URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Submission: On February 12 via manual from US

Summary

This website contacted 19 IPs in 6 countries across 12 domains to perform 37 HTTP transactions. The main IP is 195.154.168.217, located in France and belongs to Online SAS, FR. The main domain is vdl.primevideos.net.
This is the only time vdl.primevideos.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 195.154.168.217 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 195.181.175.51 60068 (CDN77)
1 195.154.106.65 12876 (Online SAS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
7 52.86.189.23 14618 (AMAZON-AES)
2 2 185.33.223.209 29990 (ASN-APPNEX)
2 104.18.9.52 13335 (CLOUDFLAR...)
2 52.87.71.23 14618 (AMAZON-AES)
1 216.21.13.10 53334 (TUT-AS)
37 19
Domain Requested by
7 edencourtbrita.info server5.primevideos.net
d1r90st78epsag.cloudfront.net
5 www.googletagmanager.com vdl.primevideos.net
server5.primevideos.net
4 www.google-analytics.com www.googletagmanager.com
vdl.primevideos.net
server5.primevideos.net
2 knottishhuntilc.info d1r90st78epsag.cloudfront.net
2 officultpolicit.pro server5.primevideos.net
d1r90st78epsag.cloudfront.net
2 secure.adnxs.com 2 redirects
2 adsco.re c.adsco.re
2 6.adsco.re vdl.primevideos.net
c.adsco.re
2 c.adsco.re c1.popads.net
c.adsco.re
2 cdn.jsdelivr.net server5.primevideos.net
1 serve.popads.net c1.popads.net
1 f01eln00a8uk.s.adsco.re c.adsco.re
1 f01eln00a8uk.n.adsco.re c.adsco.re
1 f01eln00a8uk.l.adsco.re c.adsco.re
1 d1r90st78epsag.cloudfront.net server5.primevideos.net
1 server5.primevideos.net vdl.primevideos.net
1 c1.popads.net vdl.primevideos.net
1 ajax.googleapis.com vdl.primevideos.net
1 vdl.primevideos.net
37 19

This site contains links to these domains. Also see Links.

Domain
adsco.re
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-14 -
2020-03-22
6 months crt.sh
*.l.adsco.re
COMODO RSA Domain Validation Secure Server CA
2018-07-14 -
2020-07-13
2 years crt.sh
*.n.adsco.re
COMODO RSA Domain Validation Secure Server CA
2018-07-30 -
2020-07-29
2 years crt.sh
*.s.adsco.re
COMODO RSA Domain Validation Secure Server CA
2018-07-30 -
2020-07-29
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-19 -
2020-10-09
9 months crt.sh

This page contains 5 frames:

Primary Page: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Frame ID: 4E0B73FA4F1167B9EAE84884C0D862BA
Requests: 18 HTTP requests in this frame

Frame: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Frame ID: A3264F21824DCBC1B9734CFA798F4BFA
Requests: 18 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: 8C1FE76981F9A7AE547D80122987B43C
Requests: 1 HTTP requests in this frame

Frame: http://knottishhuntilc.info/YzBNRGECUi4pXgINL2IUEVxwYVMlFX8CBVJCdHQSFwd1IREQUSpqAg9fOCAHEV8jME8NVTlhUyVhGBENJX4FCRgpWTkXNSBlKg0wD3wUDCcUdAgSUipKFyYpMHZ9Cg8Udx13EhFoJAFVKHM9ECk7U3QUUCF/FANZE2YfdFMHdwMWKTd6fSAjKmMDFxVXcQsRDSxjPSI1CV83FDcqagQ9EhloD3FSM3McDikJBDcIJwRWAAMZUFMmHkRRdigTICRhfi8KKXYuJTEZADwWGRcAKCMCMWEaAQYoAAwTMTRIfgYjV0cGKSAkYTdwVzpxFwAqNEh+BiQpWAsqTDJxAQMzBGkMHiUudCZ1NiFpIAgiB1YKLTcQVH4OJjpeeDYjU2Z9IVI2UwoAClp7Cyw2Okc9IyMIfXQNIlZiGykvVnkhATAsWRc3JDZ2JQ8IUncFABYQaQwdUDlefDYjJQEkIg8AfhUTI0YCCyIjJXIUEA4IZSUNCyp3DAMvNGJ7JwkTcRd2WRRzGA4IL0kMACdRXGh2JwBHNQwsK0A0ADMlXSh3BTR2Gg0OAFwMHC8rSDUFIzlAay4SDF49eRIrRSN2DwliJCUOBF4
Frame ID: 9BE1464A116487AF6B16554B24A8A611
Requests: 1 HTTP requests in this frame

Frame: http://knottishhuntilc.info/NXNGTnFUESUjTlROJGgERx97a0NzVnQIFQQBf34CQUR+KwFGEiFgElkcMyoXRxwoOl9bFjJrQ3NBERondhIeH0diGjEeIkxCJQQdZz4nOUACJhMYVAc1HjQ0cjQvJThxMn5/OQQcdwklRiEXDQJSPCF/F28xdgEhZBs8GglSRxE3J2AmLDYTfCUUCBcEIisNQVkHAzQSfCASHBB6MgcXP2MhKBkLfwABfTt4ISslFXkEIRY8cwB0DBZWCwMGNEcmET03fgQlDyFzHygZQWRDEA03eCErIhB4Jj4JEGBCKBlBZxwEHEBsIgcXMFRDPgkQYyI/CSNSSxcnXFY/DjQzdyl3PQhXMhx/IwUXMAs5dykeCjtRPSEfKFMyJQwlcCk2GSJGMAMWBn0QIXojeh9yOiBzNTQMInAxBCQrbDl2NjZ9BAx8IwUhdQwfYxESFhJwFwAMI1QEEzYydzpyHAhBPhQmSXQQEHsQVBQIJTlwHykMGGQ+FzRBexcAdzxXJRQ2KV5DcQ8fdxEAJElyOnd6IGUlBH0pYDJ+CiATGTUhH0VOCCgwcxwxPj59Bi8HP2EZ
Frame ID: 6B94F673C02CD867BC6C28354A0804B3
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

46 %
HTTPS

37 %
IPv6

12
Domains

19
Subdomains

19
IPs

6
Countries

346 kB
Transfer

1102 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.js&eid=0&tc=1&z=0 HTTP 307
  • https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.js&eid=0&tc=1&z=0
Request Chain 6
  • http://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=*&eid=1&tc=1&tr=1gtagua&epr=1UA&ti=1gtagua&z=0 HTTP 307
  • https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=*&eid=1&tc=1&tr=1gtagua&epr=1UA&ti=1gtagua&z=0
Request Chain 9
  • http://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js HTTP 307
  • https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Request Chain 27
  • https://secure.adnxs.com/getuid?https://officultpolicit.pro/s?a=$UID&b=396578402459 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fofficultpolicit.pro%2Fs%3Fa%3D%24UID%26b%3D396578402459 HTTP 302
  • https://officultpolicit.pro/s?a=820711772028482842&b=396578402459
Request Chain 34
  • http://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.load&eid=3&u=C&tc=1&epr=2UA&z=0 HTTP 307
  • https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.load&eid=3&u=C&tc=1&epr=2UA&z=0

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ldL2qP3qevQKBNW.html
vdl.primevideos.net/files/
3 KB
2 KB
Document
General
Full URL
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
195.154.168.217 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-168-217.rev.poneytelecom.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2618028eaab514090b9816af006d5f015b06f6c8268afaba06e83b6d72e93faf

Request headers

Host
vdl.primevideos.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 12 Feb 2020 18:11:50 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 07 Jan 2020 02:23:47 GMT
ETag
W/"5e13ebb3-db2"
Content-Encoding
gzip
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 05 Feb 2020 05:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
650863
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Fri, 24 Mar 2017 20:55:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 05:24:08 GMT
js
www.googletagmanager.com/gtag/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125457803-3
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
354bd902925f23c8c909188e05d749f90958703b6332ccea0a3a1b1a1e3abc32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 18:11:51 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
28368
x-xss-protection
0
expires
Wed, 12 Feb 2020 18:11:51 GMT
pop.js
c1.popads.net/
31 KB
10 KB
Script
General
Full URL
http://c1.popads.net/pop.js
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
195.181.175.51 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-51.datapacket.com
Software
CDN77-Turbo /
Resource Hash
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c

Request headers

Origin
http://vdl.primevideos.net
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Dec 2019 21:50:35 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
ETag
W/"5df2b62b-7bef"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Edge-IP
195.181.175.50
Connection
keep-alive
X-Age
10127
alt-svc
quic="195.181.175.50:443"; ma=2592000; v="44,43,39"
ldL2qP3qevQKBNW.html
server5.primevideos.net/secure/ Frame A326
1 KB
1 KB
Document
General
Full URL
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
195.154.106.65 , France, ASN12876 (Online SAS, FR),
Reverse DNS
195-154-106-65.rev.poneytelecom.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e7eb09a3a720b0e1ddfb656de5de82f32535bd65e9bf3c27b9a0cc6e63340ffc

Request headers

Host
server5.primevideos.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Type
text/html
Content-Length
1109
Last-Modified
Tue, 07 Jan 2020 02:23:47 GMT
Connection
keep-alive
ETag
"5e13ebb3-455"
Accept-Ranges
bytes
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125457803-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5899
date
Wed, 12 Feb 2020 16:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Wed, 12 Feb 2020 18:33:32 GMT
a
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.js&eid=0&tc=1&z=0
  • https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.js&eid=0&tc=1&z=0
0
56 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.js&eid=0&tc=1&z=0
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Feb 2020 18:11:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.js&eid=0&tc=1&z=0
Non-Authoritative-Reason
HSTS
a
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=*&eid=1&tc=1&tr=1gtagua&epr=1UA&ti=1gtagua&z=0
  • https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=*&eid=1&tc=1&tr=1gtagua&epr=1UA&ti=1gtagua&z=0
0
130 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=*&eid=1&tc=1&tr=1gtagua&epr=1UA&ti=1gtagua&z=0
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Feb 2020 18:11:51 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=*&eid=1&tc=1&tr=1gtagua&epr=1UA&ti=1gtagua&z=0
Non-Authoritative-Reason
HSTS
collect
www.google-analytics.com/r/
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=198458866&t=pageview&_s=1&dl=http%3A%2F%2Fvdl.primevideos.net%2Ffiles%2FldL2qP3qevQKBNW.html&ul=en-us&de=UTF-8&dt=Server%205&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1495901986&gjid=838552262&cid=1040674764.1581531111&tid=UA-125457803-3&_gid=1295741771.1581531111&_r=1&gtm=2ou1t0&z=489307687
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 12 Feb 2020 18:11:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame A326
534 KB
131 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0208135549ad4600d215eb554b17993e62c39fa82c7056dd90ddb06bfb1e2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 18:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31788
cf-ray
5640870478173244-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21028-AMS, cache-fra19145-FRA
server
cloudflare
etag
W/"858fe-Ru1LGJsKorulAg4Xqh/3okMvSvs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/ Frame A326
Redirect Chain
  • http://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
  • https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
28 KB
9 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Feb 2020 18:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
28477
cf-ray
5640870478193244-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21035-AMS, cache-fra19156-FRA
server
cloudflare
etag
W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/gh/clappr/clappr-level-selector-plugin@latest/dist/level-selector.min.js
Non-Authoritative-Reason
HSTS
js
www.googletagmanager.com/gtag/ Frame A326
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125457803-3
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
354bd902925f23c8c909188e05d749f90958703b6332ccea0a3a1b1a1e3abc32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 12 Feb 2020 18:11:51 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Cache-Control
content-length
28368
x-xss-protection
0
expires
Wed, 12 Feb 2020 18:11:51 GMT
/
d1r90st78epsag.cloudfront.net/ Frame A326
146 KB
54 KB
Script
General
Full URL
http://d1r90st78epsag.cloudfront.net/?etsrd=818586
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
2600:9000:20eb:1200:18:83e:5e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1504c3c9bbfbf93418a48faf77a121283061d49ecbc195bbfdb53292fd55a3b0

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 12 Feb 2020 18:11:51 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
54583
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
X-Amz-Cf-Id
yQakWgSnh-SQzbv5BCzEdpNKoRaFeKS4k_nJEk9ibahyVzgzDPEXJg==
/
c.adsco.re/
34 KB
11 KB
Script
General
Full URL
http://c.adsco.re/
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
Age
467634
ETag
"a73Qdnp6tbMta3RY0Wgotw=="
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=43200,public,immutable,no-transform
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
56408704fddc1f55-FRA
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires
Fri, 07 Feb 2020 20:17:57 GMT
/
6.adsco.re/
0
584 B
Other
General
Full URL
http://6.adsco.re/
Requested by
Host: vdl.primevideos.net
URL: http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Encoding
gzip
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
56408705892fdfc3-FRA
Access-Control-Allow-Headers
Content-Type
t
adsco.re/
67 B
389 B
XHR
General
Full URL
http://adsco.re/t
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67

Request headers

Origin
http://vdl.primevideos.net
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Access-Control-Max-Age
2592000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://vdl.primevideos.net
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
analytics.js
www.google-analytics.com/ Frame A326
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125457803-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5899
date
Wed, 12 Feb 2020 16:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Wed, 12 Feb 2020 18:33:32 GMT
collect
www.google-analytics.com/ Frame A326
35 B
105 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1223845210&t=pageview&_s=1&dl=http%3A%2F%2Fserver5.primevideos.net%2Fsecure%2FldL2qP3qevQKBNW.html&dr=http%3A%2F%2Fvdl.primevideos.net%2Ffiles%2FldL2qP3qevQKBNW.html&ul=en-us&de=UTF-8&dt=Enjoy%205&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAUAB~&jid=&gjid=&cid=1040674764.1581531111&tid=UA-125457803-3&_gid=1295741771.1581531111&gtm=2ou1t0&z=577919323
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 04 Feb 2020 04:48:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
739398
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
6.adsco.re/
53 B
609 B
XHR
General
Full URL
http://6.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Origin
http://vdl.primevideos.net
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Encoding
gzip
Server
cloudflare
Access-Control-Allow-Headers
Content-Type
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
http://vdl.primevideos.net
Access-Control-Max-Age
2592000
Cache-Control
max-age=600,public,immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
56408705e9bc97e4-FRA
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
/
f01eln00a8uk.l.adsco.re/
0
464 B
XHR
General
Full URL
https://f01eln00a8uk.l.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Origin
http://vdl.primevideos.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
f01eln00a8uk.n.adsco.re/
0
464 B
XHR
General
Full URL
https://f01eln00a8uk.n.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Origin
http://vdl.primevideos.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
f01eln00a8uk.s.adsco.re/
0
464 B
XHR
General
Full URL
https://f01eln00a8uk.s.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Origin
http://vdl.primevideos.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Feb 2020 18:11:52 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 8C1F
0
0
Document
General
Full URL
http://c.adsco.re/
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
c.adsco.re
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=43200,public,immutable,no-transform
Link
<//adsco.re>;rel=preconnect,<//6.adsco.re>;rel=prefetch
Expires
Fri, 07 Feb 2020 20:17:57 GMT
ETag
"a73Qdnp6tbMta3RY0Wgotw=="
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
467634
Vary
Accept-Encoding
Alt-Svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
Server
cloudflare
CF-RAY
56408705e8231f55-FRA
VWUwSHN6WlM7TjAJfXgSODd8Eh8fPHIgBz0zYTwlBiJqGSZkN3tuBzwBDXBCbVAIflUlDFR1QnMWRCkHIBYNeVU8C1YnTnMTDXldZlEeeUN7UhY8AzQCDXlVJRFEJE5kUAh5RmZUAXlCYVQH
edencourtbrita.info/ Frame A326
0
120 B
Image
General
Full URL
http://edencourtbrita.info/VWUwSHN6WlM7TjAJfXgSODd8Eh8fPHIgBz0zYTwlBiJqGSZkN3tuBzwBDXBCbVAIflUlDFR1QnMWRCkHIBYNeVU8C1YnTnMTDXldZlEeeUN7UhY8AzQCDXlVJRFEJE5kUAh5RmZUAXlCYVQH
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 12 Feb 2020 18:11:51 GMT
popunder.gif
edencourtbrita.info/ Frame A326
35 B
305 B
Image
General
Full URL
http://edencourtbrita.info/popunder.gif
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Wed, 12 Feb 2020 18:11:51 GMT
content-encoding
gzip
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
QnpbcHtLel93eEk
edencourtbrita.info/SnpLbkNlRSgdfhMXLxwQMDwfOyR7Tx4ZDRw5IgECHUtyCyULPBhINyMedlZxckNzX2U6Ey9TcnJcOBoiPg84U3JsEyUILHdcPVNyZEplXm18XD8eIi1HekgzPg4nU3J/ Frame A326
0
120 B
Image
General
Full URL
http://edencourtbrita.info/SnpLbkNlRSgdfhMXLxwQMDwfOyR7Tx4ZDRw5IgECHUtyCyULPBhINyMedlZxckNzX2U6Ey9TcnJcOBoiPg84U3JsEyUILHdcPVNyZEplXm18XD8eIi1HekgzPg4nU3J/QnpbcHtLel93eEk
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 12 Feb 2020 18:11:51 GMT
truncated
/ Frame A326
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A326
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
s
officultpolicit.pro/ Frame A326
Redirect Chain
  • https://secure.adnxs.com/getuid?https://officultpolicit.pro/s?a=$UID&b=396578402459
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fofficultpolicit.pro%2Fs%3Fa%3D%24UID%26b%3D396578402459
  • https://officultpolicit.pro/s?a=820711772028482842&b=396578402459
43 B
376 B
Image
General
Full URL
https://officultpolicit.pro/s?a=820711772028482842&b=396578402459
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Feb 2020 18:11:52 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
status
200
cf-ray
564087090df8bdc3-AMS
content-length
43

Redirect headers

Pragma
no-cache
Date
Wed, 12 Feb 2020 18:11:53 GMT
AN-X-Request-Uuid
e8bbc8af-9cc2-4623-a99f-b16406331c72
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://officultpolicit.pro/s?a=820711772028482842&b=396578402459
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.133; 82.102.19.133; 314.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.106:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
FANZE2YfdFMHdwMWKTd6fSAjKmMDFxVXcQsRDSxjPSI1CV83FDcqagQ9EhloD3FSM3McDikJBDcIJwRWAAMZUFMmHkRRdigTICRhfi8KKXYuJTEZADwWGRcAKCMCMWEaAQYoAAwTMTRIfgYjV0cGKSAkYTdwVzpxFwAqNEh+BiQpWAsqTDJxAQMzBGkMHiUudCZ1N...
knottishhuntilc.info/YzBNRGECUi4pXgINL2IUEVxwYVMlFX8CBVJCdHQSFwd1IREQUSpqAg9fOCAHEV8jME8NVTlhUyVhGBENJX4FCRgpWTkXNSBlKg0wD3wUDCcUdAgSUipKFyYpMHZ9Cg8Udx13EhFoJAFVKHM9ECk7U3QUUCF/ Frame 9BE1
0
0
Document
General
Full URL
http://knottishhuntilc.info/YzBNRGECUi4pXgINL2IUEVxwYVMlFX8CBVJCdHQSFwd1IREQUSpqAg9fOCAHEV8jME8NVTlhUyVhGBENJX4FCRgpWTkXNSBlKg0wD3wUDCcUdAgSUipKFyYpMHZ9Cg8Udx13EhFoJAFVKHM9ECk7U3QUUCF/FANZE2YfdFMHdwMWKTd6fSAjKmMDFxVXcQsRDSxjPSI1CV83FDcqagQ9EhloD3FSM3McDikJBDcIJwRWAAMZUFMmHkRRdigTICRhfi8KKXYuJTEZADwWGRcAKCMCMWEaAQYoAAwTMTRIfgYjV0cGKSAkYTdwVzpxFwAqNEh+BiQpWAsqTDJxAQMzBGkMHiUudCZ1NiFpIAgiB1YKLTcQVH4OJjpeeDYjU2Z9IVI2UwoAClp7Cyw2Okc9IyMIfXQNIlZiGykvVnkhATAsWRc3JDZ2JQ8IUncFABYQaQwdUDlefDYjJQEkIg8AfhUTI0YCCyIjJXIUEA4IZSUNCyp3DAMvNGJ7JwkTcRd2WRRzGA4IL0kMACdRXGh2JwBHNQwsK0A0ADMlXSh3BTR2Gg0OAFwMHC8rSDUFIzlAay4SDF49eRIrRSN2DwliJCUOBF4
Requested by
Host: d1r90st78epsag.cloudfront.net
URL: http://d1r90st78epsag.cloudfront.net/?etsrd=818586
Protocol
HTTP/1.1
Server
52.87.71.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-71-23.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash

Request headers

Host
knottishhuntilc.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Type
text/html
Content-Length
1271
Connection
keep-alive
Server
openresty/1.15.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
IwUXMAs5dykeCjtRPSEfKFMyJQwlcCk2GSJGMAMWBn0QIXojeh9yOiBzNTQMInAxBCQrbDl2NjZ9BAx8IwUhdQwfYxESFhJwFwAMI1QEEzYydzpyHAhBPhQmSXQQEHsQVBQIJTlwHykMGGQ+FzRBexcAdzxXJRQ2KV5DcQ8fdxEAJElyOnd6IGUlBH0pYDJ+CiATG...
knottishhuntilc.info/NXNGTnFUESUjTlROJGgERx97a0NzVnQIFQQBf34CQUR+KwFGEiFgElkcMyoXRxwoOl9bFjJrQ3NBERondhIeH0diGjEeIkxCJQQdZz4nOUACJhMYVAc1HjQ0cjQvJThxMn5/OQQcdwklRiEXDQJSPCF/F28xdgEhZBs8GglSRxE3J2Am... Frame 6B94
0
0
Document
General
Full URL
http://knottishhuntilc.info/NXNGTnFUESUjTlROJGgERx97a0NzVnQIFQQBf34CQUR+KwFGEiFgElkcMyoXRxwoOl9bFjJrQ3NBERondhIeH0diGjEeIkxCJQQdZz4nOUACJhMYVAc1HjQ0cjQvJThxMn5/OQQcdwklRiEXDQJSPCF/F28xdgEhZBs8GglSRxE3J2AmLDYTfCUUCBcEIisNQVkHAzQSfCASHBB6MgcXP2MhKBkLfwABfTt4ISslFXkEIRY8cwB0DBZWCwMGNEcmET03fgQlDyFzHygZQWRDEA03eCErIhB4Jj4JEGBCKBlBZxwEHEBsIgcXMFRDPgkQYyI/CSNSSxcnXFY/DjQzdyl3PQhXMhx/IwUXMAs5dykeCjtRPSEfKFMyJQwlcCk2GSJGMAMWBn0QIXojeh9yOiBzNTQMInAxBCQrbDl2NjZ9BAx8IwUhdQwfYxESFhJwFwAMI1QEEzYydzpyHAhBPhQmSXQQEHsQVBQIJTlwHykMGGQ+FzRBexcAdzxXJRQ2KV5DcQ8fdxEAJElyOnd6IGUlBH0pYDJ+CiATGTUhH0VOCCgwcxwxPj59Bi8HP2EZ
Requested by
Host: d1r90st78epsag.cloudfront.net
URL: http://d1r90st78epsag.cloudfront.net/?etsrd=818586
Protocol
HTTP/1.1
Server
52.87.71.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-71-23.compute-1.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash

Request headers

Host
knottishhuntilc.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html

Response headers

Date
Wed, 12 Feb 2020 18:11:51 GMT
Content-Type
text/html
Content-Length
1256
Connection
keep-alive
Server
openresty/1.15.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Aw4KESdYUBkHf1VPARElFQBQCmBDEUNDPVhQAg9gUFIGBmBUVw4B
edencourtbrita.info/YTc3UWVOCFQiWDdwWyg8UVNbCSczZX0FMwNyQBtXA2FxGTMpU1x3EQhTCmlXWQ4PYEMRXlNsVFkRRCUEFUJEbFNTEV4/ Frame A326
0
120 B
Image
General
Full URL
http://edencourtbrita.info/YTc3UWVOCFQiWDdwWyg8UVNbCSczZX0FMwNyQBtXA2FxGTMpU1x3EQhTCmlXWQ4PYEMRXlNsVFkRRCUEFUJEbFNTEV4/Aw4KESdYUBkHf1VPARElFQBQCmBDEUNDPVhQAg9gUFIGBmBUVw4B
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 12 Feb 2020 18:11:51 GMT
dEVIXiwkGFMRNH9GQAR2bEZeGXVkAx5WJX9GSEc2NhtTBnd6RlsEc3NGXwF7dA
edencourtbrita.info/bjdCQndBCCExSiBcGHcWAmIKIQ9XbgxzE15wAzYcLH8PJiJcYgVkAwdTf3pGVgJ6dFEeXiZ/RkhENiMDG0R/ Frame A326
0
120 B
Image
General
Full URL
http://edencourtbrita.info/bjdCQndBCCExSiBcGHcWAmIKIQ9XbgxzE15wAzYcLH8PJiJcYgVkAwdTf3pGVgJ6dFEeXiZ/RkhENiMDG0R/dEVIXiwkGFMRNH9GQAR2bEZeGXVkAx5WJX9GSEc2NhtTBnd6RlsEc3NGXwF7dA
Requested by
Host: server5.primevideos.net
URL: http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 12 Feb 2020 18:11:51 GMT
p
adsco.re/
259 B
770 B
XHR
General
Full URL
http://adsco.re/p
Requested by
Host: c.adsco.re
URL: http://c.adsco.re/
Protocol
HTTP/1.1
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
f80ca8dea1a91c1b0e5c75486a11efabca079545aca959f9198355daa2fff746

Request headers

Origin
http://vdl.primevideos.net
Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

AS-P-G
OK
Date
Wed, 12 Feb 2020 18:11:52 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK
Access-Control-Allow-Origin
http://vdl.primevideos.net
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
c
serve.popads.net/
0
202 B
Script
General
Full URL
http://serve.popads.net/c?_=BAoAXkQ_6AFeRD_ogAGBAcAAICFqQqzakTjJoQyaphFRDqD6qzGT8iA7oQkQ52SSisvQwQAgtUidJfCLismrzY6Pao6UQ89qWxt4HLLAiPNSQxsbejLCACCQtvxbSEaemmg9Revnx8ynEQX22xN2Tmc-lNzG8KSLzcQAECoBBPgBklQUAAAAAAAAAALFABC2ZiBt6rFVJALVUCQxfDI9wwAgtoHc2ASIT8m0505_29Sp-njjTVSnuS9tKSIWXrPWE8Q&v=4&siteId=3058396&minBid=&popundersPerIP=&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200
Requested by
Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol
HTTP/1.1
Server
216.21.13.10 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 12 Feb 2020 18:11:52 GMT
PopAds-EC
ASB
Connection
Keep-Alive
Content-Length
0
PopAds-CI
93
Content-Type
text/html; charset=UTF-8
a
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.load&eid=3&u=C&tc=1&epr=2UA&z=0
  • https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.load&eid=3&u=C&tc=1&epr=2UA&z=0
0
56 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.load&eid=3&u=C&tc=1&epr=2UA&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://vdl.primevideos.net/files/ldL2qP3qevQKBNW.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Feb 2020 18:11:52 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.googletagmanager.com/a?id=UA-125457803-3&cv=1&v=3&t=t&pid=1230967409&rv=1t0&es=1&e=gtm.load&eid=3&u=C&tc=1&epr=2UA&z=0
Non-Authoritative-Reason
HSTS
p
officultpolicit.pro/ Frame A326
25 B
380 B
XHR
General
Full URL
https://officultpolicit.pro/p?b=396578402459&c=74619017
Requested by
Host: d1r90st78epsag.cloudfront.net
URL: http://d1r90st78epsag.cloudfront.net/?etsrd=818586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.9.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc81a1028cb9ccde9c4e4ec9543df9edbceef5815b1ce9bcb6eea2985ed0c48

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Origin
http://server5.primevideos.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Feb 2020 18:11:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cf-ray
564087146d81c765-AMS
RE42bVprcVUeZx0aYCsJABhnLBkKeGAaGwwEdQYfETl3BTkVGGRLLi0qC1VrfHsOW3w0J1JQa2I9QgwuMT0LWWliJ1gLNXloQFBran0CQ2t0YAFLLjQvUVBrYj5CGTZ5fwNVa3F9B1xrcngHVA
edencourtbrita.info/ Frame A326
0
120 B
Other
General
Full URL
http://edencourtbrita.info/RE42bVprcVUeZx0aYCsJABhnLBkKeGAaGwwEdQYfETl3BTkVGGRLLi0qC1VrfHsOW3w0J1JQa2I9QgwuMT0LWWliJ1gLNXloQFBran0CQ2t0YAFLLjQvUVBrYj5CGTZ5fwNVa3F9B1xrcngHVA
Requested by
Host: d1r90st78epsag.cloudfront.net
URL: http://d1r90st78epsag.cloudfront.net/?etsrd=818586
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Origin
http://server5.primevideos.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 12 Feb 2020 18:11:56 GMT
ZEtBZVRLdCIWaQAhEzIxMA0JJAAmBxQdNyMFOQIVMDw5DwADDQZDIA0vfF1mXHJ5VHIUIiVYZVxtMhE1ED4yWGBXbSgLMgt2ZxNpVWVxS2RKfWcRJAUsfFRyFD81CWlVfnlUYVd6cFRiUnN4
edencourtbrita.info/ Frame A326
0
120 B
Other
General
Full URL
http://edencourtbrita.info/ZEtBZVRLdCIWaQAhEzIxMA0JJAAmBxQdNyMFOQIVMDw5DwADDQZDIA0vfF1mXHJ5VHIUIiVYZVxtMhE1ED4yWGBXbSgLMgt2ZxNpVWVxS2RKfWcRJAUsfFRyFD81CWlVfnlUYVd6cFRiUnN4
Requested by
Host: d1r90st78epsag.cloudfront.net
URL: http://d1r90st78epsag.cloudfront.net/?etsrd=818586
Protocol
HTTP/1.1
Server
52.86.189.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-189-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://server5.primevideos.net/secure/ldL2qP3qevQKBNW.html
Origin
http://server5.primevideos.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
access-control-allow-origin
*
Date
Wed, 12 Feb 2020 18:11:56 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| gtag object| dataLayer object| _pop object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| popjs object| Base64 function| pafban object| detectZoom object| PopAds object| _pao function| AdscoreInit number| a function| ed number| t number| newTime number| r number| g number| b string| bt

4 Cookies

Domain/Path Name / Value
.primevideos.net/ Name: _gat_gtag_UA_125457803_3
Value: 1
vdl.primevideos.net/ Name: a
Value: VCFPsGSgikect2okWaUUeTFvRr8rF66B
.primevideos.net/ Name: _gid
Value: GA1.2.1295741771.1581531111
.primevideos.net/ Name: _ga
Value: GA1.2.1040674764.1581531111

2 Console Messages

Source Level URL
Text
console-api log URL: http://c.adsco.re/(Line 13)
Message:
console-api log URL: http://c1.popads.net/pop.js(Line 44)
Message:
CI BAoAXkQ_6AFeRD_ogAGBAcAAICFqQqzakTjJoQyaphFRDqD6qzGT8iA7oQkQ52SSisvQwQAgtUidJfCLismrzY6Pao6UQ89qWxt4HLLAiPNSQxsbejLCACCQtvxbSEaemmg9Revnx8ynEQX22xN2Tmc-lNzG8KSLzcQAECoBBPgBklQUAAAAAAAAAALFABC2ZiBt6rFVJALVUCQxfDI9wwAgtoHc2ASIT8m0505_29Sp-njjTVSnuS9tKSIWXrPWE8Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
adsco.re
ajax.googleapis.com
c.adsco.re
c1.popads.net
cdn.jsdelivr.net
d1r90st78epsag.cloudfront.net
edencourtbrita.info
f01eln00a8uk.l.adsco.re
f01eln00a8uk.n.adsco.re
f01eln00a8uk.s.adsco.re
knottishhuntilc.info
officultpolicit.pro
secure.adnxs.com
serve.popads.net
server5.primevideos.net
vdl.primevideos.net
www.google-analytics.com
www.googletagmanager.com
104.18.9.52
162.252.214.5
185.200.116.90
185.200.118.90
185.33.223.209
195.154.106.65
195.154.168.217
195.181.175.51
216.21.13.10
2600:9000:20eb:1200:18:83e:5e00:21
2606:4700::6810:5514
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:819::200a
38.132.109.186
52.86.189.23
52.87.71.23
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
1504c3c9bbfbf93418a48faf77a121283061d49ecbc195bbfdb53292fd55a3b0
2618028eaab514090b9816af006d5f015b06f6c8268afaba06e83b6d72e93faf
354bd902925f23c8c909188e05d749f90958703b6332ccea0a3a1b1a1e3abc32
4dc81a1028cb9ccde9c4e4ec9543df9edbceef5815b1ce9bcb6eea2985ed0c48
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5f7dfb159c9213a481ed748e06e270486e24def0aa5b2221781306fa708ca96c
6b0208135549ad4600d215eb554b17993e62c39fa82c7056dd90ddb06bfb1e2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9be66c3a85d64fc039d17d90baa279e49a1bde4229e4378d8c0044f2146307fb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b66e0ae4a3a7b8e6a280d5b512ba4dcf43afb3ae8862fed33266a038cbe1f154
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d30037802015657dc95ee75b39f5da5965682adb0016df0ec4aa045e54f5ce67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7eb09a3a720b0e1ddfb656de5de82f32535bd65e9bf3c27b9a0cc6e63340ffc
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f80ca8dea1a91c1b0e5c75486a11efabca079545aca959f9198355daa2fff746