110296&rnd=197863915&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: jamgame3.xyz
URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:11 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js Show response
roselocation5.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

237ms
77ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: jamgame3.xyz
URL: https://jamgame3.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTViZDk3MjI3YTVmNDdmMjY4ZDU0MWQwNzE4Y2M5ZDZjLTMyODUtMC4wMDM5MDElMjIlNUQlN0Q%3D&t=1712612110296&rnd=197863915&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: ac841747fecef607487f878f46dc510742a2c1f02eff4d17ca8f2414f3e8d274

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "123.0.6312.105"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-wow64: ?0

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 08 Apr 2024 21:35:12 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Mon, 08 Apr 2024 21:35:12 GMT
location: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 71ms
33ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: roselocation5.xyz
URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://roselocation5.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Apr 2024 21:35:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:39:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Apr 2024 21:35:12 GMT

GET
H3

200

aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxN...
s-img.mgid.com/g/18013314/328x328/-/
Redirect Chain

https://roselocation5.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_102_3286_3001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucGxhbmV0cHVzaC5uZXQlMkZpY29uJTNGc2lkJTNEYzI4NjIwNWZkZjU2YjYwNDhhZTYxN2MxODgzM2VmN2...
https://xml.planetpush.net/icon?sid=c286205fdf56b6048ae617c18833ef7b&rnd=6805099
https://c.mgid.com/c?pv=2&v=0|0|0|Zycap9eI_wwnstcUDlCsscTytNz8IOqfWz_5p16JFx_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7OZev5uyvyyPAp6kZfhTzAI*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47...
https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

14 KB
14 KB

22ms
21ms

Image
image/webp

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxNmVkMDE5YzQ3ZjEzNzJlMzRjYmIzMWQ0MTk3LmpwZw.webp?v=1712612111-UMYFzLmNSZQs3106oGE6bS3Q1wBZJ-y4F_aLRc4LbQM

Requested by

Host: roselocation5.xyz
URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4523c31982d872ec21a6a4575a24a1bc374397d36e12ef59dbe23e8b9a045e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://roselocation5.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Apr 2024 21:35:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 917ae29a-a440-4b0e-a7fe-63b2f93983f7
age: 2259307
alt-svc: h3=":443"; ma=86400
content-length: 14492
last-modified: Fri, 08 Dec 2023 00:33:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562c8ebbf4232-EWR

Redirect headers

date: Mon, 08 Apr 2024 21:35:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: b8ce929c-4355-45c0-b44d-4a2ab1207232
server: cloudflare
location: https://s-img.mgid.com/g/18013314/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvNzQyMTY1Lzg1ZTYxNmVkMDE5YzQ3ZjEzNzJlMzRjYmIzMWQ0MTk3LmpwZw.webp?v=1712612111-UMYFzLmNSZQs3106oGE6bS3Q1wBZJ-y4F_aLRc4LbQM
cf-ray: 871562c8ab724232-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5Lzc0MjE2NS84NWU2M...
s-img.mgid.com/g/18013314/453x227/-/ 12 KB
13 KB 48ms
23ms Image
image/webp 2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s-img.mgid.com/g/18013314/453x227/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5Lzc0MjE2NS84NWU2MTZlZDAxOWM0N2YxMzcyZTM0Y2JiMzFkNDE5Ny5qcGc.webp?v=1712612111-4XmNI4f77NGdlYd21tdeLv0C5sa-wQvXqKm5xQXdvoE

Requested by

Host: roselocation5.xyz
URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0e144c4ea8c5744210c578b16a9963a82478474c4d9254f2a7eb5b5e6fa3101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://roselocation5.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 610622c4-fa1c-4e48-af2c-3c7dbb3b7f50
age: 2263892
alt-svc: h3=":443"; ma=86400
content-length: 12524
last-modified: Fri, 08 Dec 2023 00:33:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562c6cff64232-EWR

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 59ms
21ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://roselocation5.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:35 GMT
x-content-type-options: nosniff
age: 480517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 54ms
17ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://roselocation5.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:23 GMT
x-content-type-options: nosniff
age: 480529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:23 GMT

GET
H2 404 favicon.ico
roselocation5.xyz/ 548 B
245 B 76ms
76ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roselocation5.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:12 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9455c6ee-c2ae-2e77-720a-5490faea009a_102_0_3001
roselocation5.xyz/ 114 B
206 B 76ms
76ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roselocation5.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtYzI4NjIwNWZkZjU2YjYwNDhhZTYxN2MxODgzM2VmN2ItMzI4Ni0wLjAwMzkwMSUyMiU1RCU3RA%3D%3D&t=1712612112351&rnd=568747353&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: roselocation5.xyz
URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:13 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js Show response
news-life2.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

238ms
76ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: roselocation5.xyz
URL: https://roselocation5.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_102_0_3001?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wbGFuZXRwdXNoLm5ldCUyMiUyQyUyMnUlMjIlM0ElNUIlMjI4ODYtYzI4NjIwNWZkZjU2YjYwNDhhZTYxN2MxODgzM2VmN2ItMzI4Ni0wLjAwMzkwMSUyMiU1RCU3RA%3D%3D&t=1712612112351&rnd=568747353&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: 50495bf544e1cc1e4244b8f02e13865f751ef2edc4464c41137f8a51e1bde659

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "123.0.6312.105"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-wow64: ?0

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 08 Apr 2024 21:35:14 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Mon, 08 Apr 2024 21:35:14 GMT
location: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 72ms
36ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: news-life2.xyz
URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://news-life2.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Apr 2024 21:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:38:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Apr 2024 21:35:14 GMT

GET
H3

200

https://news-life2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_3285_3000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRGRmYjMwZTk3MDY4YTdlZDAxYzE5NWY0NjgxODQwOGUzJTI2c...
https://xml.pushking.net/icon?sid=dfb30e97068a7ed01c195f46818408e3&rnd=541065187
https://c.mgid.com/c?pv=2&v=0|0|0|8I2zEb8DmKN9IBCdU-mShjIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7H4aehrn_9LWFAWCBVBMyS4*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZpPGQVKx86_5o9I...
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

5 KB
5 KB

26ms
26ms

Image
image/webp

2606:4700:1::6813:854c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: news-life2.xyz
URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:854c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

274521d9954dbeea56152c7ef89853d12215b7d8fd118b70fcf06578e44b5e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://news-life2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Apr 2024 21:35:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 3fbba018-aca4-4c2a-a1bb-a8e974113627
age: 2268133
alt-svc: h3=":443"; ma=86400
content-length: 4958
last-modified: Fri, 08 Mar 2024 04:33:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562d62f7c42c8-EWR

Redirect headers

date: Mon, 08 Apr 2024 21:35:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: b97c0726-d87c-4408-890e-f5cec3ea8286
server: cloudflare
location: https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612114-qRS0qezW30fdbvM__DnREqgnErCgheTQ_MHSxvCNF-g
cf-ray: 871562d5ef3842c8-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: news-life2.xyz
URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d42bb0284b724614d86d789c5dea479d30a53b4f4ae47c50703d5bb396b59b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://news-life2.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 44730ad4-955c-4fa8-9643-206ed7b17d11
age: 2254415
alt-svc: h3=":443"; ma=86400
content-length: 4804
last-modified: Fri, 08 Dec 2023 00:33:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562d40d1842c8-EWR

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 56ms
21ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://news-life2.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:35 GMT
x-content-type-options: nosniff
age: 480519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 51ms
17ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://news-life2.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:23 GMT
x-content-type-options: nosniff
age: 480531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:23 GMT

GET
H2 404 favicon.ico
news-life2.xyz/ 548 B
245 B 79ms
75ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news-life2.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:14 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_3000
news-life2.xyz/ 114 B
207 B 77ms
76ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news-life2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LWRmYjMwZTk3MDY4YTdlZDAxYzE5NWY0NjgxODQwOGUzLTMyODUtMC4wMDM5MDElMjIlNUQlN0Q%3D&t=1712612114475&rnd=544586127&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: news-life2.xyz
URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:16 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H2

200

sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js
game2win2.xyz/
Redirect Chain

https://freetrckr.com/bid?id=3005&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2998&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=3006&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://freetrckr.com/bid?id=2000&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=0&ch=1
https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

5 KB
2 KB

246ms
79ms

Document
text/html

173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Requested by: Host: news-life2.xyz
URL: https://news-life2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_3000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LWRmYjMwZTk3MDY4YTdlZDAxYzE5NWY0NjgxODQwOGUzLTMyODUtMC4wMDM5MDElMjIlNUQlN0Q%3D&t=1712612114475&rnd=544586127&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "123.0.6312.105"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.105", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.105"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-wow64: ?0

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 08 Apr 2024 21:35:17 GMT
server: nginx

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-WoW64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
date: Mon, 08 Apr 2024 21:35:17 GMT
location: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 70ms
33ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Requested by

Host: game2win2.xyz
URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://game2win2.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Apr 2024 21:35:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 21:15:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Apr 2024 21:35:17 GMT

GET
H3

200

https://game2win2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_3285_2000?payload=aHR0cHMlM0ElMkYlMkZ4bWwucHVzaGtpbmcubmV0JTJGaWNvbiUzRnNpZCUzRDBhNmYzM2RiZjNhZTdhODhkMTJmYWYwMDU4MjgzNzc5JTI2cm...
https://xml.pushking.net/icon?sid=0a6f33dbf3ae7a88d12faf0058283779&rnd=72434469
https://c.mgid.com/c?pv=2&v=0|0|0|iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&cid=1423484&f=1&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47...
https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ...

5 KB
5 KB

23ms
23ms

Image
image/webp

2606:4700:1::6813:854c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: game2win2.xyz
URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Server

2606:4700:1::6813:854c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://game2win2.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Apr 2024 21:35:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 3fbba018-aca4-4c2a-a1bb-a8e974113627
age: 2268136
alt-svc: h3=":443"; ma=86400
content-length: 4958
last-modified: Fri, 08 Mar 2024 04:33:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562e87d353320-EWR

Redirect headers

date: Mon, 08 Apr 2024 21:35:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-mg-request-uuid: 60ad8e40-4e64-447e-bbe3-f5436ce968fe
server: cloudflare
location: https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1712612117-kWa7dkmLasngP1O-EJ6ts0BpV5JJs3v4uaoKOruLqkg
cf-ray: 871562e84d0b3320-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: game2win2.xyz
URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:854c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://game2win2.xyz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-mg-request-uuid: 44730ad4-955c-4fa8-9643-206ed7b17d11
age: 2254418
alt-svc: h3=":443"; ma=86400
content-length: 4804
last-modified: Fri, 08 Dec 2023 00:33:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 871562e67b753320-EWR

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 58ms
22ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://game2win2.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:35 GMT
x-content-type-options: nosniff
age: 480522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 53ms
18ms Font
font/woff2 2607:f8b0:4004:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://game2win2.xyz
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 08:06:23 GMT
x-content-type-options: nosniff
age: 480534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Apr 2025 08:06:23 GMT

GET
H2 404 favicon.ico
game2win2.xyz/ 548 B
245 B 78ms
77ms Other
text/html 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://game2win2.xyz/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:17 GMT
content-encoding: gzip
server: nginx
content-type: text/html

GET
H2 200 event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_2000
game2win2.xyz/ 117 B
209 B 79ms
78ms Script
application/javascript 173.214.240.15
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://game2win2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTBhNmYzM2RiZjNhZTdhODhkMTJmYWYwMDU4MjgzNzc5LTMyODUtMC4wMDM5MDElMjIlNUQlN0Q%3D&t=1712612117438&rnd=912605002&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0
Requested by: Host: game2win2.xyz
URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.214.240.15 , United States, ASN15317 (SERVEREL-AS, US),
Reverse DNS: 173.214.240.15.serverel.net
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript

GET
H3

200

1
clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/
Redirect Chain

https://xml.pushking.net/click?s=1&tid=534&sid=0a6f33dbf3ae7a88d12faf0058283779&rnd=604098447
https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11...

2 KB
2 KB

130ms
92ms

Document
text/html

2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&tt=Direct&att=3&pubsrcid=878281&cpm=1&ct=1&st=-240&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&euid=5b3c53dbf32b63dfa83d11888ada2fca

Requested by

Host: game2win2.xyz
URL: https://game2win2.xyz/event_9455c6ee-c2ae-2e77-720a-5490faea009a_101_0_2000?payload=JTdCJTIyaCUyMiUzQSUyMnhtbC5wdXNoa2luZy5uZXQlMjIlMkMlMjJ1JTIyJTNBJTVCJTIyNTM0LTBhNmYzM2RiZjNhZTdhODhkMTJmYWYwMDU4MjgzNzc5LTMyODUtMC4wMDM5MDElMjIlNUQlN0Q%3D&t=1712612117438&rnd=912605002&js=1&io=0&h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA==&if=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 871562f1d9b81851-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Apr 2024 21:35:19 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-mg-click-uuid: 9e11261e-5cc9-6160-b097-f51535544d8d
x-robots-tag: noindex

Redirect headers

date: Mon, 08 Apr 2024 21:35:19 GMT
location: https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&tt=Direct&att=3&pubsrcid=878281&cpm=1&ct=1&st=-240&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&euid=5b3c53dbf32b63dfa83d11888ada2fca
server: nginx

GET
H3

200

Primary Request / Show response
creativemind.media/landing/display/smartsecurity/
Redirect Chain

https://creativemind.media/landing/display/smartsecurity?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
http://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id

176 KB
24 KB

32ms
32ms

Document
text/html

2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&tt=Direct&att=3&pubsrcid=878281&cpm=1&ct=1&st=-240&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&euid=5b3c53dbf32b63dfa83d11888ada2fca
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 06777385b89e2120fdfe0682c928173581d4dda01978d1b7467e570efd489fb5

Request headers

Referer: https://clck.mgid.com/ghits/18013315/i/57755505/0/src/3992/pp/1/1?h=iaBZV00hdDs5cihXc-gYJzIgHkIEJlHnCspOU5kRbG_AjT21eC0oT2XJIwzWfBuNwkjzShpcrtmsP3xXfuMC7O4dPRX6QI8gJ8J0cTPGWek*&rid=e43e5dc4-f5ef-11ee-8139-c84bd6836428&tt=Direct&att=3&pubsrcid=878281&cpm=1&ct=1&st=-240&h2=xwIziUS4wo_UT2mUEzXCZvNVjo0GSejtF47zqP8z8UYE--6z9qqtqqBRPVykn1r3&euid=5b3c53dbf32b63dfa83d11888ada2fca
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 871562f31fae5e6e-EWR
content-encoding: br
content-type: text/html
date: Mon, 08 Apr 2024 21:35:19 GMT
last-modified: Fri, 05 Apr 2024 17:04:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQzSJRIaOc8daMIBvR8%2FHZkMz4nCgyIRCndI8lyPdF5wCgeGVpN3fgZ5kYTFeX5NE%2Blq9TB24JltKJxt8Qawr8FvFD2PoUoPrOgAxVoxUUmlQSM9zlE%2BtFj6HaYeaDicFCd5%2B4qNCuZV7UEdfMhm6jw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Non-Authoritative-Reason: HttpsUpgrades

GET IntCircular2-Web-Book.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET IntCircular2-Web-Medium.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET vivintCircularWeb-Medium.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET vivintCircularWeb-Book.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET vivintCircularWeb-Bold.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET VivintSans-Medium.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET vivint-icons-min.woff2
www.vivint.com/themes/custom/themekit/dist/fonts/vivint/ 0
0

GET
H3 200 css_wqHXYGkHZonpygH7snQkzAL0gNh3Ra1JPKHDkPusBds.css
creativemind.media/landing/display/smartsecurity/css/ 10 KB
3 KB 22ms
20ms Stylesheet
text/css 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/css/css_wqHXYGkHZonpygH7snQkzAL0gNh3Ra1JPKHDkPusBds.css?delta=0&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e26ed4c6e8e3d46d9fdfb4882cdcbbc6229640d496e89de2c91db0ec7f857ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 04:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 260433
etag: W/"660f79fe-28eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqI%2BeS5Fuq8ZbCHgEXHcEUtC0Hk3WJDK%2FCmGlJjAkb3vtpPmkz4ioz02Zi7WR%2BSfvsUvYWNRsNcOrx4mxpR8%2Fz31DG%2FxLlw9bkfDyh4tV0ZRcvqTZhWi8o50MyMN3085QkE%2BssLcUoQOaBX%2FJGrDsi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 871562f35fef5e6e-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:14:46 GMT

GET
H3 200 css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css
creativemind.media/landing/display/smartsecurity/css/ 2 MB
108 KB 39ms
37ms Stylesheet
text/css 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0532812f54cc709602ef449f495405d725aacadfc3545030a4f9e7a46d3e69ab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 07:34:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 260433
etag: W/"660fa99f-1f349f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTln0MwYfY8Nte2UcBYFyCY4wW09gnOL2%2FfmWLJnJruuxI9HZ8ox85LMgW4qAPjJo1NejSAHeX2pIVdcIvbqCq72DRaOY6bSKB1FisLDX8V44qWDQlaFMCocbhrOoJVKiRDqS0HXGuDAY6cutBdSiKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 871562f35ff25e6e-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:14:46 GMT

GET
H3 200 js_3iHLUKqaV0vBoW8D9JCISlzFFeedvMuBvsQ1xV8AWdk.js Show response
creativemind.media/landing/display/smartsecurity/js/ 110 KB
39 KB 27ms
26ms Script
application/javascript 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/js/js_3iHLUKqaV0vBoW8D9JCISlzFFeedvMuBvsQ1xV8AWdk.js
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 709e2d3424a09d9241fab3d5071d6f30f2ee39fb730d845c2f0daaa4b5fb3e45

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 04:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 260432
etag: W/"660f79fe-1b881"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0AZixFw2qXHb%2FtbmaAUpER1hXwOSlATDMSiQUz98C3%2BvAt3n403eYoleS0SIZ1Q%2B%2BhBUiEey0Wtw3J2n2xSMp5tsCHEAH6YPTC3j9shklMdMqbvBOFqQI1ya2IrkIcgDnXG%2Fgm61A7IPWdWkvEgmZT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 871562f35ff45e6e-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:14:47 GMT

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 37ms
22ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1572988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15508
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IV4kSSQRKJlCQktSlRsijS6MG0jxqqDoA96SVzgo5XreTV8Uj6pChW8xaunbLz8xlE6H0dpgbMSrDbO3QipXL9%2B7CKP6YTYSPUuvsMvxeFVLeOXe5fLA3U%2FvES3aQAPp9RFj4AKQ%2FzHJja6I3lxGDoz%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 871562f36f94159b-EWR
expires: Sat, 29 Mar 2025 21:35:19 GMT

GET
H3 200 moment-timezone-with-data-10-year-range.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/ 42 KB
10 KB 48ms
33ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-10-year-range.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2e8ecd2ca1334ac31b43e1646c1ffc5be9b41cc8267bf83202f6a5ef3bc608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 348906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9859
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-a622"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fvCf%2Fv9GWO2Rk4HgtAlHBjuTxC1PcsGj1c8wQ%2BfsQeTMO0mzuuWI4wdv35elLDB4zl74jowQ7xHjz%2B4i1ZEc5DdiBU4eo2S7Tims6SYHkpBZiHcBfEt6sDf0TwFnxCqRY42%2BiqW3e88iyOAhnxQk101"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 871562f36f95159b-EWR
expires: Sat, 29 Mar 2025 21:35:19 GMT

GET
H2 200 Hero-DisplaySecurity-1600.jpg.webp
www.vivint.com/sites/default/files/styles/desktop_1600_hq/public/image/2022-07/ 48 KB
48 KB 60ms
34ms Image
image/webp 2606:4700::6812:b74

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vivint.com/sites/default/files/styles/desktop_1600_hq/public/image/2022-07/Hero-DisplaySecurity-1600.jpg.webp?itok=No-35VvN

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:b74 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3d287df4d63c929781a46116b09fa9be9a9dbe7ffbb2224f8e58933a5ef779b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 08 Apr 2024 21:35:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431278
x-cache: HIT
x-ah-environment: prod
content-length: 49022
x-request-id: v-1d4aaca4-f1d8-11ee-b14b-23a995199f7b
last-modified: Mon, 31 Oct 2022 22:36:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 871562f3cb0b19d3-EWR
expires: Mon, 22 Apr 2024 21:35:19 GMT

GET
H3 200 mgsensor.js Show response
a.mgid.com/ 17 KB
5 KB 83ms
49ms Script
application/javascript 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.mgid.com/mgsensor.js?d=1712612119584

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45d2c055791d072ed388bb395f90aaebf2425189bbd03942b8f60855ba4f6988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-mg-request-uuid: 19e16602-025e-4677-81c5-3d73e51853b5
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 871562f46d74c445-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 SplitStory-ODCLifestyle-Desktop.jpg.webp
www.vivint.com/sites/default/files/styles/small_hq_840/public/image/2022-07/ 106 KB
106 KB 49ms
23ms Image
image/webp 2606:4700::6812:b74

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vivint.com/sites/default/files/styles/small_hq_840/public/image/2022-07/SplitStory-ODCLifestyle-Desktop.jpg.webp?itok=pq0eUuQU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:b74 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

da76635af1c121f93136628d9cde9cea19deb117f3ca9a93922790985a7e09bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 08 Apr 2024 21:35:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431278
x-cache: HIT
x-ah-environment: prod
content-length: 108272
x-request-id: v-1fcf0c7c-f1d8-11ee-b43e-3fbd28df8a13
last-modified: Tue, 01 Nov 2022 15:02:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 871562f3cb0d19d3-EWR
expires: Mon, 22 Apr 2024 21:35:19 GMT

GET
H2 200 SplitStory-ODCLifestyle-Mobile.jpg.webp
www.vivint.com/sites/default/files/styles/x_large_hq/public/image/2022-07/ 113 KB
113 KB 30ms
29ms Image
image/webp 2606:4700::6812:b74

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vivint.com/sites/default/files/styles/x_large_hq/public/image/2022-07/SplitStory-ODCLifestyle-Mobile.jpg.webp?itok=Ltcjpju7

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:b74 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3b3cb90ebf2396b23dadd51a20bbb08fec57cdd5961efc9401be2230bd351a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 08 Apr 2024 21:35:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431164
x-cache: HIT
x-ah-environment: prod
content-length: 115732
x-request-id: v-435a7b40-f1d8-11ee-af5f-b77c03743e3a
last-modified: Wed, 02 Nov 2022 22:16:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 871562f41b5419d3-EWR
expires: Mon, 22 Apr 2024 21:35:19 GMT

GET
H2 200 SplitStory-DBCPackage-Desktop_0.jpg.webp
www.vivint.com/sites/default/files/styles/small_hq_840/public/image/2022-07/ 107 KB
108 KB 21ms
21ms Image
image/webp 2606:4700::6812:b74

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vivint.com/sites/default/files/styles/small_hq_840/public/image/2022-07/SplitStory-DBCPackage-Desktop_0.jpg.webp?itok=LspA11Cq

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:b74 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

744984df9b62ef79fdcae59a024cac07036b864ae6a11c542e72b99f01ec5fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Mon, 08 Apr 2024 21:35:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431164
x-cache: HIT
x-ah-environment: prod
content-length: 109886
x-request-id: v-437ab48c-f1d8-11ee-aa01-5fec80387d5b
last-modified: Tue, 01 Nov 2022 15:02:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 871562f42b5519d3-EWR
expires: Mon, 22 Apr 2024 21:35:19 GMT

GET
H2 200 SplitStory-DBCPackage-Mobile_0.jpg.webp
www.vivint.com/sites/default/files/styles/x_large_hq/public/image/2022-07/ 121 KB
122 KB 26ms
25ms Image
image/webp 2606:4700::6812:b74

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vivint.com/sites/default/files/styles/x_large_hq/public/image/2022-07/SplitStory-DBCPackage-Mobile_0.jpg.webp?itok=XWKxmP0k

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:b74 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

96171e2719bb4fbc92c5e0524c3d23367c484f9fbec0c6073efc8764c09ffd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 5
date: Mon, 08 Apr 2024 21:35:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 431164
x-cache: HIT
x-ah-environment: prod
content-length: 124374
x-request-id: v-437b7fa2-f1d8-11ee-998c-eb9f5b95711d
last-modified: Wed, 02 Nov 2022 02:25:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 871562f42b6019d3-EWR
expires: Mon, 22 Apr 2024 21:35:19 GMT

GET
H3 200 js_JAEMU-EhfZMsK8l1ryZTXyAGEn0PtswCMbpBthU1Q9k.js Show response
creativemind.media/landing/display/smartsecurity/js/ 232 KB
66 KB 30ms
29ms Script
application/javascript 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/js/js_JAEMU-EhfZMsK8l1ryZTXyAGEn0PtswCMbpBthU1Q9k.js
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a49cf68a1ca024ce52b34243cf0e16e2c90291beec08c47bff70ab376c5ec762

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 04:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 260431
etag: W/"660f79fe-3a15c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spO8kNPTyOllaYvAV3jbwKN%2FmAIQYh9DtbRmgYNNPo%2FMkmiCaUecscU1AiEAA3cwo2EKvpFvknjr6HNdDum39XL6K%2Fb76eLm1hi%2B4iMo%2FEJTo%2F%2BZHJmU%2FCXQ2H9MBFrteX%2B3NwNSPLwhf4lSYb0h0wE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 871562f428ec5e6e-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:14:48 GMT

GET
H3 200 svg.min.js Show response
cdnjs.cloudflare.com/ajax/libs/svg.js/2.7.1/ 65 KB
16 KB 21ms
20ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/svg.js/2.7.1/svg.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2015814bb3e985ccee950ebe7f8b738d0493a716bc1802054d63b31ef60ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1563099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15311
last-modified: Mon, 04 May 2020 16:16:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff3-1040a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOa0Bi1t0N6%2BqXGbF8%2B3KhlhHWNAmSekt1u6xKhqCvdQ%2BNbgbcBlf20i1FuO2uaGthEkoKzXgNIzeBHoQ%2Fy3Q%2BnjLJYfVpT%2B5nETNsMVuqEhYrzBFaiy%2Bg1s8Y1phAE2jYWdK7NvTJ4VUPYl0ySigDNj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 871562f4285c159b-EWR
expires: Sat, 29 Mar 2025 21:35:19 GMT

GET
H3 200 js_GQ4eUWHV2aTOn9EvC5LyJcWxxMSynHl64-l8b9NQ18g.js Show response
creativemind.media/landing/display/smartsecurity/js/ 67 KB
17 KB 25ms
24ms Script
application/javascript 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/js/js_GQ4eUWHV2aTOn9EvC5LyJcWxxMSynHl64-l8b9NQ18g.js
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a17dedc050e39e182a1cb66b9835cce55d649ab890b48036b41f072413e374

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 04:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 260431
etag: W/"660f79fe-10a1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ey2Ntyf3ZtjJ9BV3Ye8jB4gQ4AFMueF%2BddCMHYOKqenjnr0cjwajNTRik6ihtstD8hUlGE3DXEJILmVesVZaPAZTqqkScj2iqIu9gCs9Nbit%2BwQlN%2BffIaQV%2BddG6M81CO8rV%2BltfwxiBYJZNdyMNmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 871562f428ed5e6e-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 May 2024 21:14:48 GMT

GET
H3 404 sync.php Show response
creativemind.media/static/vivint/ 16 B
442 B 30ms
29ms XHR
text/html 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/static/vivint/sync.php
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/js/js_3iHLUKqaV0vBoW8D9JCISlzFFeedvMuBvsQ1xV8AWdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebWgFMMn520%2FFhmZ0SAtdJDZ2LAVwklNsOwmJzwLwnW07RA5%2FAKAN37vskGR9E%2FYvDoKRIHVlDSdxyCdhLedfdEFdV5F57JeuPCvP6f%2BSjV%2B%2BYFasZLuT9NuS0aAH%2F2ZRime2mpypbCG46wdfcvnLQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 871562f418c95e6e-EWR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 IntCircular2-Web-Book.woff
cdn.assets.vivint.com/global/fonts/ 103 KB
103 KB 94ms
23ms Font
font/woff 3.162.3.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assets.vivint.com/global/fonts/IntCircular2-Web-Book.woff
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.33 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e37a91c0f0409ceea548f9c6804fb6d86b840586e7655106a03ac597419404c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
Origin: https://creativemind.media
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 21:56:22 GMT
x-amz-version-id: 7W6rbkY7uy0svDDyFk25RqWlVj3Muhjg
via: 1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 344338
x-cache: Hit from cloudfront
content-length: 105155
last-modified: Mon, 14 Sep 2020 17:08:00 GMT
server: AmazonS3
etag: "eed430fb15e33c2e209de45ade304078"
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=15778463
accept-ranges: bytes
x-amz-cf-id: UcaxTfacb8aIpKKaH9eRUYc-5asQWyM5uncZR-BKb4gInHFcI09eSw==

GET
H3 200 vivint-icons-min.woff
creativemind.media/landing/display/smartsecurity/icons/ 15 KB
15 KB 26ms
25ms Font
font/woff 2606:4700:3034::6815:4bf0

General

Check archive.org

Show headers Download Go to

Full URL: https://creativemind.media/landing/display/smartsecurity/icons/vivint-icons-min.woff
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:4bf0 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee7498b55af175bb308f6fa1083dadbfc199dae05dbda7f63ea737d8fca3170

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Origin: https://creativemind.media
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2024 07:34:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1125
etag: "660fa99f-3c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWLqS%2F6Zknoof7heChcF2ZfV7SDccqQj11pxzwQKErg24MEVzj%2BFzdGYguPue59FxQCviLCBzv2m1C4w1oA8D6S6nUFzoM1xruSq7GT%2FMeEEvTzqK5ipde%2Bz2MU3Cdn8RakeDp2s%2BgsIDLlJvTV9VIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 871562f4490e5e6e-EWR
alt-svc: h3=":443"; ma=86400
content-length: 15388

GET
H2 200 vivintCircularWeb-Medium.woff
cdn.assets.vivint.com/global/fonts/2020/ 103 KB
104 KB 96ms
25ms Font
font/woff 3.162.3.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assets.vivint.com/global/fonts/2020/vivintCircularWeb-Medium.woff
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.33 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fea33acbe278c71e4bdd92a72b33d88698781b9e20024dfdc0007110ce8e661

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
Origin: https://creativemind.media
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 17:05:48 GMT
x-amz-version-id: kTx500NpWGriZKQ78B649n1nQmc0xPQD
via: 1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 275372
x-cache: Hit from cloudfront
content-length: 105454
last-modified: Mon, 14 Sep 2020 17:02:17 GMT
server: AmazonS3
etag: "62f0f37699d3cbfce23d1aa60d10314f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15778463
accept-ranges: bytes
x-amz-cf-id: qI8Vp1zr4bndndvHCnl_KTtmf_IOcqA9TDt7oH2SPtwVRINgJ7JxmQ==

GET
H2 200 VivintSans-Medium.woff
cdn.assets.vivint.com/global/fonts/ 45 KB
46 KB 134ms
64ms Font
font/woff 3.162.3.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assets.vivint.com/global/fonts/VivintSans-Medium.woff
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.33 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f512ddd5c14af792278a6f84509b7f53774986bd7ecdd10a436630f93ab90f52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
Origin: https://creativemind.media
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Apr 2024 21:56:22 GMT
x-amz-version-id: gw9lExolNErmXRRFDuAcr0RWOvHl_QOe
via: 1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 344338
x-cache: Hit from cloudfront
content-length: 46516
last-modified: Mon, 14 Sep 2020 17:08:00 GMT
server: AmazonS3
etag: "3467cc3b286b48d474d932e8a41e28a5"
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=15778463
accept-ranges: bytes
x-amz-cf-id: J4C1YPkFk8C2Bb1UQ1kPEyzzeY-LPzKOonP4GtAzVzwlIFMqFGsezA==

GET
H2 200 vivintCircularWeb-Bold.woff
cdn.assets.vivint.com/global/fonts/2020/ 108 KB
108 KB 138ms
68ms Font
font/woff 3.162.3.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assets.vivint.com/global/fonts/2020/vivintCircularWeb-Bold.woff
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.33 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66b2c89a498692b2442a1961d459ea3f96606afc0a8860685f618de882b11bc8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
Origin: https://creativemind.media
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 16:05:31 GMT
x-amz-version-id: zXQzuuHmH8k3kX.tOZYvjYHUPTLdpEjg
via: 1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 278989
x-cache: Hit from cloudfront
content-length: 110253
last-modified: Mon, 14 Sep 2020 17:02:17 GMT
server: AmazonS3
etag: "e74acafc43ed79251f1de68cb82e879b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15778463
accept-ranges: bytes
x-amz-cf-id: L61hiZoK0ZM-qo-R9MLN77tUQ5knyYWNLXbfJL3uev3jrZTsuisttg==

GET
H2 200 vivintCircularWeb-Book.woff
cdn.assets.vivint.com/global/fonts/2020/ 102 KB
103 KB 110ms
40ms Font
font/woff 3.162.3.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.assets.vivint.com/global/fonts/2020/vivintCircularWeb-Book.woff
Requested by: Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/css/css_EWrdvURBfHsYoL_ordvK-HJx4Fds9uwP-eNJ1Y8LYBg.css?delta=1&language=en&theme=themekit&include=eJyFU-2SwyAIfKGYPJJDlBiuKo6YtLmnP_txqb20c39EdhFXQNmkYBhGEOyMB5HtZR9QBBxKZzjjEDkH8PSNXZkx4InKPXj3vkQZ5hM10EorxfLXVwZCAnJRPjMKL2QPtKALWG3KPJFHBYnexIgQxwPu2dERNZAbfTIpM0MDTHRBq6oLRzEwFcwzL1m6BBlchjTLYPOSwPdPpF9iWkZPMmOTQygkj7ow-0KpO-M41foOD9tflwOIHq-v7y0WIC-9wIr_BhV2zh_DbkL6e6M_5ngMQKs61mTaU0R9k7gzhkPiJVpd8FK0KfCkfjeK4hea2qDVHepAcWJde2HfZNy5ZlykcN4K-qrEvUf163C-UOLJol7rwu19SyyWz7GejBHzk5kxs8ooiaPQun-PyLa54ITbyFWkroWvr6wT-ANEAFJ2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.3.33 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fe963b3c74a38a94135bf88242ac49e20d373609f154a910c3dc6c6f008a528

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
Origin: https://creativemind.media
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 16:01:07 GMT
x-amz-version-id: J.IKHBQwlv_xMjXdzozK2YgTWQxSPK0Z
via: 1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
age: 279253
x-cache: Hit from cloudfront
content-length: 104813
last-modified: Mon, 14 Sep 2020 17:02:17 GMT
server: AmazonS3
etag: "12013c7a9696aae3939a647a7e97736d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=15778463
accept-ranges: bytes
x-amz-cf-id: z2MZhO4BwtLGOU-w4sjiP-0HphRhKk34dhcX-wS-M0xPlT2uoOCcRg==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 83ms
44ms Script
text/javascript 2607:f8b0:4004:c1d::5d

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: creativemind.media
URL: https://creativemind.media/landing/display/smartsecurity/js/js_JAEMU-EhfZMsK8l1ryZTXyAGEn0PtswCMbpBthU1Q9k.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5d -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

e4d5c28787419e7eaee569549d12df6ea9b1e7aa76e6f2a08b28ab812bfc1486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 08 Apr 2024 21:35:19 GMT

GET
H2 200 favicon.ico
www.vivint.com/themes/custom/themekit/ 1 KB
503 B 21ms
21ms Other
image/vnd.microsoft.icon 2606:4700::6812:b74

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vivint.com/themes/custom/themekit/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6812:b74 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

5a960c1a8660980ad7b0167c51576186733b3ed2d1f521e5b4a14640cabdb01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 10
date: Mon, 08 Apr 2024 21:35:19 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 431278
x-cache: HIT
x-ah-environment: prod
x-request-id: v-1d632bf8-f1d8-11ee-add8-3b7f2a26390f
last-modified: Wed, 03 Apr 2024 16:27:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=1209600
cf-ray: 871562f55c4019d3-EWR
expires: Mon, 22 Apr 2024 21:35:19 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/1ced3a71/www-widgetapi.vflset/ 216 KB
67 KB 18ms
18ms Script
text/javascript 2607:f8b0:4004:c1d::5d

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1ced3a71/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5d -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d9af2551784a3f4116f8ed6d1ec5e7bb3b619e3a8ed3a0399eb3bbe375b2775a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68372
x-xss-protection: 0
last-modified: Wed, 03 Apr 2024 04:16:22 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Apr 2025 21:07:46 GMT

GET
H3 200 1x1.gif
a.mgid.com/ 43 B
269 B 29ms
29ms Image
image/gif 2606:4700:1::6813:834c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.mgid.com/1x1.gif?id=742165&type=c&tg=&r=https%3A%2F%2Fcreativemind.media%2Flanding%2Fdisplay%2Fsmartsecurity%2F%3Fclick_id%3Db2a52814a63da87f4ae93626d54f747f%26widget_id%3D3992%26state%3DNew%2BYork%26teaser_id%3D18013315%26campaign_id%3D11591994%26adclida%3Dclick_id&nv=1&clid=b2a52814a63da87f4ae93626d54f747f&d=1712612120374

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://creativemind.media/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 21:35:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cf-ray: 871562f86a59c445-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/IntCircular2-Web-Book.woff2

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/IntCircular2-Web-Medium.woff2

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Medium.woff2

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Book.woff2

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Bold.woff2

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/VivintSans-Medium.woff2

Domain: www.vivint.com
URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivint-icons-min.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mgid.com/	1970-01-20 19:43:33	Name: __cf_bm Value: uY__bRN.YTFtQrmPqWJo9dobS9VEP4g_meB2GUuc35o-1712612110-1.0.1.1-OpAN42S75Mfq50_I6w9PEZkeZSeW.WnKUgqwtlXTjikdprTbftv5N.IMcI2vPCnNoB6dl469trr5RtvgZpffzA

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jamgame3.xyz/sw_fd070a34-3aba-28ed-fa1e-69f040e4704a_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://jamgame3.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://roselocation5.xyz/sw_146cc717-581d-97d6-4ea6-f3956e5b0e50_102_0_3001.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://roselocation5.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://news-life2.xyz/sw_4cad0934-5ffc-32d4-c269-e1d7f10742db_101_0_3000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://news-life2.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://game2win2.xyz/sw_5d94aa31-553d-ae75-b611-447739f48861_101_0_2000.js?h=JTdCJTIycmMlMjIlM0EwJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://game2win2.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/IntCircular2-Web-Book.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/IntCircular2-Web-Book.woff2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/IntCircular2-Web-Medium.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/IntCircular2-Web-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Book.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Book.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/VivintSans-Medium.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/VivintSans-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Bold.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivint-icons-min.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivint-icons-min.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Access to font at 'https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Medium.woff2' from origin 'https://creativemind.media' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.vivint.com/themes/custom/themekit/dist/fonts/vivint/vivintCircularWeb-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id(Line 44) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://creativemind.media/static/vivint/sync.php Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://creativemind.media/landing/display/smartsecurity/?click_id=b2a52814a63da87f4ae93626d54f747f&widget_id=3992&state=New+York&teaser_id=18013315&campaign_id=11591994&adclida=click_id Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
c.mgid.com
cdn.assets.vivint.com
cdnjs.cloudflare.com
clck.mgid.com
creativemind.media
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
game2win2.xyz
glamournews3.xyz
jamgame3.xyz
news-life2.xyz
roselocation5.xyz
s-img.mgid.com
www.vivint.com
www.youtube.com
xml.planetpush.net
xml.pushking.net
www.vivint.com
173.214.240.15
199.182.164.180
2606:4700:1::6813:834c
2606:4700:1::6813:844c
2606:4700:1::6813:854c
2606:4700:3034::6815:4bf0
2606:4700::6811:180e
2606:4700::6812:b74
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c1d::5d
3.162.3.33
0532812f54cc709602ef449f495405d725aacadfc3545030a4f9e7a46d3e69ab
06777385b89e2120fdfe0682c928173581d4dda01978d1b7467e570efd489fb5
0d2015814bb3e985ccee950ebe7f8b738d0493a716bc1802054d63b31ef60ea8
1d2e8ecd2ca1334ac31b43e1646c1ffc5be9b41cc8267bf83202f6a5ef3bc608
1fe963b3c74a38a94135bf88242ac49e20d373609f154a910c3dc6c6f008a528
274521d9954dbeea56152c7ef89853d12215b7d8fd118b70fcf06578e44b5e20
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3b3cb90ebf2396b23dadd51a20bbb08fec57cdd5961efc9401be2230bd351a22
3d287df4d63c929781a46116b09fa9be9a9dbe7ffbb2224f8e58933a5ef779b2
3ee7498b55af175bb308f6fa1083dadbfc199dae05dbda7f63ea737d8fca3170
3fea33acbe278c71e4bdd92a72b33d88698781b9e20024dfdc0007110ce8e661
45d2c055791d072ed388bb395f90aaebf2425189bbd03942b8f60855ba4f6988
4e37a91c0f0409ceea548f9c6804fb6d86b840586e7655106a03ac597419404c
4fd886fd65cd08ad9144d5638d5408172078620be6d10069aa0cd567aa4b5b0e
50495bf544e1cc1e4244b8f02e13865f751ef2edc4464c41137f8a51e1bde659
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5a4523c31982d872ec21a6a4575a24a1bc374397d36e12ef59dbe23e8b9a045e
5a960c1a8660980ad7b0167c51576186733b3ed2d1f521e5b4a14640cabdb01b
66b2c89a498692b2442a1961d459ea3f96606afc0a8860685f618de882b11bc8
6e26ed4c6e8e3d46d9fdfb4882cdcbbc6229640d496e89de2c91db0ec7f857ea
709e2d3424a09d9241fab3d5071d6f30f2ee39fb730d845c2f0daaa4b5fb3e45
744984df9b62ef79fdcae59a024cac07036b864ae6a11c542e72b99f01ec5fe2
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
8a482f2271a42c5f54c96e816a84340a6f2357a5b81f927d07d00788f5140a41
92a17dedc050e39e182a1cb66b9835cce55d649ab890b48036b41f072413e374
96171e2719bb4fbc92c5e0524c3d23367c484f9fbec0c6073efc8764c09ffd11
a0e144c4ea8c5744210c578b16a9963a82478474c4d9254f2a7eb5b5e6fa3101
a49cf68a1ca024ce52b34243cf0e16e2c90291beec08c47bff70ab376c5ec762
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaf2f58682f990cd6895432eeb0e77ef17a2a17c797d38838520c9d87a220b66
ac841747fecef607487f878f46dc510742a2c1f02eff4d17ca8f2414f3e8d274
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d42bb0284b724614d86d789c5dea479d30a53b4f4ae47c50703d5bb396b59b4b
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d9af2551784a3f4116f8ed6d1ec5e7bb3b619e3a8ed3a0399eb3bbe375b2775a
da76635af1c121f93136628d9cde9cea19deb117f3ca9a93922790985a7e09bf
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e4d5c28787419e7eaee569549d12df6ea9b1e7aa76e6f2a08b28ab812bfc1486
f512ddd5c14af792278a6f84509b7f53774986bd7ecdd10a436630f93ab90f52
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

creativemind.media Open in urlscan Pro 2606:4700:3034::6815:4bf0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

83 %HTTPS

75 %IPv6

15 Domains

19 Subdomains

12 IPs

1 Countries

1551 kBTransfer

4186 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

creativemind.media Open in urlscan Pro
2606:4700:3034::6815:4bf0 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

83 %
HTTPS

75 %
IPv6

15
Domains

19
Subdomains

12
IPs

1
Countries

1551 kB
Transfer

4186 kB
Size

1
Cookies

66 HTTP transactions
4 data transactions