urlscan.io logo urlscan.io
SecurityTrails logo

mygoodstream.pw Open in urlscan Pro
104.37.183.1  Public Scan

Go To Rescan Add Verdict Report
URL: http://mygoodstream.pw/
Submission: On June 28 via manual from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 5 countries across 43 domains to perform 90 HTTP transactions. The main IP is 104.37.183.1, located in United States and belongs to NUCDN, US. The main domain is mygoodstream.pw.
This is the only time mygoodstream.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.37.183.1 23393 (NUCDN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
3 104.16.144.212 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:0:862:ed... 14907 (WIKIMEDIA)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
1 2600:9000:210... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.198.109.212 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.213.224.136 14618 (AMAZON-AES)
6 2600:9000:210... 16509 (AMAZON-02)
1 35.190.71.96 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 136.144.59.88 54825 (PACKET)
1 185.33.221.88 29990 (ASN-APPNEX)
1 2 5.178.65.245 50673 (SERVERIUS-AS)
1 13 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.184.8.65 204995 (RTB-HOUSE...)
1 1 2a00:7c80:0:1... 49981 (WORLDSTREAM)
2 46.249.52.249 50673 (SERVERIUS-AS)
3 3 216.52.2.39 29791 (VOXEL-DOT...)
2 2 18.197.99.6 16509 (AMAZON-02)
3 3 3.126.56.137 16509 (AMAZON-02)
6 6 37.252.172.250 29990 (ASN-APPNEX)
2 178.162.133.149 60781 (LEASEWEB-...)
1 1 88.214.206.142 46636 (NATCOWEB)
2 2 34.198.116.61 14618 (AMAZON-AES)
1 51.89.9.253 16276 (OVH)
2 7 2.18.234.21 16625 (AKAMAI-AS)
1 67.202.110.22 32748 (STEADFAST)
1 2.18.233.180 16625 (AKAMAI-AS)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 2 54.239.17.112 16509 (AMAZON-02)
3 3 172.217.18.98 15169 (GOOGLE)
1 13.248.242.197 16509 (AMAZON-02)
1 72.251.241.196 29791 (VOXEL-DOT...)
1 1 54.174.195.234 14618 (AMAZON-AES)
1 37.252.172.38 29990 (ASN-APPNEX)
90 46
3    104.37.183.1 (United States)

ASN23393 (NUCDN, US)
mygoodstream.pw
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::ac43:1e94 (United States)

ASN13335 (CLOUDFLARENET, US)
getbootstrap.com
1    2600:9000:2104:9000:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-api.sharethis.com
3    104.16.144.212 (United States)

ASN13335 (CLOUDFLARENET, US)
blockchain.info
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
9    2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
2    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
7    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
1    2600:9000:2104:c000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    2600:9000:2104:c200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:3037::6815:174 (United States)

ASN13335 (CLOUDFLARENET, US)
theonecdn.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:3030::6815:2ed2 (United States)

ASN13335 (CLOUDFLARENET, US)
ufpcdn.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    3.213.224.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-224-136.compute-1.amazonaws.com
count-server.sharethis.com
6    2600:9000:2104:cc00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
1    35.190.71.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com
onclickgenius.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs-simple.com
2    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
13    2606:4700:20::681a:34e (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
1    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
1    2a00:7c80:0:120::2 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
ufo.approximity.com
2    46.249.52.249 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
3    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    18.197.99.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    34.198.116.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-116-61.compute-1.amazonaws.com
nep.advangelists.com
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    67.202.110.22 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-110.static.steadfastdns.net
ssc-cms.33across.com
1    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    54.174.195.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-195-234.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
13 quantumdex.io
useast.quantumdex.io
sync.quantumdex.io
ms.quantumdex.io
6 KB
10 sharethis.com
platform-api.sharethis.com
buttons-config.sharethis.com
l.sharethis.com
count-server.sharethis.com
platform-cdn.sharethis.com
46 KB
9 vlitag.com
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
436 KB
7 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8 KB
7 adnxs.com
ib.adnxs.com
secure.adnxs.com
5 KB
7 tawk.to
embed.tawk.to
va.tawk.to Failed
115 KB
5 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
117 KB
4 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
2 KB
3 yahoo.com
ups.analytics.yahoo.com
3 KB
3 lijit.com
ap.lijit.com
2 KB
3 blockchain.info
blockchain.info
23 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
147 KB
3 mygoodstream.pw
mygoodstream.pw
15 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
961 B
2 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
5 KB
2 advangelists.com
nep.advangelists.com
456 B
2 sonobi.com
sync.go.sonobi.com
1 KB
2 advertising.com
pixel.advertising.com
677 B
2 gstatic.com
fonts.gstatic.com
34 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 theonecdn.com
theonecdn.com
21 KB
2 wikimedia.org
upload.wikimedia.org
271 KB
2 unpkg.com
unpkg.com
76 KB
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
376 B
1 adgrx.com
cm.adgrx.com
408 B
1 adsrvr.org
match.adsrvr.org
265 B
1 33across.com
ssc-cms.33across.com
1 onetag-sys.com
onetag-sys.com
818 B
1 admanmedia.com
cs.admanmedia.com
401 B
1 approximity.com
ufo.approximity.com
280 B
1 creativecdn.com
prebid-eu.creativecdn.com
176 B
1 adnxs-simple.com
ib.adnxs-simple.com
944 B
1 a-mo.net
prebid.a-mo.net
365 B
1 jsdelivr.net
cdn.jsdelivr.net
1 KB
1 onclickgenius.com
onclickgenius.com
2 KB
1 googletagservices.com
www.googletagservices.com
24 KB
1 ufpcdn.com
ufpcdn.com
2 KB
1 ionicframework.com
code.ionicframework.com
8 KB
1 consensu.org
c.sharethis.mgr.consensu.org
1 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
18 KB
1 getbootstrap.com
getbootstrap.com
21 KB
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 cloudflare.com
cdnjs.cloudflare.com
14 KB
90 43
Domain Requested by
11 sync.quantumdex.io assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
7 embed.tawk.to mygoodstream.pw
embed.tawk.to
6 ib.adnxs.com 6 redirects
6 platform-cdn.sharethis.com mygoodstream.pw
6 assets.vlitag.com tag.vlitag.com
mygoodstream.pw
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 cm.g.doubleclick.net 3 redirects
3 ssum-sec.casalemedia.com 1 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
3 ups.analytics.yahoo.com 3 redirects
3 ap.lijit.com 3 redirects
3 blockchain.info mygoodstream.pw
3 mygoodstream.pw mygoodstream.pw
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 nep.advangelists.com 2 redirects
2 sync.go.sonobi.com sync.quantumdex.io
2 pixel.advertising.com 2 redirects
2 u-ams02.e-planning.net
2 ads.us.e-planning.net 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 theonecdn.com mygoodstream.pw
2 upload.wikimedia.org mygoodstream.pw
2 services.vlitag.com mygoodstream.pw
services.vlitag.com
2 unpkg.com 1 redirects mygoodstream.pw
1 secure.adnxs.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 match.adsrvr.org ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 ads.pubmatic.com sync.quantumdex.io
1 ssc-cms.33across.com sync.quantumdex.io
1 onetag-sys.com sync.quantumdex.io
1 cs.admanmedia.com 1 redirects
1 ms.quantumdex.io 1 redirects
1 ufo.approximity.com 1 redirects
1 prebid-eu.creativecdn.com assets.vlitag.com
1 useast.quantumdex.io assets.vlitag.com
1 ib.adnxs-simple.com assets.vlitag.com
1 prebid.a-mo.net assets.vlitag.com
1 cdn.jsdelivr.net assets.vlitag.com
1 securepubads.g.doubleclick.net www.googletagservices.com
1 onclickgenius.com mygoodstream.pw
1 count-server.sharethis.com platform-api.sharethis.com
1 imasdk.googleapis.com tag.vlitag.com
1 www.googletagservices.com tag.vlitag.com
1 tag.vlitag.com services.vlitag.com
1 ufpcdn.com mygoodstream.pw
1 stats.g.doubleclick.net www.google-analytics.com
1 l.sharethis.com platform-api.sharethis.com
1 fonts.googleapis.com mygoodstream.pw
1 code.ionicframework.com mygoodstream.pw
1 c.sharethis.mgr.consensu.org platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 maxcdn.bootstrapcdn.com mygoodstream.pw
1 platform-api.sharethis.com mygoodstream.pw
1 getbootstrap.com mygoodstream.pw
1 www.googletagmanager.com mygoodstream.pw
1 cdnjs.cloudflare.com mygoodstream.pw
1 ajax.googleapis.com mygoodstream.pw
0 va.tawk.to Failed embed.tawk.to
90 60

This site contains links to these domains. Also see Links.

Domain
redditsport.live
valueimpression.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.blockchain.com
DigiCert SHA2 Extended Validation Server CA		 2020-12-09 -
2022-01-09		 a year crt.sh
*.wikipedia.org
DigiCert SHA2 High Assurance Server CA		 2020-11-09 -
2021-11-16		 a year crt.sh
sharethis.com
Amazon		 2020-08-17 -
2021-09-16		 a year crt.sh
sharethis.mgr.consensu.org
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
ionicframework.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.a-mo.net
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018		 2021-03-17 -
2022-03-15		 a year crt.sh
ads.us.e-planning.net
R3		 2021-05-24 -
2021-08-22		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.e-planning.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
onetag-sys.com
R3		 2021-05-02 -
2021-07-31		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh

This page contains 9 frames:

Primary Page: http://mygoodstream.pw/
Frame ID: D6CCD2CC9C18B6BD221091E635A5A05E
Requests: 64 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: D963C9453D3AF8A4FE9516A6FA874A16
Requests: 1 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 311DEE91FBE26A361DC9D3F40D30038D
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/quantumdex
Frame ID: FC091CE87D1974853DBB6028040F0F50
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: C9C291EE0DC8F08DE18F89BFC0F04FF6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Frame ID: 8C5E6D1418878A05361F71CB14CC8523
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: A2AF6710F833C27EBC2AB7BB934379FD
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 4B582732C47439AE5340835F259B8B54
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A5A4C0BED70606516697BFA537E226A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

90
Requests

80 %
HTTPS

46 %
IPv6

43
Domains

60
Subdomains

46
IPs

5
Countries

1469 kB
Transfer

4561 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/@webpixels/css@1.0/dist/index.css HTTP 302
  • https://unpkg.com/@webpixels/css@1.0.1/dist/index.css
Request Chain 59
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/mygoodstream.pw/ROS?rnd=0.007185067391866751&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fmygoodstream.pw%2F&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fmygoodstream.pw%2F&gdpr=1&gdprcs= HTTP 302
  • https://ads.us.e-planning.net/hb/1/2c995/1/mygoodstream.pw/ROS?ct=1&r=pbjs&rnd=0.007185067391866751&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fmygoodstream.pw%2F&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fmygoodstream.pw%2F&gdpr=1&gdprcs=
Request Chain 64
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D8fadf9b841053049 HTTP 302
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=8fadf9b841053049&uid=02000000CD69D960A424EF4802071B4D
Request Chain 65
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D8fadf9b841053049%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D8fadf9b841053049%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=8fadf9b841053049&uid=dbb2fb3fbb44967c85cf2aa4
Request Chain 66
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbb6a36a7-d7d8-11eb-b321-0683a3e6c814 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbb6a36a7-d7d8-11eb-b321-0683a3e6c814
Request Chain 67
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7114770215278535939
Request Chain 68
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=53008872246999941
Request Chain 70
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dbb2fb3fbb44967c85cf2aa4
Request Chain 71
  • https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c8a0bcc2-99d5-4ea7-b6a3-8ec05acfd613
Request Chain 72
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=c211bd5ec9caa32e271f7d48ae75e3b84fd2ad45
Request Chain 73
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-3ae876b3-8f28-4a20-82ae-998e2a23d828
Request Chain 74
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=633371128405921561
Request Chain 75
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ghC0twtE2uGX3JcB3AymVXvov6fyh_2jPWx5YVw-~A
Request Chain 77
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Request Chain 82
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&dcc=t
Request Chain 83
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNlp1sPBs5YOkoxBYEvqJwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEGOUbHThjudAURVaQT_7iw&google_cver=1
Request Chain 85
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDcJsxRc7ZTMSlIqny5adII&google_cver=1
Request Chain 86
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0d0cf098-89c1-4ef6-8c29-be70ced046d7
Request Chain 88
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1aacc4b7-a9d2-4610-9a3a-dbb3715fdc71&expiration=1656397142

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mygoodstream.pw/ 		20 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
104.37.183.1 , United States, ASN23393 (NUCDN, US),
Reverse DNS
Software
NuCDN/v2.58.7 /
Resource Hash
0620901ff6f000f5b2e829f5d7759400c93e6da183f869dd170d9796a82f44df

Request headers

Host
mygoodstream.pw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
NuCDN/v2.58.7
Set-Cookie
PHPSESSID=4q768le9f8q5394212gd8v37nq; path=/
X-Beluga-Cache-Status
Miss
X-Beluga-Node
326fdc14-d87c-4407-bb9b-660a8d00a3d4
X-Beluga-Record
9624b94b60cf6d09de983635dfd5e3bb4990fb21
X-Beluga-Response-Time
231 ms
X-Beluga-Status
000
X-Beluga-Trace
a66230f0-11fc-4465-9762-6fc5d15c7c93
Date
Mon, 28 Jun 2021 06:18:55 GMT
Transfer-Encoding
chunked
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 04:34:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jun 2022 04:34:06 GMT
index.css
unpkg.com/@webpixels/css@1.0.1/dist/
Redirect Chain
  • https://unpkg.com/@webpixels/css@1.0/dist/index.css
  • https://unpkg.com/@webpixels/css@1.0.1/dist/index.css
853 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@webpixels/css@1.0.1/dist/index.css
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ecab21b492c39a93c63d6373a5161c7ad9de97e7cbc12ff69cf07c1ad587c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
3611348
fly-request-id
01F5X08S7NB48BRP89CTNEQKPR
content-encoding
br
vary
Accept-Encoding
cf-request-id
0af2de68dd0000178edc1d8000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"d542b-wyUw1t6y3Y1Shmu1Iip04noWJkA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6664ccee2ade178e-FRA

Redirect headers

date
Mon, 28 Jun 2021 06:18:55 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
508
vary
Accept, Accept-Encoding
cf-request-id
0af2de68c80000178ee8094000000001
fly-request-id
01F98KTXR3G1SHDEE0QQRB90GB
server
cloudflare
location
/@webpixels/css@1.0.1/dist/index.css
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=600, max-age=60
cf-ray
6664ccee0aaa178e-FRA
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.0.1/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.0.1/js/bootstrap.min.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2802087
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14192
cf-request-id
0af2de68c800003244a21bb000000001
timing-allow-origin
*
last-modified
Wed, 19 May 2021 12:00:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60a4fde4-3770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=A2KOblRd3SzeVMlXBKsoCnguKZ05evAD0lfhA6c%2FKQUaXtMGW84SQyRAzOMcOrx24fn1p%2FiBARR7V4kTclgYfaStik3NqoLBYRjlK64Mffp3k9iwm%2F01rKkcNvD66an4t5m84TK7gSgkMKPT8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6664ccee0e233244-FRA
expires
Sat, 18 Jun 2022 06:18:55 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111635968-1
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a12a13338535144e5ca8d81b1931ad12ee66e96dfa89b069e8c1046b87ac53da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36364
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Jun 2021 06:18:55 GMT
bootstrap.min.css
getbootstrap.com/docs/5.0/dist/css/ 		152 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getbootstrap.com/docs/5.0/dist/css/bootstrap.min.css
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
098d191161bd05fa0475c54d9c2790e733390f82
date
Mon, 28 Jun 2021 06:18:55 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
age
509
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de68dd0000d721db243000000001
x-served-by
cache-fra19179-FRA
last-modified
Tue, 22 Jun 2021 18:39:06 GMT
server
cloudflare
x-github-request-id
8A20:24E6:915FAD:959088:60D22E5B
x-timer
S1624388354.843229,VS0,VE1
etag
W/"60d22e4a-260c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=14400
x-proxy-cache
MISS
cf-ray
6664ccee2d9ad721-FRA
x-origin-cache
HIT
expires
Wed, 23 Jun 2021 08:56:31 GMT
sharethis.js
platform-api.sharethis.com/js/ 		172 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
2600:9000:2104:9000:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c63e08efff2c004e867b8de6ec09585ba5499dda44024ee1dedb14e7b45a8245

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:13:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Age
316
ETag
W/"2af13-ilA0+GK6k3/lGShh36vh+RHVr3o"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript; charset=utf-8
Via
1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
Edge-control
cache-maxage=60m,downstream-ttl=60m
Cache-Control
max-age=600, public
Transfer-Encoding
chunked
X-Amz-Cf-Pop
AMS1-C1
X-Amz-Cf-Id
POTheuRAC0paE043TNebszHarKIfW_AgLrZ7_hnfVmMlmkU53LTZHw==
pay-now-button.js
blockchain.info/Resources/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blockchain.info/Resources/js/pay-now-button.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.144.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bace0f51ca0d0be3110437b7bcd2f93c338e70393162b3cc2216f6add6e8bd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5705513
x-original-host
blockchain.info
x-blockchain-cp-f
z6h4 0.010 - 64082092dca9a279c674229bbd637956
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
64082092dca9a279c674229bbd637956
last-modified
Thu, 11 Feb 2021 11:26:10 GMT
server
cloudflare
x-blockchain-cp-b
explorer-bitcoin-core
x-blockchain-server
BlockchainFE/1.0
etag
W/"2820-1613042770000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
via
1.1 google
x-blockchain-language
el
cache-control
public, max-age=31536000
cf-request-id
0af2de6920000001325138f000000001
x-blockchain-language-id
0:0:1 (en:en:el)
cf-ray
6664ccee9f900132-AMS
expires
Tue, 28 Jun 2022 06:18:55 GMT
donate_64.png
blockchain.info/Resources/buttons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blockchain.info/Resources/buttons/donate_64.png
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.144.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a479d7f9126d3437e41e9ec0269cf4b2e3e22a392ea8ba99209feec8e23aabe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
age
5705513
x-original-host
blockchain.info
x-blockchain-cp-f
xndt 0.002 - 1a9d3a392d5b12d5fd8e6c27b280802f
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
10374
x-xss-protection
1; mode=block
x-request-id
1a9d3a392d5b12d5fd8e6c27b280802f
x-blockchain-language-id
0:0:1 (en:en:el)
last-modified
Thu, 11 Feb 2021 11:26:10 GMT
server
cloudflare
x-blockchain-cp-b
explorer-bitcoin-core
x-blockchain-server
BlockchainFE/1.0
etag
W/"10374-1613042770000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-blockchain-language
el
cache-control
public, max-age=31536000
cf-request-id
0af2de6928000001327187f000000001
accept-ranges
bytes
cf-ray
6664cceeafa60132-AMS
expires
Tue, 28 Jun 2022 06:18:55 GMT
loading-large.gif
blockchain.info/Resources/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blockchain.info/Resources/loading-large.gif
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.144.212 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a841616b8b20461b5b9ffc64791c55b3a68889b350f7e59d8790a029a4036220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
age
5705512
x-original-host
blockchain.info
x-blockchain-cp-f
z6h4 0.004 - b2fd5ae8ef413bc46d425dc99dc5d2b7
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11399
x-xss-protection
1; mode=block
x-request-id
b2fd5ae8ef413bc46d425dc99dc5d2b7
x-blockchain-language-id
0:0:1 (en:en:el)
last-modified
Thu, 11 Feb 2021 11:26:10 GMT
server
cloudflare
x-blockchain-cp-b
explorer-bitcoin-core
x-blockchain-server
BlockchainFE/1.0
etag
W/"11399-1613042770000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-blockchain-language
el
cache-control
public, max-age=31536000
cf-request-id
0af2de6929000001321a3fa000000001
accept-ranges
bytes
cf-ray
6664cceeafa80132-AMS
expires
Tue, 28 Jun 2022 06:18:55 GMT
atag.js
mygoodstream.pw/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mygoodstream.pw/atag.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
104.37.183.1 , United States, ASN23393 (NUCDN, US),
Reverse DNS
Software
NuCDN/v2.58.7 /
Resource Hash
ef5995fd1b07fbc47abb18d869b213013b21958e96c3d67f8ed0d6407a9a0480

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mygoodstream.pw
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://mygoodstream.pw/
Cookie
PHPSESSID=4q768le9f8q5394212gd8v37nq
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Beluga-Cache-Status
Hit (1)
Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
Last-Modified
Sun, 20 Jun 2021 14:07:03 GMT
Server
NuCDN/v2.58.7
Etag
"60cf4b87-1afb"
Transfer-Encoding
chunked
Content-Type
application/javascript
X-Beluga-Node
326fdc14-d87c-4407-bb9b-660a8d00a3d4
Cache-Control
max-age=315360000
X-Beluga-Response-Time
3 ms
X-Beluga-Status
003
X-Beluga-Trace
2dc725a9-1d05-4086-95d7-3803ff1925ad
X-Beluga-Record
e260640f15d3d96916480b41d6e05218a74c873f
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
8414106
cdn-cachedat
2021-03-11 11:57:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de692000004aa4b8ac7000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a31dd7f18bc0fe8277e68a4489d4861a
cf-ray
6664ccee9a1c4aa4-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
style2.css
mygoodstream.pw/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://mygoodstream.pw/style2.css?v5
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
104.37.183.1 , United States, ASN23393 (NUCDN, US),
Reverse DNS
Software
NuCDN/v2.58.7 /
Resource Hash
9d0b05c73ce46a562f2d6497bee9a9092b9de5bbfd8b04b3d33d33ac4a770083

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
mygoodstream.pw
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://mygoodstream.pw/
Cookie
PHPSESSID=4q768le9f8q5394212gd8v37nq
Connection
keep-alive
Cache-Control
no-cache
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Beluga-Cache-Status
Hit (1)
Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Jun 2021 12:54:57 GMT
Server
NuCDN/v2.58.7
Etag
"60d08c21-1356"
X-Beluga-Status
003
Content-Type
text/css
X-Beluga-Node
326fdc14-d87c-4407-bb9b-660a8d00a3d4
Cache-Control
max-age=315360000
X-Beluga-Response-Time
2 ms
X-Beluga-Trace
1291bd4d-a1d6-48ec-b8e1-6eb7531e3771
Content-Length
1283
X-Beluga-Record
6157968fd920816f2f32427d98f1f9cefa5f19e7
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
services.vlitag.com/adv1/ 		933 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://services.vlitag.com/adv1/?q=85dc19135b81e13a2043c2442b5ae469
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1eeaba32175ad15f81205518ff8f63af7fb2ae92cb86ee3cdece5e2522924c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de692700004ee50c299000000001
Pragma
no-cache
Last-Modified
Mon, 28 Jun 2021 06:18:55 GMT
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yAhVuYFxZ65R9obPz9RSVsu0V2pSmPcqU%2Ff6TdwKrb4Z1Jvx8rsLHalpOphTePjc3aH0WQNaZFq1izKM%2FcPIKM%2FvTo1ahyzUN1%2FrqscGrOemXWwyQGFS4e9f6VanUq%2BSOzD9Nd5yOd4HGYpj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
CF-RAY
6664cceea88b4ee5-FRA
Expires
on, 01 Jan 1970 00:00:00 GMT
1200px-2021_Copa_Am%C3%A9rica_logo.svg.png
upload.wikimedia.org/wikipedia/fr/thumb/e/ee/2021_Copa_Am%C3%A9rica_logo.svg/ 		210 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/fr/thumb/e/ee/2021_Copa_Am%C3%A9rica_logo.svg/1200px-2021_Copa_Am%C3%A9rica_logo.svg.png
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
90f72ddc73aaaf6c4d5dea3caee8caec79c447924e1e964cf9f754db51675ba3
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 02:01:07 GMT
x-content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
15467
x-cache-status
hit-front
content-security-policy-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
x-cache
cp3065 miss, cp3055 hit/5
content-disposition
inline;filename*=UTF-8''2021_Copa_Am%C3%A9rica_logo.svg.webp
server-timing
cache;desc="hit-front", host;desc="cp3055"
content-length
215344
x-client-ip
2a01:4f8:192:5414::2
last-modified
Sun, 27 Jun 2021 01:58:45 GMT
server
ATS/8.0.8
etag
a2d656ae3005154e1c6caafe5d492a26
x-webkit-csp-report-only
default-src 'none'; style-src 'unsafe-inline' data:; font-src data:; img-src data: https://upload.wikimedia.org/favicon.ico; media-src data:; sandbox; report-uri https://commons.wikimedia.org/w/api.php?reportonly=1&source=image&action=cspreport&format=json&
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/webp
access-control-allow-origin
*
x-timestamp
1624759124.56331
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
UFC_Logo.png
upload.wikimedia.org/wikipedia/commons/d/d7/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/d/d7/UFC_Logo.png
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
8f521a2b4b53306364d171808f95b4b910fae6487d677fe3ad030e259da6d547
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Jun 2021 09:48:47 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
73807
x-cache-status
hit-front
x-cache
cp3051 hit, cp3055 hit/229
server-timing
cache;desc="hit-front", host;desc="cp3055"
content-length
60005
x-client-ip
2a01:4f8:192:5414::2
x-object-meta-sha1base36
ny91owkbweb4sd6q1unhny8k02of823
last-modified
Tue, 12 Jan 2016 22:05:30 GMT
server
ATS/8.0.8
etag
d15ad4256f6559814d7a9b391083f401
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
x-timestamp
1452636329.91753
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
default
embed.tawk.to/5d717ed577aa790be332a63e/ 		2 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5d717ed577aa790be332a63e/default
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0fe394bc5df72d11bfa24c346026e957054d1e9452986a555af154e53683ec
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
208
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6958000005e444380000000001
server
cloudflare
etag
W/"stable-v4-60d19012b18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=7200, s-maxage=3600
cf-ray
6664cceeff2205e4-FRA
5a1197ce9a9a440011b55598.js
buttons-config.sharethis.com/js/ 		858 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5a1197ce9a9a440011b55598.js
Requested by
Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc18b9c7456ec2bb5d055c12dee58d3d11717d331eda23b50546036ccf63d400

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:56 GMT
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
last-modified
Sun, 10 Dec 2017 16:08:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"888f44bf95c19e5b7da8d8051d3f99fd"
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
858
x-amz-cf-id
Fzc2B4N4s8afagGTt0WXW_7XpsKiUBc4xSNYnzqZjHzPhbZDe4HxmQ==
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame D963 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mygoodstream.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://mygoodstream.pw/

Response headers

content-type
text/html; charset=utf-8
content-encoding
gzip
cache-control
max-age=3600, public
date
Mon, 28 Jun 2021 06:14:33 GMT
etag
W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
cnW7hpgmaZrdH5dknsZY6YeeG0vcli01YepxjkEBTvebSgJd-xk9VA==
age
262
ionicons.min.css
code.ionicframework.com/ionicons/2.0.0/css/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.0/css/ionicons.min.css
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/style2.css?v5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
b1ecc408a56599007a57bb558efb01956d23b1e4
date
Mon, 28 Jun 2021 06:18:55 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15393
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de69a000002c4e351da000000001
x-served-by
cache-fra19125-FRA
last-modified
Thu, 29 Apr 2021 18:50:21 GMT
server
cloudflare
x-github-request-id
F49E:E9AF:9EC7E:E1F7E:60D929F6
x-timer
S1624845742.071323,VS0,VE1
etag
W/"608affed-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K6LUAAYTCqGtpjEaoij7JjTFLejqLkrDEdPnpBfUI%2FxOEdUCWqpM70hMolNGfXbZLNNb%2FtwkpuC8r6BsIS6PWDMAgyuQvEPv%2Fd0dBHhg9xgmvzTSdqJqfDlCTNDCxzEl2q7WCcuDg9ZSzIaBM1DByQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
MISS
cf-ray
6664ccef6ae52c4e-FRA
x-origin-cache
HIT
expires
Mon, 28 Jun 2021 01:56:30 GMT
css
fonts.googleapis.com/ 		3 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Play:300,400,700
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/style2.css?v5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7bef47fb3ead72dd7241104554ea96e5d282d83f2b33bc02cd02961ddef25780
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 06:18:55 GMT
server
ESF
date
Mon, 28 Jun 2021 06:18:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Jun 2021 06:18:55 GMT
compatibility.js
theonecdn.com/script/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://theonecdn.com/script/compatibility.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/atag.js
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=6TBdZQ==, md5=wrvB4lRAScsDXDIZGb7yvA==
Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
3435
X-GUploader-UploadID
ABg5-UxMHQQPprXy7KJw9TBk9wOzCFBe1wnicpS8CujrL9uaAPB-vLEsu7HP6QPmCqZuO7LmuX5FUDRWjrniWzJZ4w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de69a20000c2c742331000000001
Last-Modified
Tue, 15 Sep 2020 12:10:32 GMT
Server
cloudflare
ETag
W/"c2bbc1e2544049cb035c321919bef2bc"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a9gz%2Bamx96%2F47CcRBf3Uk6UoRBlLa2Oav%2B8JluFt5jcn1lD1oZt2Znew3iH3xG%2FzeOqKw0RfP5e%2BOSyuH1PgQWXOYDVsX%2FlIp1SbK2%2F%2Fk1TyynPvgpK7AgSeAhFiRjQ8SPhWAwLGwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600171832181211
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
20647
CF-RAY
6664ccef694ec2c7-FRA
Expires
Mon, 28 Jun 2021 05:45:17 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111635968-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
2327
date
Mon, 28 Jun 2021 05:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Mon, 28 Jun 2021 07:40:08 GMT
6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v12/6aez4K2oVqwIvtU2Hw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd6dd6fb8487a979e9fb8d6f69c3c3410fccd6763b274151faca84e0d9415d7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://mygoodstream.pw
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 05:30:06 GMT
x-content-type-options
nosniff
age
348529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17268
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:50:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 05:30:06 GMT
6ae84K2oVqwItm4TCpAy2g.woff2
fonts.gstatic.com/s/play/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/play/v12/6ae84K2oVqwItm4TCpAy2g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Play:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d77d93b147439fc022124457c155d0d49b6c110ce2d6fd9492cf0580592913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://mygoodstream.pw
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 20:57:42 GMT
x-content-type-options
nosniff
age
465673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17272
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:49:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 20:57:42 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=437482210&t=pageview&_s=1&dl=http%3A%2F%2Fmygoodstream.pw%2F&ul=en-us&de=UTF-8&dt=MyGoodStream%20%7C%20Watch%20live%20sports%20in%20HD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1814301556&gjid=270356172&cid=791257257.1624861135&tid=UA-111635968-1&_gid=1148609830.1624861135&_r=1&gtm=2ou6n0&z=1692789899
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 06:18:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://mygoodstream.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pview
l.sharethis.com/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=mygoodstream.pw&location=%2F&product=inline-share-buttons&url=http%3A%2F%2Fmygoodstream.pw%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=MyGoodStream%20%7C%20Watch%20live%20sports%20in%20HD&cms=unknown&publisher=5a1197ce9a9a440011b55598&sop=true&bsamesite=true&consent_cookie_duration=145&consent_duration=145&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by
Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
http://mygoodstream.pw
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
collect
stats.g.doubleclick.net/j/ 		1 B
84 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-111635968-1&cid=791257257.1624861135&jid=1814301556&gjid=270356172&_gid=1148609830.1624861135&_u=YEBAAUAAAAAAAC~&z=1193589878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 28 Jun 2021 06:18:55 GMT
content-type
text/plain
access-control-allow-origin
http://mygoodstream.pw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set identify.html
ufpcdn.com/script/ Frame 311D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:2ed2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a

Request headers

Host
ufpcdn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://mygoodstream.pw/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://mygoodstream.pw/

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 15 May 2018 06:39:25 GMT
CF-Cache-Status
DYNAMIC
cf-request-id
0af2de6a0200002c52d7392000000001
Set-Cookie
__cf_bm=e99e1bdcea73dc42e5fbec873e1aa9c54106c971-1624861135-1800-AT2QBMjYiLutypUOd5TcwYTIBP0w/kTGbFvdvceuMXCBtH0d6l+nPEJ2sUGhqkAjUod2B8eWL0l1xrjCEWtGSHE=; path=/; expires=Mon, 28-Jun-21 06:48:55 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gA17aljdW7lCPxI5eva3DmuVg5QT7aE4Cq5SAa8Gazaf6L9qag%2F%2BpKutkxiLYfxwwao5OBe8FwT6UeAtCyFYl6xM2E%2Fl67ox%2FVwHE7sYxTvIyzoIT52gi%2BNNWpAozXG6AD%2BtnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6664cceffcac2c52-FRA
Content-Encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
services.vlitag.com/uv/ 		13 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=http%3A%2F%2Fmygoodstream.pw%2F&mtk=13152
Requested by
Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=85dc19135b81e13a2043c2442b5ae469
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13
cf-request-id
0af2de6a360000dfef452ed000000001
pragma
no-cache
last-modified
Mon, 28 Jun 2021 06:18:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wDOCQZwx62pBWdklqCF3zr2deVWSNXbxojsh4qufm7er%2BwyladksHNYA%2BX0zPK8mMU%2FxYCoGPZCWgMwgzYwYPsSAxTihNhv%2ByL9%2Fk%2FTWiwvom3%2F%2F0FD9tTRKG8bPDZ%2BfxPK744eQcAxZfv0H"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
http://mygoodstream.pw
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6664ccf05e62dfef-FRA
expires
on, 01 Jan 1970 00:00:00 GMT
85dc19135b81e13a2043c2442b5ae469.js
tag.vlitag.com/v1/1624772946/ 		495 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Requested by
Host: services.vlitag.com
URL: http://services.vlitag.com/adv1/?q=85dc19135b81e13a2043c2442b5ae469
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
005b555313967b57f931b213890458534dfaaa67488876c94da41d800739b9b4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
80968
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6a3300002c1960883000000001
Cf-Bgj
minify
Server
cloudflare
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jCRVenAMFRJZhEf0ylpI70ZmYfXkZGsCyBajTMdEiOutrxe8yPrYw4V4QBexgr6suZlGu7COvKyQhsTotvR%2FiXgrQNgRaFc156CAWETiWiFj90oqXWqA1aTuG%2Bwmfk225YQyGytIGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
public, max-age=31536000, immutable
CF-RAY
6664ccf05bf12c19-FRA
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e73eb6536f7c789b8a3dd690c87914375d43fb8d037ed84fabf739775ab14791

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da91dfb57b3b17cf7365ad2d9e4330adc3408e7c34c71a33784e23f1f4d740c0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cmp-v2.0.1.js
assets.vlitag.com/plugins/cmptcf2/ 		267 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Requested by
Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
377567
cf-polished
origSize=489839
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6aaa00000610941b2000000001
x-robots-tag
noindex, nofollow
last-modified
Tue, 29 Dec 2020 02:18:12 GMT
server
cloudflare
etag
W/"5fea91e4-7796f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BX6ExIiOZImeYPFDAzMXkMWjCU4kOj4IB22byBERpzNiXbTKNrOvzwL3mFlVpLRKkzrf9OEFYbOkJDx%2FjrVD8mFp0X7PfQtmy1aOlsu421F%2B1eA22OWhByPH3tN%2FP1hwbiZNv21ZC0H19w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=16070400
cf-ray
6664ccf11d4d0610-FRA
expires
Wed, 23 Jun 2021 21:56:07 GMT
prebid-v5.0.3.js
assets.vlitag.com/prebid/default/ 		428 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Requested by
Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be60df08d3dbb55a9354bfee50dbce87d57372552f622e36ba5e1228d7f67d69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
601413
Cf-Polished
origSize=438213
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 21 Jun 2021 07:15:14 GMT
Server
cloudflare
ETag
W/"60d03c82-6afc5"
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QcJc1TiKZHpl82wR93pQ0NkeZnkc72Qjf49HPR7Hx0inYat5Af8W2xVNmvqArOITYS%2FuDVHmKWhANaG1%2B0b1fOs%2FMvTMKXIPPZNSKaPMn%2BdvKurS9TCOW6rkWQ0hjnjqYg0XFgb33xEvXg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Expires
Mon, 21 Jun 2021 07:45:22 GMT
Cache-Control
max-age=16070400
cf-request-id
0af2de6aa100002b710d09f000000001
CF-RAY
6664ccf10d252b71-FRA
Cf-Bgj
minify
gpt.js
www.googletagservices.com/tag/js/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a1864f32a04e6cd711de95cfb5adfb2fbadf2d08f5978e2bbd711c52d9a886
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"914 / 875 of 1000 / last-modified: 1624659045"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
24327
X-XSS-Protection
0
Expires
Mon, 28 Jun 2021 06:18:55 GMT
viPlayer_v45.min.js
assets.vlitag.com/plugins/vlPlayer/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.vlitag.com/plugins/vlPlayer/viPlayer_v45.min.js
Requested by
Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1169347
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6aa100004e2c2c223000000001
Last-Modified
Mon, 14 Jun 2021 17:20:56 GMT
Server
cloudflare
ETag
W/"60c78ff8-34ff"
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pv1jk%2BO3O4a5VyhR04P8crBmyrzYkKsheo%2B3X9E2bp2Nzsb2prsbvTHFD9U0rGQ7QKMMAyTl4ZdVqG1lhiXmlN%2BimMXqrYC72UU5TbUM%2Fvya3BoEk4HxciOGlWozIYaPO7UQZER6Xtd7pA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
max-age=16070400
CF-RAY
6664ccf10dc24e2c-FRA
Expires
Mon, 14 Jun 2021 17:59:48 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		339 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0df2428b04580eb0f5ee738042cac441c8a0c51ad082c5d61ea01124a2507dcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Length
118864
X-XSS-Protection
0
Expires
Mon, 28 Jun 2021 06:18:55 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1172239
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6aa100002b596c0f1000000001
Last-Modified
Fri, 01 Nov 2019 05:04:50 GMT
Server
cloudflare
ETag
W/"5dbbbcf2-9806"
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a9Iq%2FzmrfO1Rtz2YZ2GfXIrMtlXyX6Gqz39raO9BkPwzrK5w%2FDZ95y4RbPy5Dz%2F8omheqmQIX%2BrzAiDZANldPiudG1R1aGEWu3y7PaW9HbhuxvL9kwC3dVFGEHgzx1b9qYhL2XeQrTMlNA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Cache-Control
max-age=16070400
CF-RAY
6664ccf10c932b59-FRA
Expires
Mon, 14 Jun 2021 17:11:36 GMT
get_counts
count-server.sharethis.com/v2.0/ 		455 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb2&url=http%3A%2F%2Fmygoodstream.pw%2F
Requested by
Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.224.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-224-136.compute-1.amazonaws.com
Software
/ Express
Resource Hash
ce128b15195c5fc52827632dcfb8d14e003ae2449fd669d7a37de9ddc2330266

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
Cache-Control
public, max-age=900
ETag
b4e778ef011d60f5b0df6005fc9b5346
Connection
keep-alive
X-Powered-By
Express
Content-Length
455
Content-Type
text/javascript; charset=utf-8
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 03 Jun 2021 05:14:31 GMT
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
2163865
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
301
x-amz-cf-id
tQ5Xb3tyKCNDt-r0S197XKg-cm0EDKlPubeWo_TUpVaz7lKCA4dcTw==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 07 Jun 2021 10:20:47 GMT
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1799889
etag
"0af2fb38987598376c99e21af17ade45"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
731
x-amz-cf-id
XY1zalJ8BKo8xIThmprwAkSbs9zW0XRX-NAP1_2k2xAeA6i-ZOGRVA==
pinterest.svg
platform-cdn.sharethis.com/img/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 03 Jun 2021 20:45:25 GMT
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2108011
etag
"2b10a062e719c64b686e2e8fcdc216dc"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
771
x-amz-cf-id
_uXWeXo3Cs88CpjWBC_rhOHyBC7EsWgJTggpmP_TViNmh_SC-q6OCg==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 16 Jun 2021 20:42:41 GMT
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
age
984974
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
343
x-amz-cf-id
PaPhlWH6EBMAUh8FPBZOhRTTObo9NQyL7F7ECH_5ftfeCRcUXfya_Q==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 07 Jun 2021 18:18:54 GMT
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
1771202
etag
"deecdaa377907db5cc1722fc831670a1"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
514
x-amz-cf-id
x-lwRcjrMiLuLpptT0Y9BScKMlh0MqSBrU5K7gribBOaVtllgw5wew==
reddit.svg
platform-cdn.sharethis.com/img/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:cc00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 30 May 2021 21:03:38 GMT
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
age
2452518
etag
"78d796ca648d8a5e665b48ed0217c56a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
910
x-amz-cf-id
36Vzixu3hIbsgSZ8TztIy1ftMqRm9lJ4pTNio2uIhyo-Hj7NIW5jPg==
suurl.php
onclickgenius.com/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickgenius.com/script/suurl.php?r=2295359&cbrandom=0.4986124896283535&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=MyGoodStream%20%7C%20Watch%20live%20sports%20in%20HD&cbref=&cbdescription=&cbkeywords=&cbcdn=theonecdn.com&ufp=926889179919525966812461779
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
35.190.71.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.71.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
082328cd4f60487b29490c5e7634424defe72048308100d8e5a5ff4c2fae5cc0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
openresty
Via
1.1 google
Content-Type
application/javascript; charset=utf-8
chrome.js
theonecdn.com/script/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://theonecdn.com/script/chrome.js
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=KoLUvQ==, md5=72VlqyWdr7wIRotNC7RnYg==
Date
Mon, 28 Jun 2021 06:18:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
176
X-GUploader-UploadID
ABg5-UzB2J8Qb8kihqaj6o0Z0FIlcGBceweruSE8PNv0QqljGJWlWGxReByRb5U4oMUyxVTgZ7AUvo8vcwkV5c-ZWx7dhwDCTQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6ac20000c2c78b1c5000000001
Last-Modified
Mon, 14 Sep 2020 09:15:29 GMT
Server
cloudflare
ETag
W/"ef6565ab259dafbc08468b4d0bb46762"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DI5Y0CJKW3bvlnTeyl566WTU5Riue5as7NTHHYLRa7Zw4VbNcFm7fNC3jMbcaDOKqkjA0CVbBfk9JJjM3qaZ5oFGZPH0cHmacPa7sWPOPaAJZCN%2FnQIoHbJSfMtozn%2F4%2B5hd7Xp2tg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1600074929755781
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
x-goog-stored-content-length
37300
CF-RAY
6664ccf13c52c2c7-FRA
Expires
Mon, 28 Jun 2021 06:35:59 GMT
pubads_impl_2021062408.js
securepubads.g.doubleclick.net/gpt/ 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js?31061710
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 17:13:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118414
x-xss-protection
0
expires
Mon, 28 Jun 2021 06:18:55 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210628
Requested by
Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f3a7a3f9f3adcb1b5d03ae6cc027b9e3ff6d7f2323c3b44288ba413340ff09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
11703
x-jsd-version
1.0.1021
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
874
etag
W/"6a2-UMCSgtawnDgIY+hYKQWM4xamNVQ"
x-served-by
cache-fra19165-FRA, cache-hhn4051-HHN
x-jsd-version-type
version
date
Mon, 28 Jun 2021 06:18:55 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Requested by
Host: mygoodstream.pw
URL: http://mygoodstream.pw/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:55 GMT
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
517841
Cf-Polished
qual=85, origFmt=jpeg, origSize=103053
Content-Disposition
inline; filename="1592801729.webp"
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
75514
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Jun 2020 04:55:29 GMT
Server
cloudflare
ETag
"5ef039c1-1928d"
X-Robots-Tag
noindex, nofollow
Vary
Accept
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c6a0P653fK3TCfZPL1p9DtKAvhC%2Fd8q6tS8FFbMmp15eBXiGXaoyOHNgfLCxCEdnZ9JSF7ATl1nE3%2Fubl7c3CrHixNL3jglnqmaYwTM7T1pFJ3FjX%2BBQi2t%2Fkw%2FqvTPDCDD6QkSQUUMH%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/webp
Expires
Tue, 22 Jun 2021 06:58:13 GMT
Cache-Control
max-age=16070400
cf-request-id
0af2de6b2800002b598816e000000001
Accept-Ranges
bytes
CF-RAY
6664ccf1de712b59-FRA
Cf-Bgj
imgq:85,h2pri
twk-main.js
embed.tawk.to/_s/v4/app/60d19012b18/js/ 		121 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d717ed577aa790be332a63e/default
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
482656
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6c700000c272ad14b000000001
last-modified
Tue, 22 Jun 2021 07:25:29 GMT
server
cloudflare
etag
W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6664ccf3ef82c272-FRA
twk-vendor.js
embed.tawk.to/_s/v4/app/60d19012b18/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d717ed577aa790be332a63e/default
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
482655
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6c700000c272c901a000000001
last-modified
Tue, 22 Jun 2021 07:25:29 GMT
server
cloudflare
etag
W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6664ccf3ef83c272-FRA
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/60d19012b18/js/ 		190 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d717ed577aa790be332a63e/default
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b082db3eecd020183abb7c2ac281a2ed6c0b28828aa868ea901d8980b9861964
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
482655
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6c730000c2726012a000000001
last-modified
Tue, 22 Jun 2021 07:25:29 GMT
server
cloudflare
etag
W/"f68837b24b4e376e2e783a5c9e81606f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6664ccf3ef7fc272-FRA
twk-chunk-common.js
embed.tawk.to/_s/v4/app/60d19012b18/js/ 		136 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d717ed577aa790be332a63e/default
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6177e36080bd679cdaf96178b61bfe5484b4e1a4c140f96af411c2a642e2c1f3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
482655
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6c6f0000c272b3390000000001
last-modified
Tue, 22 Jun 2021 07:25:29 GMT
server
cloudflare
etag
W/"7ebcecd1148846c4918fe36b133aa2ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6664ccf3ef7ec272-FRA
twk-runtime.js
embed.tawk.to/_s/v4/app/60d19012b18/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d717ed577aa790be332a63e/default
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5847165b3635f91f5348803812b44487a43ca33d99fd5f018cfa904be7fa267
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
482656
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6c710000c272e6877000000001
last-modified
Tue, 22 Jun 2021 07:25:29 GMT
server
cloudflare
etag
W/"88a8779575d0c2dea25b707e96429d50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6664ccf3ef87c272-FRA
twk-app.js
embed.tawk.to/_s/v4/app/60d19012b18/js/ 		151 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5d717ed577aa790be332a63e/default
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://mygoodstream.pw
Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
482656
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de6c710000c272bb23f000000001
last-modified
Tue, 22 Jun 2021 07:25:29 GMT
server
cloudflare
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6664ccf3ef85c272-FRA
widget-settings
va.tawk.to/v1/ 		0
0
c
prebid.a-mo.net/a/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://mygoodstream.pw
date
Mon, 28 Jun 2021 06:18:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
3
vary
origin
prebid
ib.adnxs-simple.com/ut/v3/ 		259 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
56267ff05cf061cd067b7696c75a57020e5f5d42a900fae76b4ca9e1d2e67b82
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:18:58 GMT
X-Proxy-Origin
82.102.19.204; 82.102.19.204; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs-simple.com
AN-X-Request-Uuid
30327802-7fb3-4d59-bc8d-3f8a1cdd1c30
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://mygoodstream.pw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
259
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
ads.us.e-planning.net/hb/1/2c995/1/mygoodstream.pw/
Redirect Chain
  • https://ads.us.e-planning.net/pbjs/1/2c995/1/mygoodstream.pw/ROS?rnd=0.007185067391866751&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fmygoodstream.pw%2F&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&...
  • https://ads.us.e-planning.net/hb/1/2c995/1/mygoodstream.pw/ROS?ct=1&r=pbjs&rnd=0.007185067391866751&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fmygoodstream.pw%2F&pbv=5.0.0&ncb=1&vs=FF&...
555 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/hb/1/2c995/1/mygoodstream.pw/ROS?ct=1&r=pbjs&rnd=0.007185067391866751&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fmygoodstream.pw%2F&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fmygoodstream.pw%2F&gdpr=1&gdprcs=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
bd189107890189bbb88b935b2cb8b8862043fe9da1a8405ea086ffaded47f3e6

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:18:58 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
http://mygoodstream.pw
expires
Mon, 28 Jun 2021 06:18:58 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
555
x-sid
AMS-605

Redirect headers

date
Mon, 28 Jun 2021 06:18:58 GMT
server
openresty
access-control-allow-origin
http://mygoodstream.pw
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/mygoodstream.pw/ROS?ct=1&r=pbjs&rnd=0.007185067391866751&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=http%3A%2F%2Fmygoodstream.pw%2F&pbv=5.0.0&ncb=1&vs=FF&crs=UTF-8&fr=http%3A%2F%2Fmygoodstream.pw%2F&gdpr=1&gdprcs=
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-605
quantumdex
useast.quantumdex.io/auction/ 		0
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/quantumdex
Requested by
Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Jun 2021 06:18:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
http://mygoodstream.pw
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uYXsjLPKE72EXskN2PQ2KxKdISbg6%2BXwzuDxaKPKlN5VHPA5sv%2FY%2BL3aUwmHMZAJtglDwhk01I6PjXAT%2Boa99Ed41mq4RM8UongrufeiwA3j51OZajjY4cJlVrbvlPzFTTxl53K4AuSRHv8cNg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6664cd04e8a64e92-FRA
cf-request-id
0af2de771200004e92f5085000000001
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://mygoodstream.pw
date
Mon, 28 Jun 2021 06:18:58 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
vi-logo.svg
assets.vlitag.com/media/icon/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://assets.vlitag.com/media/icon/vi-logo.svg
Protocol
HTTP/1.1
Server
2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Jun 2021 06:18:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Age
1207011
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0af2de781900002b595bab3000000001
Last-Modified
Fri, 01 Nov 2019 05:04:49 GMT
Server
cloudflare
ETag
W/"5dbbbcf1-2c34"
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B%2B7cXSk%2BVPLJN4qJdaDkSLdBDIm7EUMbyViwXgzdANROGECkQvHmMQFvv1uXrGstrQTrArqNuBkvfq48H1H9Sq4XasQO42o%2BBZtFuaFoa8sjhHf232u5o4Hf7vZjf18mz6Wad52%2F6U0BVA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
X-XSS-Protection
1; mode=block
Cache-Control
max-age=16070400
CF-RAY
6664cd068a982b59-FRA
quantumdex
sync.quantumdex.io/usersync/ Frame FC09 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/quantumdex
Requested by
Host: assets.vlitag.com
URL: http://assets.vlitag.com/prebid/default/prebid-v5.0.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f821bd9fa2d8d8af156fefe58bbf4b93c1319e90dc7fa505ed040f9fad9b5b9a

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/quantumdex
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://mygoodstream.pw/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://mygoodstream.pw/

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
content-type
text/html
set-cookie
uid=59e2e17f-f302-4fab-8dcc-c25d3cbd4d9d; expires=Sun, 18 Jul 2021 06:19:02 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0af2de83d500004e9270943000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pZaZTqohgreYTyZ%2FvBX74gr%2BZnYFBlBE0XLfplCu58gz5qTSiyYif4Es2lfMfchSSQItct3V68MAkPXRbeegTDAkoDTtlPXwp8t4e6OhmZcZOpNL3wtNSmoi0glMbiLXaOUSG5JTdp55%2Fu8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6664cd195de94e92-FRA
content-encoding
br
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ufo.approximity.com/mu?td=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Daa770806b4a66cf5%26fi%3D8fadf9b841053049
  • https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=8fadf9b841053049&uid=02000000CD69D960A424EF4802071B4D
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=8fadf9b841053049&uid=02000000CD69D960A424EF4802071B4D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?dc=aa770806b4a66cf5&fi=8fadf9b841053049&uid=02000000CD69D960A424EF4802071B4D
date
Mon, 28 Jun 2021 06:18:53 GMT
server
nginx/1.20.1
content-type
text/html
content-length
145
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
um
u-ams02.e-planning.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D8fadf9b841053049%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D3c01f1a5a54da346%26fi%3D8fadf9b841053049%26uid%3D%24UID&sovrn_retry=true
  • https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=8fadf9b841053049&uid=dbb2fb3fbb44967c85cf2aa4
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=8fadf9b841053049&uid=dbb2fb3fbb44967c85cf2aa4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://mygoodstream.pw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
nginx
Location
https://u-ams02.e-planning.net/um?dc=3c01f1a5a54da346&fi=8fadf9b841053049&uid=dbb2fb3fbb44967c85cf2aa4
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPbb6a36a7-d7d8-11eb-b321-0683a3e6c814
  • https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbb6a36a7-d7d8-11eb-b321-0683a3e6c814
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbb6a36a7-d7d8-11eb-b321-0683a3e6c814
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z%2Bwd0wi7ZvHZ20h0P8m2Rdo6K9HfmAqRsYEaySwI6ySnEnRxqztvLVzx0j2kOCRZpVJppsu8wBd%2B9jy4rN%2B0%2BpRj05%2FdWk4%2FUnzYIuaqgYYIjMvFYuAtpCcXOh7JliwdALiO2W3dY4kq%2Fu8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1b4a414e92-FRA
content-length
43
cf-request-id
0af2de850f00004e92f0249000000001

Redirect headers

Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UPbb6a36a7-d7d8-11eb-b321-0683a3e6c814
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danswermedia%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7114770215278535939
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7114770215278535939
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w6Wmteefbv0n4uzu1A%2BzdevU%2BIWbprfle6y7v3EBGcwhZVV2EdWhExOn8ovSUYR84hhN555OFTsFWXINvW9V0TdjVCGlUeEYnCs76%2F%2BRZPmZpjgWCYdbm6EvLRUNmJy2W%2F9SPW7wiAsKNa8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1b29d64e92-FRA
content-length
43
cf-request-id
0af2de84f400004e92bd8a6000000001

Redirect headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
X-Proxy-Origin
82.102.19.204; 82.102.19.204; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8b76066a-f688-468f-a9b2-a19b43f29c90
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7114770215278535939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=53008872246999941
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=53008872246999941
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9MBlGyO%2BZlm3iOuhMFv%2BrWZEb5m%2BWOhzms3KReZREynxSinLX9f0PK56twZDpPZ7k73JOPlaaoJGgix1nHJmmrEZXjoUSU2vxFeBvwXqgjXuCcAx5kGFzDvdp0XMxlpmQWRaU%2FkkFY%2B2mfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1b29dd4e92-FRA
content-length
43
cf-request-id
0af2de84f700004e92a4249000000001

Redirect headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
X-Proxy-Origin
82.102.19.204; 82.102.19.204; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3c5c3510-51a6-460a-a1bb-1ad35805650c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=53008872246999941
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame FC09 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dbb2fb3fbb44967c85cf2aa4
43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dbb2fb3fbb44967c85cf2aa4
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pDK5oKg3eHtYrJQNxC8Yg0Drzg9c%2FE52V55OATF9h2sroTXXjiyM23lr25m4iV3jDCKMmYodFDLPstU7TJHRKzkjYT7iKI3ZvKi%2FwKgKW0HcBtORmpLaoB1SsYpg5ZQDAAUCEwcJXkXaW4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1a98934e92-FRA
content-length
43
cf-request-id
0af2de84a200004e92b2959000000001

Redirect headers

Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
nginx
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=dbb2fb3fbb44967c85cf2aa4
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://ms.quantumdex.io/user/sync/quantumdex
  • https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c8a0bcc2-99d5-4ea7-b6a3-8ec05acfd613
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c8a0bcc2-99d5-4ea7-b6a3-8ec05acfd613
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FkQ5creD7UbyLWIFMs%2Fesxc6bK331SBgSomcRBcLav7zqEFYBHf8CAFYYB3TznQ%2FCeJzzfkKOMgLGTY0eA49mQk9x8lJpQ67%2BJzu59%2BanFFyLYwHU86XPNLywsqnACzb8H5kydO1jv0Oko8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1bfbc94e92-FRA
content-length
43
cf-request-id
0af2de857700004e92a185b000000001

Redirect headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bM1ZWMWYwo0Rb3bSFmDCn1IlaC7U%2B681kA3aju3zAWh%2F731RmqOE5irHvpowa%2FmS4ba8pVlbupcPIF5JAPYZlLk%2F9yQR1J01DE%2FQsfAxR6tmc1CFqgaeqOZM4VS%2FeUbLxoJa7cVtWCgk"}],"group":"cf-nel","max_age":604800}
location
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=c8a0bcc2-99d5-4ea7-b6a3-8ec05acfd613
cf-ray
6664cd1a885f4e92-FRA
content-length
0
cf-request-id
0af2de849400004e929a16a000000001
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://cs.admanmedia.com/sync/valueimpression?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadman%26uid%3D%7B%24UID%7D
  • https://sync.quantumdex.io/setuid?bidder=adman&uid=c211bd5ec9caa32e271f7d48ae75e3b84fd2ad45
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=adman&uid=c211bd5ec9caa32e271f7d48ae75e3b84fd2ad45
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z%2BDkhe7Hm8BdM8nKQgfUgD56K2vIZb3o7FD60XYS6gCceljLIP4z%2BmiTISGr2XOy%2FnmClOOKUNTz%2B0%2F%2BHs9Mk2E3kA4pOjzD3IR7s880Vzm0gkdjfI1223iOjq4ELnBVE42yRFEW3N83omI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1c5c844e92-FRA
content-length
43
cf-request-id
0af2de85b300004e92c7b2b000000001

Redirect headers

Location
https://sync.quantumdex.io/setuid?bidder=adman&uid=c211bd5ec9caa32e271f7d48ae75e3b84fd2ad45
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-3ae876b3-8f28-4a20-82ae-998e2a23d828
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-3ae876b3-8f28-4a20-82ae-998e2a23d828
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FC6MbuP5B1hJPDCXQ1y2IdRzc837sSCycloe3Jc7BTJdt7VNwPwhkQFb0t9kqsw0HJVN0kD%2B9QjDfooM7G59NYsrtnDzGMueUD9VEKg%2FIX1s5E%2F41iL7V579goMCPuMsM7uiZrxIIByoAP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1c8cf54e92-FRA
content-length
43
cf-request-id
0af2de85d800004e9270971000000001

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-3ae876b3-8f28-4a20-82ae-998e2a23d828
date
Mon, 28 Jun 2021 06:19:02 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danx152media%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Danx152media%2526uid%253D%2524UID
  • https://sync.quantumdex.io/setuid?bidder=anx152media&uid=633371128405921561
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=633371128405921561
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ea0zBqLWvclBwykKDkyt4r4O4hzVvgWOjXkfass%2BIgs8PCcZhLfbuRxMf9OZSCF%2Fhx1EiS9ZqbEGCjyzyskT7FSk6lqES7HonILdbPWV8l9SfBYVpQmINm4RoW1S9PGA5iPEW4DJJ4iou30%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1b29e34e92-FRA
content-length
43
cf-request-id
0af2de84f800004e92c51ec000000001

Redirect headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
X-Proxy-Origin
82.102.19.204; 82.102.19.204; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8109ba8b-b49b-4a55-a81e-069300695ad6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=anx152media&uid=633371128405921561
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FC09
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ghC0twtE2uGX3JcB3AymVXvov6fyh_2jPWx5YVw-~A
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ghC0twtE2uGX3JcB3AymVXvov6fyh_2jPWx5YVw-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=61eWbzA%2BP%2FTp3HGpmtdHsxcRBffjtAegrNMQJidGSUOpIV60wsR6mGsJf9Ik5CxxUYQIoOZj%2BlYKI%2BotVMR7rOA8UHPAZZiw0zgXZULeHgzxLij0cIgGClLIOwL5NuDqKSAR1cN8Vo6ty80%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1b29db4e92-FRA
content-length
43
cf-request-id
0af2de84f600004e929f115000000001

Redirect headers

Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ghC0twtE2uGX3JcB3AymVXvov6fyh_2jPWx5YVw-~A
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame C9C2 		2 KB
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 8C5E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd1ed75622d29ef50c0aaab618f3beace8a4c33a0a4e058b62d69aaa7af1af79

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YNlp1sPBs5YOkoxBYEvqJwAA; CMPS=1140
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|45|39|230|195|41|8|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1809
Expires
Mon, 28 Jun 2021 06:19:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YNlp1sPBs5YOkoxBYEvqJwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 28 Jun 2022 06:19:02 GMT CMPS=1140;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Sep 2021 06:19:02 GMT CMPRO=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Sep 2021 06:19:02 GMT CMRUM3=e660d969d62760&f160d969d605a0&0860d969d605a00&2e60d969d605a0&2760d969d60b40&2960d969d605a0&2d60d969d605a0&c360d969d605a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 28 Jun 2022 06:19:02 GMT CMST=YNlp1mDZadYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 29 Jun 2021 06:19:02 GMT

Redirect headers

Server
Apache
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 28 Jun 2021 06:19:02 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Connection
keep-alive
Set-Cookie
CMID=YNlp1sPBs5YOkoxBYEvqJwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 28 Jun 2022 06:19:02 GMT CMPS=1140;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 26 Sep 2021 06:19:02 GMT
Cookie set uc.html
sync.go.sonobi.com/ Frame A2AF 		43 B
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

Date
Mon, 28 Jun 2021 06:19:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
Set-Cookie
HAPLB5S=s579|YNlp2; path=/; domain=.go.sonobi.com
/
ssc-cms.33across.com/ps/ Frame 4B58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.22 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-110.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0010b00002GYEhcAAH&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

x-33x-status
2000208
server
33XP005
date
Mon, 28 Jun 2021 06:19:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A5A4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/quantumdex
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sync.quantumdex.io/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=138525
expires
Tue, 29 Jun 2021 20:47:47 GMT
date
Mon, 28 Jun 2021 06:19:02 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame A5A4 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34376112&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:01 GMT
content-length
0
dcm
s.amazon-adsystem.com/ Frame 8C5E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8C5E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNlp1sPBs5YOkoxBYEvqJwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEGOUbHThjudAURVaQT_7iw&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEGOUbHThjudAURVaQT_7iw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Jun 2021 06:19:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Jun 2021 06:19:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEGOUbHThjudAURVaQT_7iw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8C5E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNlp1sPBs5YOkoxBYEvqJwAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Jun 2021 06:19:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 8C5E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDcJsxRc7ZTMSlIqny5adII&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDcJsxRc7ZTMSlIqny5adII&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 28 Jun 2021 06:19:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Jun 2021 06:19:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDcJsxRc7ZTMSlIqny5adII&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8C5E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0d0cf098-89c1-4ef6-8c29-be70ced046d7
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0d0cf098-89c1-4ef6-8c29-be70ced046d7
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Jun 2021 06:19:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-0d0cf098-89c1-4ef6-8c29-be70ced046d7
date
Mon, 28 Jun 2021 06:19:02 GMT
server
Apache-Coyote/1.1
content-length
0
bridge
cm.adgrx.com/ Frame 8C5E 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-5
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 8C5E
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1aacc4b7-a9d2-4610-9a3a-dbb3715fdc71&expiration=1656397142
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1aacc4b7-a9d2-4610-9a3a-dbb3715fdc71&expiration=1656397142
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Jun 2021 06:19:02 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 28 Jun 2021 06:19:02 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=1aacc4b7-a9d2-4610-9a3a-dbb3715fdc71&expiration=1656397142
date
Mon, 28 Jun 2021 06:19:02 GMT
server
Kestrel
content-length
0
getuid
secure.adnxs.com/ Frame 8C5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame 8C5E 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YNlp1sPBs5YOkoxBYEvqJwAABF8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 06:19:02 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5tsSmBhKCJQQEOq%2FXMu9yvyfF7y0HyhH7NA13jmw3g%2BsLnmfaIylLJMUDYC36DI5PqEiruLnMP0Z423%2FVcN%2Bm3RAAG0i3dk6r45jMH5e3jeivnWN8iK3CqJX8RcagDHFZFRnGmhSGI%2FWTOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6664cd1cdd804e92-FRA
content-length
43
cf-request-id
0af2de860300004e9297b26000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
va.tawk.to
URL
https://va.tawk.to/v1/widget-settings?propertyId=5d717ed577aa790be332a63e&widgetId=default&sv=undefined

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery number| uidEvent object| bootstrap function| gtag object| dataLayer function| timeConverter object| Tawk_API object| Tawk_LoadStart object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| google_tag_manager object| _0x45ac function| _0x53fc object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x10fb function| _0x8f93 function| runAdblock object| _0x15fc function| _0x9e88 function| acPrefetch object| CTABPu object| google_tag_data string| GoogleAnalyticsObject function| ga string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| gaplugins object| gaGlobal object| gaData object| _0x30a0 function| ufpAttach object| CTAMAT number| delay object| adcashUfp object| _VLIOBJ object| vitag string| tagApi object| viAPItag function| __tcfapi function| __uspapi boolean| _isUserInEU boolean| _isUserInUS object| observeElementInViewport function| vlPlayer object| googletag object| ggeac object| google_js_reporting_queue function| vlipbChunk object| vlipb object| _pbjsGlobals string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| $sf object| regeneratorRuntime function| __tcfapiui object| _0x756f object| Cnac object| stamat function| NqPnfu09730102571976706 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _adas_v211fa function| jonIUBFjnvJDNvluc0.22923489916342832 object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window

8 Cookies

Domain/Path Name / Value
mygoodstream.pw/ Name: st_shares_http://mygoodstream.pw/
Value: [object Object]
mygoodstream.pw/ Name: sf_ck_tst
Value: test
mygoodstream.pw/ Name: adcashufpv3
Value: 926889179919525966812461779
mygoodstream.pw/ Name: __vliIPL
Value: {"value":["2a01:4f8:192:5414::2"],"expiredAt":1624868335487}
.mygoodstream.pw/ Name: _gat_gtag_UA_111635968_1
Value: 1
.mygoodstream.pw/ Name: _gid
Value: GA1.2.1148609830.1624861135
.mygoodstream.pw/ Name: _ga
Value: GA1.2.791257257.1624861135
mygoodstream.pw/ Name: PHPSESSID
Value: 4q768le9f8q5394212gd8v37nq

3 Console Messages

Source Level URL
Text
console-api error URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js(Line 439)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: http://tag.vlitag.com/v1/1624772946/85dc19135b81e13a2043c2442b5ae469.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ads.us.e-planning.net
ajax.googleapis.com
ap.lijit.com
assets.vlitag.com
beacon.lynx.cognitivlabs.com
blockchain.info
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
code.ionicframework.com
count-server.sharethis.com
cs.admanmedia.com
dsum-sec.casalemedia.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
getbootstrap.com
ib.adnxs-simple.com
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
l.sharethis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
ms.quantumdex.io
mygoodstream.pw
nep.advangelists.com
onclickgenius.com
onetag-sys.com
pixel.advertising.com
platform-api.sharethis.com
platform-cdn.sharethis.com
prebid-eu.creativecdn.com
prebid.a-mo.net
s.amazon-adsystem.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.quantumdex.io
tag.vlitag.com
theonecdn.com
u-ams02.e-planning.net
ufo.approximity.com
ufpcdn.com
unpkg.com
upload.wikimedia.org
ups.analytics.yahoo.com
useast.quantumdex.io
va.tawk.to
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
va.tawk.to
104.16.144.212
104.37.183.1
13.248.242.197
136.144.59.88
142.250.185.98
172.217.18.98
178.162.133.149
18.197.99.6
18.198.109.212
185.184.8.65
185.33.221.88
185.64.189.115
2.18.233.180
2.18.234.21
216.52.2.39
2600:9000:2104:9000:1c:8a07:5e80:93a1
2600:9000:2104:c000:c:abe:f440:93a1
2600:9000:2104:c200:c:a9b7:ddc0:93a1
2600:9000:2104:cc00:1d:85c3:6640:93a1
2606:4700:10::6816:1883
2606:4700:10::ac43:1e94
2606:4700:20::681a:34e
2606:4700:20::681a:6ad
2606:4700:20::681a:fee
2606:4700:3030::6815:2ed2
2606:4700:3037::6815:174
2606:4700::6810:125e
2606:4700::6810:7caf
2606:4700::6812:acf
2620:0:862:ed1a::2:b
2a00:1450:4001:801::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a00:7c80:0:120::2
2a04:4e42:1b::485
3.126.56.137
3.213.224.136
34.198.116.61
35.190.71.96
37.252.172.250
37.252.172.38
46.249.52.249
5.178.65.245
51.89.9.253
54.174.195.234
54.239.17.112
67.202.110.22
72.251.241.196
88.214.206.142
005b555313967b57f931b213890458534dfaaa67488876c94da41d800739b9b4
03241a470052a86e3d0bc4c77894ae3f87a1452092fff62ff01d499ead7decac
0620901ff6f000f5b2e829f5d7759400c93e6da183f869dd170d9796a82f44df
082328cd4f60487b29490c5e7634424defe72048308100d8e5a5ff4c2fae5cc0
09d77d93b147439fc022124457c155d0d49b6c110ce2d6fd9492cf0580592913
0df2428b04580eb0f5ee738042cac441c8a0c51ad082c5d61ea01124a2507dcd
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
56267ff05cf061cd067b7696c75a57020e5f5d42a900fae76b4ca9e1d2e67b82
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
59f4d7efe6da31323c45da80772acec8cd177a21530c2de576f86ee3fcefd946
5cce2306a2b7a641280a0e61d53b3cd645edb91d9389edaa2ba961a29337cfc0
5f0fe394bc5df72d11bfa24c346026e957054d1e9452986a555af154e53683ec
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6177e36080bd679cdaf96178b61bfe5484b4e1a4c140f96af411c2a642e2c1f3
63a1864f32a04e6cd711de95cfb5adfb2fbadf2d08f5978e2bbd711c52d9a886
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72ecab21b492c39a93c63d6373a5161c7ad9de97e7cbc12ff69cf07c1ad587c5
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9
7bef47fb3ead72dd7241104554ea96e5d282d83f2b33bc02cd02961ddef25780
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bace0f51ca0d0be3110437b7bcd2f93c338e70393162b3cc2216f6add6e8bd8
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f521a2b4b53306364d171808f95b4b910fae6487d677fe3ad030e259da6d547
90f72ddc73aaaf6c4d5dea3caee8caec79c447924e1e964cf9f754db51675ba3
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9d0b05c73ce46a562f2d6497bee9a9092b9de5bbfd8b04b3d33d33ac4a770083
9f3a7a3f9f3adcb1b5d03ae6cc027b9e3ff6d7f2323c3b44288ba413340ff09f
a12a13338535144e5ca8d81b1931ad12ee66e96dfa89b069e8c1046b87ac53da
a479d7f9126d3437e41e9ec0269cf4b2e3e22a392ea8ba99209feec8e23aabe6
a841616b8b20461b5b9ffc64791c55b3a68889b350f7e59d8790a029a4036220
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b082db3eecd020183abb7c2ac281a2ed6c0b28828aa868ea901d8980b9861964
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd189107890189bbb88b935b2cb8b8862043fe9da1a8405ea086ffaded47f3e6
bd6dd6fb8487a979e9fb8d6f69c3c3410fccd6763b274151faca84e0d9415d7a
be60df08d3dbb55a9354bfee50dbce87d57372552f622e36ba5e1228d7f67d69
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c63e08efff2c004e867b8de6ec09585ba5499dda44024ee1dedb14e7b45a8245
ce128b15195c5fc52827632dcfb8d14e003ae2449fd669d7a37de9ddc2330266
da91dfb57b3b17cf7365ad2d9e4330adc3408e7c34c71a33784e23f1f4d740c0
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
dc18b9c7456ec2bb5d055c12dee58d3d11717d331eda23b50546036ccf63d400
dd1ed75622d29ef50c0aaab618f3beace8a4c33a0a4e058b62d69aaa7af1af79
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5847165b3635f91f5348803812b44487a43ca33d99fd5f018cfa904be7fa267
e73eb6536f7c789b8a3dd690c87914375d43fb8d037ed84fabf739775ab14791
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5995fd1b07fbc47abb18d869b213013b21958e96c3d67f8ed0d6407a9a0480
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f821bd9fa2d8d8af156fefe58bbf4b93c1319e90dc7fa505ed040f9fad9b5b9a
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09
fb1eeaba32175ad15f81205518ff8f63af7fb2ae92cb86ee3cdece5e2522924c
ffb16355784a4a89472be6cb28c3408234ec0518326a3a1908797b8d8c78a76a