primitivesurvivors.org Open in urlscan Pro
2606:4700:20::6818:e6b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hdlmptctl900.us/?kkceajgbdhif=RWRTVkY3ZDdJK0ZVMmlWSFB2OGdYRXgwWVpqbzBZdXhVLzgzaUNNS3NGYmFoVVBwLzdPS2xiN2YzMTFLVG...
Effective URL:
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Submission: On January 04 via api (January 4th 2020, 3:58:15 am UTC) from BE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 33 domains to perform 68 HTTP transactions. The main IP is 2606:4700:20::6818:e6b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is primitivesurvivors.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 3rd 2020. Valid for: 6 months.

This is the only time primitivesurvivors.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:30:... 2606:4700:30::6812:34c8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	149.56.6.63 149.56.6.63	16276 (OVH) (OVH)
1 1	54.148.119.29 54.148.119.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.223.165.208 34.223.165.208	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
22	2606:4700:20:... 2606:4700:20::6818:e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:4700:30:... 2606:4700:30::681c:55	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.210.230.50 52.210.230.50	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 5	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
16 19	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.156.98.228 35.156.98.228	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.29.177.239 52.29.177.239	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 3	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 1	2a00:1288:110... 2a00:1288:110:c305::9000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	35.158.40.121 35.158.40.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	35.157.10.253 35.157.10.253	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.197 185.33.223.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
68	26

2 2606:4700:30::6812:34c8 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.hdlmptctl900.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.6.63 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: seekhops.com

www.fopiwino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.119.29 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-119-29.us-west-2.compute.amazonaws.com

blu145.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.165.208 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-223-165-208.us-west-2.compute.amazonaws.com

outpostnine5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::6818:e6b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

primitivesurvivors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:55 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

globenation.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.230.50 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-230-50.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 3.248.28.111 (Dublin, Ireland) 16 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.98.228 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-98-228.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.177.239 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-177-239.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::9000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.40.121 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-40-121.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.10.253 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-10-253.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.197 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.162 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	adroll.com 16 redirects s.adroll.com d.adroll.com	29 KB
22	primitivesurvivors.org primitivesurvivors.org	977 KB
6	facebook.com www.facebook.com staticxx.facebook.com	694 B
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
5	facebook.net connect.facebook.net	317 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	bidswitch.net 1 redirects x.bidswitch.net	906 B
2	3lift.com 1 redirects eb2.3lift.com	692 B
2	outbrain.com 1 redirects sync.outbrain.com	761 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	785 B
2	yimg.com s.yimg.com	6 KB
2	globenation.net globenation.net	36 KB
2	hdlmptctl900.us 2 redirects www.hdlmptctl900.us	1 KB
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	874 B
1	taboola.com trc.taboola.com	211 B
1	pubmatic.com simage2.pubmatic.com	862 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	ytimg.com s.ytimg.com	9 KB
1	addevent.com track.addevent.com
1	youtube.com www.youtube.com	1 KB
1	google.de www.google.de	478 B
1	google.com 1 redirects www.google.com	559 B
1	gstatic.com fonts.gstatic.com	25 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	outpostnine5.com 1 redirects outpostnine5.com	762 B
1	blu145.com 1 redirects blu145.com	286 B
1	fopiwino.com 1 redirects www.fopiwino.com	334 B
68	33

	Domain	Requested by
22	primitivesurvivors.org	primitivesurvivors.org
18	d.adroll.com	15 redirects
5	s.adroll.com	1 redirects primitivesurvivors.org s.adroll.com
5	www.facebook.com	primitivesurvivors.org connect.facebook.net
5	connect.facebook.net	primitivesurvivors.org connect.facebook.net
4	platform.twitter.com	primitivesurvivors.org platform.twitter.com
3	www.google-analytics.com	1 redirects primitivesurvivors.org
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	s.yimg.com	primitivesurvivors.org s.yimg.com
2	globenation.net	primitivesurvivors.org
2	www.hdlmptctl900.us	2 redirects
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	d.adroll.mgr.consensu.org	1 redirects
1	syndication.twitter.com
1	s.ytimg.com	www.youtube.com
1	track.addevent.com	primitivesurvivors.org
1	www.youtube.com	primitivesurvivors.org
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	primitivesurvivors.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	fonts.gstatic.com	primitivesurvivors.org
1	fonts.googleapis.com	primitivesurvivors.org
1	outpostnine5.com	1 redirects
1	blu145.com	1 redirects
1	www.fopiwino.com	1 redirects
68	38

This site contains no links.

Subject Issuer	Validity	Valid
ssl371273.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-03` - `2020-07-11`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-12-10` - `2020-01-24`	a month	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
addevent.com Amazon	`2019-04-11` - `2020-05-11`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 5 frames:

Primary Page: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Frame ID: 1226372F479223B5EE6C1B108B128C4D
Requests: 64 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=45
Frame ID: 0D08D1F55F9A7121417C2A8C8D4300A0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df27593240b1be08%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff8015692d13c08%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey
Frame ID: 9284E79C94BDE8C293CF43EC4A16407B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fprimitivesurvivors.org
Frame ID: 7C4B1FAD96D0304F34E24F8250B1491B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
Frame ID: F86EFBD7D3B610DC2EF08C0D6C5B65FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.hdlmptctl900.us/?kkceajgbdhif=RWRTVkY3ZDdJK0ZVMmlWSFB2OGdYRXgwWVpqbzBZdXhVLzgzaUNNS3NGYmFoVV... HTTP 302
http://www.hdlmptctl900.us/click.php?tt=manu&mm=498509&ll=Opener%2020/8/18&cc=5343&ss=7487&sid=30467&fi... HTTP 302
http://www.fopiwino.com/yPcPPequPQJEPr3_SuDNamZCs-IsvC3TkNv07hkyDKU2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZk... HTTP 302
http://blu145.com/?a=24&c=19&s1=161589&s2=522759525&s3=3JAN2020HEADLAMP&cs=24-1 HTTP 302
http://outpostnine5.com/?a=24&c=19&s1=161589&s2=522759525&s3=3JAN2020HEADLAMP&cs=24-1&ckmguid=3a0897... HTTP 302
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

68
Requests

97 %
HTTPS

43 %
IPv6

33
Domains

38
Subdomains

26
IPs

8
Countries

1449 kB
Transfer

3400 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hdlmptctl900.us/?kkceajgbdhif=RWRTVkY3ZDdJK0ZVMmlWSFB2OGdYRXgwWVpqbzBZdXhVLzgzaUNNS3NGYmFoVVBwLzdPS2xiN2YzMTFLVGs0anYxbkRDcGQrclFBTEs3TjBQdDBuYkhMc21rRTNXZFRYZ3pZb3IvaHcvUXQ4SjN2bjU5WUNibll2Ykxobzd5RVNWTnpQNkpRbTZZZzVtZDZMR3N3bUl6UmUyenBGRWVBV05pT3VISHg5R3NuN29EZ0R5NU1BZ1VQZUhVWTNrTWt4ODUyWlMrSmFIY1VsWXk3ekJjTmFEaE1ZR1hxR0JTTTVjNE4xRkdPdVRmTHdpOThSd25OcTR0M3I4WGphNWdNR0tLS3BhUDRaT2Z3YW05Qm1aamY5R1NkeTFhcXowaGhEZ0pJcm5VUSsvUlE5eWV4WkdzdlV6dEhRQjhVcEVuNzM= HTTP 302
http://www.hdlmptctl900.us/click.php?tt=manu&mm=498509&ll=Opener%2020/8/18&cc=5343&ss=7487&sid=30467&fid=21071&rr=click&offer=0&origclickurl=www.fopiwino.com/yPcPPequPQJEPr3_SuDNamZCs-IsvC3TkNv07hkyDKU2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/3JAN2020HEADLAMP// HTTP 302
http://www.fopiwino.com/yPcPPequPQJEPr3_SuDNamZCs-IsvC3TkNv07hkyDKU2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/3JAN2020HEADLAMP// HTTP 302
http://blu145.com/?a=24&c=19&s1=161589&s2=522759525&s3=3JAN2020HEADLAMP&cs=24-1 HTTP 302
http://outpostnine5.com/?a=24&c=19&s1=161589&s2=522759525&s3=3JAN2020HEADLAMP&cs=24-1&ckmguid=3a089703-c50d-49ba-822f-ee91b4ded677 HTTP 302
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2145388483&t=pageview&_s=1&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1&ul=en-us&de=UTF-8&dt=Tactical%20LED%20Headlamp%20TL900&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=90504452&gjid=1414370653&cid=1754063181.1578110279&tid=UA-64827807-7&_gid=1989547642.1578110279&_r=1&z=2052918225 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_gid=1989547642.1578110279&gjid=1414370653&_v=j79&z=2052918225 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_v=j79&z=2052918225 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_v=j79&z=2052918225&slf_rd=1&random=1398853817

Request Chain 47

https://s.adroll.com/j/exp/GYKIC6XRBVAZFHHGCZVSTM/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 48

https://d.adroll.mgr.consensu.org/consent/iabcheck/GYKIC6XRBVAZFHHGCZVSTM?_s=10795833919da05cb54f405367701fd7&_b=2 HTTP 302
https://d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM/?_s=10795833919da05cb54f405367701fd7&_b=2

Request Chain 49

https://d.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&pv=37833219799.154175&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1 HTTP 302
https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js

Request Chain 52

https://d.adroll.com/cm/aol/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP661173d9-2ea6-11ea-99a2-027db0eae83a HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP661173d9-2ea6-11ea-99a2-027db0eae83a&verify=true

Request Chain 53

https://d.adroll.com/cm/index/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expiration=1609646279 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expiration=1609646279&C=1

Request Chain 54

https://d.adroll.com/cm/n/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expires=365

Request Chain 55

https://d.adroll.com/cm/outbrain/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&rdrctExp=true

Request Chain 56

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 57

https://d.adroll.com/cm/r/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 58

https://d.adroll.com/cm/taboola/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

Request Chain 59

https://d.adroll.com/cm/triplelift/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 60

https://d.adroll.com/fb/tr/?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805 HTTP 302
https://www.facebook.com/tr/?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&cd[external_id]=N_t9Kf_ZlV0loNINHkwiJA

Request Chain 61

https://d.adroll.com/cm/b/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

Request Chain 62

https://d.adroll.com/cm/x/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

Request Chain 63

https://d.adroll.com/cm/l/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=37fb7d29ffd9955d25a0d20d1e4c2224

Request Chain 64

https://d.adroll.com/cm/o/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=37fb7d29ffd9955d25a0d20d1e4c2224 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=37fb7d29ffd9955d25a0d20d1e4c2224

Request Chain 65

https://d.adroll.com/cm/g/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=N_t9Kf_ZlV0loNINHkwiJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=N_t9Kf_ZlV0loNINHkwiJA&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 7ps1 Show response
primitivesurvivors.org/tl900/11/
Redirect Chain

http://www.hdlmptctl900.us/?kkceajgbdhif=RWRTVkY3ZDdJK0ZVMmlWSFB2OGdYRXgwWVpqbzBZdXhVLzgzaUNNS3NGYmFoVVBwLzdPS2xiN2YzMTFLVGs0anYxbkRDcGQrclFBTEs3TjBQdDBuYkhMc21rRTNXZFRYZ3pZb3IvaHcvUXQ4SjN2bjU5WUNi...
http://www.hdlmptctl900.us/click.php?tt=manu&mm=498509&ll=Opener%2020/8/18&cc=5343&ss=7487&sid=30467&fid=21071&rr=click&offer=0&origclickurl=www.fopiwino.com/yPcPPequPQJEPr3_SuDNamZCs-IsvC3TkNv07hk...
http://www.fopiwino.com/yPcPPequPQJEPr3_SuDNamZCs-IsvC3TkNv07hkyDKU2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/3JAN2020HEADLAMP//
http://blu145.com/?a=24&c=19&s1=161589&s2=522759525&s3=3JAN2020HEADLAMP&cs=24-1
http://outpostnine5.com/?a=24&c=19&s1=161589&s2=522759525&s3=3JAN2020HEADLAMP&cs=24-1&ckmguid=3a089703-c50d-49ba-822f-ee91b4ded677
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

52 KB
12 KB

552ms
513ms

Document
text/html

2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: dca9c8dad78915319584a0b6f8734523de68fde1408fbeb48591abd36bc49982

Request headers

:method: GET
:authority: primitivesurvivors.org
:scheme: https
:path: /tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 04 Jan 2020 03:57:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d46f867cf0e17cee791baca29976522311578110277; expires=Mon, 03-Feb-20 03:57:57 GMT; path=/; domain=.primitivesurvivors.org; HttpOnly; SameSite=Lax PHPSESSID=8248e0ceb86156471ec2f62be74851ec; path=/
x-powered-by: PHP/5.6.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54fa4a90db33c2d1-FRA
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sat, 04 Jan 2020 03:57:56 GMT
Location: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=h3iV3hm6haULoyGFC4X0+1/abVW8dkicVpUXk/fXk2JG3T3hRDx3Tw==; domain=.outpostnine5.com; path=/; HttpOnly trk=wcZd4snezY2rt4js4PlPRSk/8lsU1vT3Rk7jL3M4cBZC0nKHF9WaHA==; domain=.outpostnine5.com; expires=Fri, 03-Jan-2025 19:57:57 GMT; path=/; HttpOnly c4=h3iV3hm6haXCzA40M7KELl2YEOTPkImU2AFZO5f8gwI=; domain=.outpostnine5.com; expires=Mon, 03-Feb-2020 03:57:57 GMT; path=/; HttpOnly
Content-Length: 256

GET
H2 200 kprofile.css
primitivesurvivors.org/tl900/11/resources/css/ 1 KB
525 B 469ms
468ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kprofile.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba7688c6781687a0560056511cec478e3310f55f1ad2795c462771912746f9e

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2016 01:36:08 GMT
server: cloudflare
etag: W/"4203fc-498-52da7d6acf200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a949a0ac2d1-FRA

GET
H2 200 kform.css
primitivesurvivors.org/tl900/11/resources/css/ 7 KB
2 KB 468ms
468ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kform.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50fb038a77f7d6cd85aaa4923a370dc5122e9f2f17d0f61ad8370ee1d3e803a

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Mar 2016 19:02:46 GMT
server: cloudflare
etag: W/"4203fb-1c52-52dca9391c180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a949a0cc2d1-FRA

GET
H2 200 kcart.css
primitivesurvivors.org/tl900/11/resources/css/ 2 KB
802 B 472ms
472ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kcart.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08eac26f4f8eb8cf4ff8de77487af119b1449bfa547ff86a46451e014b02320

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2016 01:36:08 GMT
server: cloudflare
etag: W/"4203fa-867-52da7d6acf200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a949a0dc2d1-FRA

GET
H2 200 kvalidator.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 29 KB
7 KB 467ms
467ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/kvalidator.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46591debdbac746096895e17605faee023954bf033c18dfc7a349056e32d8c92

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Oct 2018 11:29:13 GMT
server: cloudflare
etag: W/"3c9c7c-731a-579849c9d1710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a949a0fc2d1-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
31 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: D9qvt86Mi5GVSUnLrs7deZrm4u5Q+kDcpw9Rllk0gwkKYBV3xzfm0X3LE5Y1YJDpj/ZyOCumQ9Qmb9AVG/c/gA==
x-fb-trip-id: 1850256238
date: Sat, 04 Jan 2020 03:57:57 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 990036034350304 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/990036034350304?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

baad68c835ebeb6bb1c72f6cd8a86d482e1a6f5c050fcf18e80d21b8e6596aeb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Sqjz6tnbGtQ/HnFDKG7zbd2OxSadKB9fjcr/m3vlw44ma1yfAXs9iVxDU2u7ljkm34VE3MniSh7NbVOt3eDjGQ==
x-fb-trip-id: 1850256238
date: Sat, 04 Jan 2020 03:57:57 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 klander.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 34 KB
7 KB 472ms
472ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/klander.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb13b0ae34ab1f7dff4fcfc79187f338f85d6a7a61969f483a1c8084064a537

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Mar 2016 17:48:47 GMT
server: cloudflare
etag: W/"42040b-8700-52e92b565bdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a94ca68c2d1-FRA

GET
H2 200 kcart.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 21 KB
5 KB 464ms
464ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/kcart.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f84f4427e998b11e18c08b994cb8f7d932b638feeb25645d6547f91eefed22

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Aug 2016 17:50:57 GMT
server: cloudflare
etag: W/"42040a-5272-539a72cc54240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a94ca69c2d1-FRA

GET
H2 200 lander.css
primitivesurvivors.org/assets/ 295 KB
48 KB 475ms
474ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/assets/lander.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8788a53e1f7c3d009811faac4bf6f61e5bf12bfcf713025818b81875cfd769ff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Feb 2016 08:34:36 GMT
server: cloudflare
etag: W/"3c0514-49c14-52b7a6bac1f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a957b8fc2d1-FRA

GET
H2 200 font-awesome.css
primitivesurvivors.org/tl900/css/ 34 KB
7 KB 467ms
466ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/css/font-awesome.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e97ff9485834e2d01d61f33fe17566489e9c8e3aaea2fb8b29031a927de04d7

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 13 May 2016 14:08:45 GMT
server: cloudflare
etag: W/"4207b4-88a8-532b9d0161540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a957b94c2d1-FRA

GET
H2 200 css
fonts.googleapis.com/ 43 KB
2 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

0273caa4ae43b1d4cb95e3e204c02146c5e25af06057f90f71db1150cd66e203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 04 Jan 2020 03:57:58 GMT
server: ESF
access-control-allow-origin: *
date: Sat, 04 Jan 2020 03:57:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sat, 04 Jan 2020 03:57:58 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
primitivesurvivors.org/tl900/js/ 94 KB
32 KB 473ms
473ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/js/jquery-1.11.2.min.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 27 May 2015 04:53:52 GMT
server: cloudflare
etag: W/"4203ce-176bf-5170907873800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a957b95c2d1-FRA

GET
H2 200 session.js Show response
primitivesurvivors.org/tl900/11/ 332 B
315 B 469ms
468ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/session.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca2a42ad46cb3c74ce4616f3b80b0ab47921e751de00abe4349dd56605c3168

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Mar 2019 18:19:57 GMT
server: cloudflare
etag: W/"420422-14c-584b2e6f38f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a957b9bc2d1-FRA

GET
H2 200 cs.js Show response
primitivesurvivors.org/affiliateCustom/ 4 KB
1 KB 471ms
470ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/affiliateCustom/cs.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d336858203d04f4d1e402e0cb8a450ed8b4b48a95c8c23b1f95fbdc06b9d28

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Mar 2017 18:18:30 GMT
server: cloudflare
etag: W/"4a06cd-eb7-54a2809f8c980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a957b9dc2d1-FRA

GET
H2 200 closemodal.png
primitivesurvivors.org/tl900/images/ 2 KB
2 KB 472ms
471ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/closemodal.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc6fc782c0d4686eb82136912f17a5de08ef8a8cb1e9da93c1f315eaa832db7f

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Nov 2015 23:41:16 GMT
server: cloudflare
etag: "4204f8-972-523bf8be01f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fa4a957b9ec2d1-FRA
content-length: 2418

GET
H2 200 globenation-logo.png
primitivesurvivors.org/tl900/images/ 23 KB
23 KB 465ms
465ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/globenation-logo.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0bcc49581e06a4877102e5a6ea47f090d937af5efbe68ee42060578090be8b9

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Feb 2016 08:25:02 GMT
server: cloudflare
etag: "420507-5c68-52b7a49759380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fa4a958bb0c2d1-FRA
content-length: 23656

GET
H2 200 northwest-night-beam_h.jpg
primitivesurvivors.org/tl900/images/ 201 KB
202 KB 463ms
463ms Image
image/jpeg 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/northwest-night-beam_h.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b5bdc221f51188cd5c216018126d5685f5b8de0767b06f6b31ea2b68dcea7e

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Apr 2016 16:55:03 GMT
server: cloudflare
etag: "420ba6-3258c-53060a39507c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fa4a986902c2d1-FRA
content-length: 206220

GET
H2 200 TL900Headlamp.png
primitivesurvivors.org/tl900/images/ 237 KB
237 KB 481ms
480ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/TL900Headlamp.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35f35f38ed0da3018adc2ee9637b77e37ac57fa713456ef14c07e91e04da76a

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Feb 2017 18:50:46 GMT
server: cloudflare
etag: "420520-3b321-5490edb968d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fa4a98a974c2d1-FRA
content-length: 242465

GET
H2 200 tltweet.jpg
primitivesurvivors.org/tl900/images/ 61 KB
62 KB 479ms
477ms Image
image/jpeg 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/tltweet.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82340800cd760a12a655d91f5f9a31aca3043df2de74eb8b724b937a8fe9664f

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Apr 2016 16:56:28 GMT
server: cloudflare
etag: "420ba8-f5ce-53060a8a60700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fa4a98a977c2d1-FRA
content-length: 62926

GET
H2 200 /
www.facebook.com/tr/ 44 B
348 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990036034350304&ev=PageView&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1578110278010&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1578110278009.1664874404&it=1578110277879&coo=false&rqm=GET

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 04 Jan 2020 03:57:58 GMT

GET
H/1.1 200
OK g700-tactical-flashlight-blinding-a-beer.jpg
globenation.net/wp-content/uploads/2015/11/ 20 KB
21 KB 278ms
238ms Image
image/jpeg 2606:4700:30::681c:55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://globenation.net/wp-content/uploads/2015/11/g700-tactical-flashlight-blinding-a-beer.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9c042a373085a520d831dc9ad0239a3543f1be3f822680dcb2650ac4a06905

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 04 Jan 2020 03:57:58 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 13 Nov 2015 07:11:41 GMT
Server: cloudflare
ETag: "2e0b7f-507d-52466c56be540"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54fa4a98ed83dfa5-FRA
Content-Length: 20605

GET
H/1.1 200
OK flashlight-for-nightime.jpg
globenation.net/wp-content/uploads/2015/11/ 15 KB
15 KB 388ms
348ms Image
image/jpeg 2606:4700:30::681c:55
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://globenation.net/wp-content/uploads/2015/11/flashlight-for-nightime.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:55 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516c7eb9a1b4a829f30052828d4e12000560c5114fa07b5dd823aaeb4793cccf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 04 Jan 2020 03:57:58 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Nov 2015 07:11:43 GMT
Server: cloudflare
ETag: "2e0b7d-3ab8-52466c58a69c0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 54fa4a98ed56e00f-FRA
Content-Length: 15032

GET
H2 200 tl900video.png
primitivesurvivors.org/tl900/images/ 107 KB
107 KB 476ms
475ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/tl900video.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41169675c092f84afb7c56b104f6e631bef24ddb5446326847df58cf9a29ec62

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Apr 2016 16:56:44 GMT
server: cloudflare
etag: "420ba7-1aa4c-53060a99a2b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 54fa4a98a978c2d1-FRA
content-length: 109132

GET
H2 200 lander.js Show response
primitivesurvivors.org/assets/ 565 KB
156 KB 472ms
471ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/assets/lander.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a4c7a1148a8b64ac46e8ef4c3a0e5a343d4aa01a4c97400ca099b6fd0c5d4b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 02 Mar 2016 01:49:08 GMT
server: cloudflare
etag: W/"3c0940-8d301-52d07166fcd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a9868f4c2d1-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5062
date: Sat, 04 Jan 2020 02:33:36 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 04 Jan 2020 04:33:36 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 53ms
18ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 925
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
x-amz-request-id: 5B2CC3B51190D39A
x-amz-id-2: daQVH5TdjAL+M3VxQ8OOjSA/6zb2TPb/KY7/F0xrC/agveFTfAL+iUmtek48LkekjVPtEpv6TJE=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

dfe2f38e5f729677625985e4826e7bbb25de05695ae7be5394c3015c46d9f3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JjsCZnB1LYmdW+HdF/ZPkA==
status: 200
date: Sat, 04 Jan 2020 03:57:58 GMT
expires: Sat, 04 Jan 2020 04:05:28 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1776
x-fb-debug: BeMrcM7Fun+AoAiXNaB9GN0vSWLXa7dxJq5Tb8t6e3EVkkgfaUf5WQX+fgjQprbkD/74NxwpOtEYeiYu1uCrdw==
x-fb-trip-id: 1850256238
x-fb-content-md5: 7fe634ecd20c68d8c9d29485b06d1f54
etag: "f87263bec111e08a05a3050a4393d42f"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v29/ 25 KB
25 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v29/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open%20Sans:400,700|Oswald:400,700|Droid%20Sans:400,700|Roboto:400,700|Lato:400,700|PT%20Sans:400,700|Source%20Sans%20Pro:400,700|Noto%20Sans:400,700|PT%20Sans:400,700|Ubuntu:400,700|Bitter:400,700|PT%20Serif:400,700|Rokkitt:400,700|Droid%20Serif:400,700|Raleway:400,700|Inconsolata:400,700
Origin: https://primitivesurvivors.org

Response headers

date: Thu, 21 Nov 2019 23:20:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 23:06:58 GMT
server: sffe
age: 3731825
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 25376
x-xss-protection: 0
expires: Fri, 20 Nov 2020 23:20:53 GMT

GET
H2 200 fontawesome-webfont.woff2
primitivesurvivors.org/tl900/fonts/ 65 KB
65 KB 468ms
468ms Font
application/octet-stream 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/css/font-awesome.css
Origin: https://primitivesurvivors.org

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Mar 2016 22:45:38 GMT
server: cloudflare
etag: W/"4203c4-10440-52d7d393cc880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: max-age=14400
cf-ray: 54fa4a98b9a8c2d1-FRA

GET
H2 200 widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 75ms
24ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 28837
x-served-by: cache-iad2146-IAD, cache-fra19135-FRA
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
etag: "a41dba1e30b9426e9a69c373d2c94042+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990036034350304&ev=Microdata&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1578110278547&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22meta%3Adescription%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22meta%3Akeywords%22%3A%22Tactical%2C%20LED%2C%20Headlamp%2C%20TL900%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22..%2Fimages%2FTL900Headlamp.png%22%2C%22og%3Atitle%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22og%3Adescription%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1578110278009.1664874404&it=1578110277879&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 04 Jan 2020 03:57:58 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b16722702a18c44252e287253ae3950a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

024cd1744447adc009673e6162121bd850503fd58932ffad0b73a3d426f44841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: K5kbWvIo3Pj4EXCuEpSOzw==
status: 200
date: Sat, 04 Jan 2020 03:57:58 GMT
expires: Sun, 03 Jan 2021 02:34:39 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 60150
x-fb-debug: puEi3+fJiuRFV/JNapezB0i3rVR8N+bekuPDJL+yGyixni/L6QfUW3ceY5tJ9B6MqV6v/2mFiQfsKa90xtUYfA==
x-fb-trip-id: 2125152713
x-fb-content-md5: f95362391ab9c16a96ee59d682c04d2e
etag: "07e0bc24cb3424cf349fa0827e90cc79"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2145388483&t=pageview&_s=1&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_gid=1989547642.1578110279&gjid=1414370653&_v=j79&z=2052918225
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_v=j79&z=2052918225
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_v=j79&z=2052918225&slf_rd=1&random=1398853817

42 B
478 B

28ms
16ms

Image
image/gif

2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_v=j79&z=2052918225&slf_rd=1&random=1398853817

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:57:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:57:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=1754063181.1578110279&jid=90504452&_v=j79&z=2052918225&slf_rd=1&random=1398853817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 435582.json Show response
s.yimg.com/wi/config/ 2 B
481 B 210ms
178ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/435582.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org

Response headers

date: Sat, 04 Jan 2020 03:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 726A576191286CC7
x-amz-id-2: HAktM4Lae6tK+xmhI0bW6ME0y02kJxEMTujAzIL+ZilpBFRS+XD43u3Wkpog9wnQkWVbfx8JSag=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 0D08 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=45

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b16722702a18c44252e287253ae3950a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
cookie: fr=0LcRMpPkwBgTKpHew..BeEA1G...1.0.BeEA1G.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 29 Dec 2020 22:49:33 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: iuhCde1N7j4s89LCdpLkbKiypRAxXwf5se5+lrHyZL4VC9In1M9+X4jJRu7GrnhTq/SIMOyN2CxD0fvR6FHX3w==
content-length: 12401
x-fb-trip-id: 1850256238
date: Sat, 04 Jan 2020 03:57:58 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 __utm.gif
www.google-analytics.com/ 35 B
134 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=primitivesurvivors.org&utmsr=1600x1200&utmul=en-us&utmr=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1&utmp=primitivesurvivors.org%2Ftl900%2F11%2F7ps1&utmcc=__utma%3D1.5340455055.1.1.1.1%3B&utme=8(vjsv)9(v4.11.4)

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 01:33:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3896687
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24-1.php Show response
primitivesurvivors.org/affiliateCustom/ 1 KB
677 B 490ms
490ms XHR
text/html 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/affiliateCustom/24-1.php?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1&rand=1578110279.054
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/assets/lander.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: cec3eae9dd4755cfc98d4c7f0bc94c542f49fe1208d2abf1bffc414580c9cb32

Request headers

Accept: */*
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 54fa4a9c1812c2d1-FRA

GET
H2 200 share_button.php
www.facebook.com/v2.6/plugins/ Frame 9284 0
0 161ms
161ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df27593240b1be08%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff8015692d13c08%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b16722702a18c44252e287253ae3950a&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df27593240b1be08%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff8015692d13c08%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
cookie: fr=0LcRMpPkwBgTKpHew..BeEA1G...1.0.BeEA1G.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.11
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: BGoGYF8LANXRQ+3aQPJy1qJ7ClRfzVcfCP4M9xHu1uq+C5rtE8hQI1Ol0YAFzn+ph0GpIkkFr9ZCzsqahklNuw==
date: Sat, 04 Jan 2020 03:57:59 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 widget_iframe.69e02060c7c44baddf1b5629549acc0c.html
platform.twitter.com/widgets/ Frame 7C4B 0
0 24ms
24ms Document
text/html 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fprimitivesurvivors.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fprimitivesurvivors.org
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:44:55 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "4b563298f37eb3ef2a2f8897be83c714+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Sat, 04 Jan 2020 03:57:59 GMT
x-served-by: cache-iad2141-IAD, cache-fra19135-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 34ms
21ms Script
application/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

8a1503a6be3910d5f7030723273f4c1d114995b1885cbce2e58b1a1fb8b61337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:59 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 196ms
40ms Image
text/html 52.210.230.50
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=e2710546-799b-4dd8-10a7-a97d4002f28b&url=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1&cache=1578110279097
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.230.50 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-210-230-50.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H2 200 button.550007e6cc79c00bac51111d8131d860.js Show response
platform.twitter.com/js/ 7 KB
2 KB 24ms
23ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.550007e6cc79c00bac51111d8131d860.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 04f4ae45c416f3cae99c9092537f549e56653297e79cea04501e0ebed1e9bd1c

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:59 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2294
x-served-by: cache-iad2143-IAD, cache-fra19135-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "0c1c703295ecdf55c72e3a108ce862e8+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflvtcxpc/ 23 KB
9 KB 17ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflvtcxpc/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

336fcbed0b5b1a5c63e555efb1170170cf3a17ea6db699d15415d91930cdc0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 03 Jan 2020 02:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90368
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8776
x-xss-protection: 0
last-modified: Fri, 03 Jan 2020 01:04:27 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Sat, 11 Jan 2020 02:51:51 GMT

GET
H2 200 tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
platform.twitter.com/widgets/ Frame F86E 0
0 24ms
24ms Document
text/html 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:44:52 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "4dc6e55d00b534aa830efd2ddeb984e0+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Sat, 04 Jan 2020 03:57:59 GMT
x-served-by: cache-iad2128-IAD, cache-fra19135-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12266

POST
H2 200 async.php Show response
primitivesurvivors.org/tl900/11/resources/ 68 B
227 B 1400ms
1400ms XHR
text/html 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/async.php
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/resources/js/klander.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: 070c462387ca7edfff45b5f687936e83936c032d8f41afff5a88143446419480

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 54fa4a9daad0c2d1-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 133ms
133ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1578110279309%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22cfadeaf%3A1576014006272%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Sat, 04 Jan 2020 03:57:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7a0323a4effa9749582cd88354610a4b
x-transaction: 00b84e7e00b18ad1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 35 KB
12 KB 80ms
26ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10bdeb0242f97e5483f914eb5b752df183725a366af8f0c9ba8bb645586006ff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: _IkEf6DskU5rqggn.I2sIuaN0nx2cwvp
Content-Encoding: gzip
x-amz-request-id: F9D0DA43F8A7D2E7
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sat, 04 Jan 2020 03:57:59 GMT
Connection: keep-alive
Content-Length: 11267
x-amz-id-2: kYq/HvQE2in2V0OJHqAxqYPYGdFqWIY5daBAJ8M6lbP+uFyBfe2MEB4kG/n5piNS5k7o+rxgLSo=
Last-Modified: Tue, 17 Dec 2019 22:01:13 GMT
Server: AmazonS3
ETag: "94890c8a120a76710f8edb7ac61589bf"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/GYKIC6XRBVAZFHHGCZVSTM/index.js
https://s.adroll.com/j/exp/index.js

28 B
680 B

25ms
25ms

Script
application/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: hlHgKZNwBkHzMk1Lpt_4WU4bIRikD0xb
x-amz-request-id: B3E79C8BAA902D2E
x-amz-server-side-encryption: AES256
Date: Sat, 04 Jan 2020 03:57:59 GMT
Connection: keep-alive
Content-Length: 28
x-amz-id-2: ndfEzten1N64dw5NfENogd8mSR0b0PUwYfTgVI5WQuEPATil0hPTBI6J/BFyg/IQkj2M1U/eRoA=
Last-Modified: Fri, 03 Jan 2020 20:26:00 GMT
Server: AmazonS3
ETag: "5816cced8568d223aa09d889f300692b"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Sat, 04 Jan 2020 03:57:59 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2

200

/ Show response
d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/GYKIC6XRBVAZFHHGCZVSTM?_s=10795833919da05cb54f405367701fd7&_b=2
https://d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM/?_s=10795833919da05cb54f405367701fd7&_b=2

115 B
583 B

38ms
37ms

Script
application/javascript

3.248.28.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM/?_s=10795833919da05cb54f405367701fd7&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 88abc59fee4d6efb376d4f04f4c5d2461dccd063a11cf1ca399a907df6d62d0b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:57:59 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 115

Redirect headers

status: 302
date: Sat, 04 Jan 2020 03:57:59 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM/?_s=10795833919da05cb54f405367701fd7&_b=2

GET
H/1.1

200
OK

FAMX2Q6M6VHQDAOB75DEFM.js Show response
s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/
Redirect Chain

https://d.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&pv=37833219799.154175&cookie=&adroll_s_ref=&keyw=&arrfrr=...
https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js

11 KB
4 KB

243ms
217ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b3f3920c61e817825daea23e6cf86053d84ec62200b7744c4e38a6e5180fc8bc

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: TJ.FU3mPx0oBVYCvKmP.oqNyh4eGN0v9
Content-Encoding: gzip
x-amz-request-id: 1BA48DF15A6FBB11
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sat, 04 Jan 2020 03:57:59 GMT
Connection: keep-alive
Content-Length: 3488
x-amz-id-2: gvlNF4odA1mCrx2hucCFwGnMZeeD/u/O6Nv2/BuRKUgGVX/FrSFErKinHyrNwB3GC9BIWPcI1c0=
Last-Modified: Thu, 12 Dec 2019 19:15:56 GMT
Server: AmazonS3
ETag: "4a85a35ab0b2b6c5d5b77f2113990d12"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Sat, 04 Jan 2020 03:57:59 GMT
x-segment-display-name
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.16.1
x-rule: */tl900*
x-segment-eid: FAMX2Q6M6VHQDAOB75DEFM
location: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: IDGHOAWM3RCVRD6E2YMDXN
x-segment-name: 548a42e1
x-advertisable-eid: GYKIC6XRBVAZFHHGCZVSTM
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 25ms
25ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: YWF67j5pF9q6SkyswC7vAoPjAu0aQ3B8
Content-Encoding: gzip
x-amz-request-id: C47777B8149E5E76
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sat, 04 Jan 2020 03:57:59 GMT
Connection: keep-alive
Content-Length: 2039
x-amz-id-2: 8UpWPUIeVQKZzFqblz9wIUKZ8QeyTj7KI4DtRvtcie9K6XAmw9BlwwEAwH5IwK3OdnbVGAZ+v1g=
Last-Modified: Thu, 19 Dec 2019 18:38:00 GMT
Server: AmazonS3
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 1516295368673519 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 89ms
89ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1516295368673519?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

463f145c9d00c2e08af55370a2b92ed23892cdb051cc832859f6162aaa5d53c4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: LVlpJ2PUmgKhaR2TVnjSMYOCkldGQ+Bj2dYazGFmpBWweBUggl2fuODCjRMzueqof3+kDtm6E8gM/frCsdJR1Q==
x-fb-trip-id: 1850256238
date: Sat, 04 Jan 2020 03:57:59 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://pixel.advertising.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP661173d9-2ea6-11ea-99a2-02...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP661173d9-2ea6-11ea-99a2-02...

0
503 B

26ms
26ms

Image
text/plain

52.29.177.239
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP661173d9-2ea6-11ea-99a2-027db0eae83a&verify=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.177.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-29-177-239.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 04 Jan 2020 03:58:00 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 04 Jan 2020 03:58:00 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP661173d9-2ea6-11ea-99a2-027db0eae83a&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expiration=1609646279
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expiration=1609646279&C=1

43 B
897 B

74ms
73ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expiration=1609646279&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jan 2020 03:58:00 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Jan 2020 03:58:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Jan 2020 03:58:00 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expiration=1609646279&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Sat, 04 Jan 2020 03:58:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expires=365

0
239 B

164ms
28ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:57:59 GMT
server: nginx/1.16.1
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&expires=365
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H2

200

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&rdrctExp=true

0
356 B

144ms
144ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&rdrctExp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:58:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe2
x-traceid: 8bdc4d0c82b6da9ef55103524d49c276
x-timer: S1578110280.168594,VS0,VE111
x-cache: MISS, MISS
status: 200
backend-ip: 157.52.75.25
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-mdw17325-MDW, cache-hhn4079-HHN

Redirect headers

date: Sat, 04 Jan 2020 03:58:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe2
x-traceid: de52a9997d7e58c2c17bae9cbb1ef20a
x-timer: S1578110280.021016,VS0,VE108
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&rdrctExp=true
x-cache: MISS, MISS
status: 302
backend-ip: 157.52.75.20
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-mdw17320-MDW, cache-hhn4079-HHN

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
862 B

103ms
31ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jan 2020 03:58:00 GMT
X-lat: Pug22023:0:397
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:57:59 GMT
server: nginx/1.16.1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
499 B

50ms
50ms

Image
image/gif

3.248.28.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

Date: Sat, 04 Jan 2020 03:58:00 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

0
211 B

45ms
43ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sat, 04 Jan 2020 03:58:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1578110280.140747,VS0,VE8
x-served-by: cache-hhn4079-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: nginx/1.16.1
location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://eb2.3lift.com/xuid?mid=4714&xuid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&dongle=c85e&gdpr=1&cmp_cs=

37 B
334 B

24ms
24ms

Image
image/gif

35.158.40.121
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.40.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-40-121.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 04 Jan 2020 03:58:00 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Sat, 04 Jan 2020 03:58:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://d.adroll.com/fb/tr/?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[a...
https://www.facebook.com/tr/?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[...

44 B
100 B

6ms
6ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&cd[external_id]=N_t9Kf_ZlV0loNINHkwiJA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:58:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 04 Jan 2020 03:58:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: nginx/1.16.1
location: https://www.facebook.com/tr/?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&cd[external_id]=N_t9Kf_ZlV0loNINHkwiJA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 313

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://x.bidswitch.net/sync?dsp_id=44&user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

43 B
378 B

25ms
25ms

Image
image/gif

35.157.10.253
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.10.253 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-10-253.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 04 Jan 2020 03:58:00 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sat, 04 Jan 2020 03:58:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://ib.adnxs.com/setuid?entity=172&code=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

43 B
874 B

65ms
19ms

Image
image/gif

185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Jan 2020 03:58:02 GMT
AN-X-Request-Uuid: c518cc9c-2a73-4612-8c3a-73c6f8d1a65e
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.102.19.134; 82.102.19.134; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.26:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: nginx/1.16.1
location: https://ib.adnxs.com/setuid?entity=172&code=MzdmYjdkMjlmZmQ5OTU1ZDI1YTBkMjBkMWU0YzIyMjQ
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://idsync.rlcdn.com/377928.gif?partner_uid=37fb7d29ffd9955d25a0d20d1e4c2224

0
62 B

163ms
122ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=37fb7d29ffd9955d25a0d20d1e4c2224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Sat, 04 Jan 2020 03:58:00 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: nginx/1.16.1
location: https://idsync.rlcdn.com/377928.gif?partner_uid=37fb7d29ffd9955d25a0d20d1e4c2224
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://us-u.openx.net/w/1.0/sd?id=537103138&val=37fb7d29ffd9955d25a0d20d1e4c2224
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=37fb7d29ffd9955d25a0d20d1e4c2224

43 B
183 B

27ms
26ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=37fb7d29ffd9955d25a0d20d1e4c2224
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.173.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
via: 1.1 google
server: OXGW/16.173.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 04 Jan 2020 03:58:00 GMT
via: 1.1 google
server: OXGW/16.173.0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=37fb7d29ffd9955d25a0d20d1e4c2224
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=d6a2b897b76659e9a28707c7b4edefd8-1578110279592&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=N_t9Kf_ZlV0loNINHkwiJA
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=N_t9Kf_ZlV0loNINHkwiJA&google_tc=
https://d.adroll.com/cm/g/in

42 B
535 B

37ms
37ms

Image
image/gif

3.248.28.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 04 Jan 2020 03:58:00 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1516295368673519&ev=PageView&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D161589%26s5%3D%26s3%3D10683078%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1578110280014&cd[segment_eid]=FAMX2Q6M6VHQDAOB75DEFM&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=29&fbp=fb.1.1578110278009.1664874404&it=1578110277879&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=161589&s5=&s3=10683078&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Jan 2020 03:58:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sat, 04 Jan 2020 03:58:00 GMT

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.primitivesurvivors.org/	1970-01-19 06:23:16	Name: _gid Value: GA1.2.1989547642.1578110279
.primitivesurvivors.org/	1970-01-19 23:53:02	Name: _ga Value: GA1.2.1754063181.1578110279
.primitivesurvivors.org/	1970-01-19 08:31:26	Name: _fbp Value: fb.1.1578110278009.1664874404
primitivesurvivors.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8248e0ceb86156471ec2f62be74851ec
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s5 Value:
primitivesurvivors.org/tl900/11	1970-01-19 06:22:33	Name: uniq-nodo-8397828 Value: x
.primitivesurvivors.org/	1970-01-19 07:05:02	Name: __cfduid Value: d46f867cf0e17cee791baca29976522311578110277
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: pop Value: off
primitivesurvivors.org/tl900/11	1970-01-19 15:07:26	Name: addevent_track_cookie Value: e2710546-799b-4dd8-10a7-a97d4002f28b
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s3 Value: 10683078
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s1 Value: 24
.facebook.com/	1970-01-19 08:31:26	Name: fr Value: 0LcRMpPkwBgTKpHew..BeEA1G...1.0.BeEA1G.
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s4 Value:
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s2 Value: 161589
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: cs Value: 24-1
.primitivesurvivors.org/	1970-01-19 06:21:50	Name: _gat Value: 1
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: affId Value: 065D4A35

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 5) Message: Custom Snippets Loaded
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 32) Message: Pop Up Modal Disabled
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 104) Message: Custom Code Loaded #24-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
blu145.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
globenation.net
ib.adnxs.com
idsync.rlcdn.com
outpostnine5.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
primitivesurvivors.org
s.adroll.com
s.yimg.com
s.ytimg.com
simage2.pubmatic.com
staticxx.facebook.com
stats.g.doubleclick.net
sync.outbrain.com
syndication.twitter.com
track.addevent.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.fopiwino.com
www.google-analytics.com
www.google.com
www.google.de
www.hdlmptctl900.us
www.youtube.com
x.bidswitch.net
104.244.42.72
149.56.6.63
151.101.114.2
151.101.12.157
172.217.16.162
185.33.223.197
185.64.189.110
2.18.233.40
2.18.234.21
2606:4700:20::6818:e6b
2606:4700:30::6812:34c8
2606:4700:30::681c:55
2a00:1288:110:c305::9000
2a00:1288:f03d:1fa::2000
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:817::2003
2a00:1450:4001:820::2004
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.28.111
34.223.165.208
34.95.120.147
35.156.98.228
35.157.10.253
35.158.40.121
35.190.72.21
52.210.230.50
52.29.177.239
54.148.119.29
69.173.144.136
024cd1744447adc009673e6162121bd850503fd58932ffad0b73a3d426f44841
0273caa4ae43b1d4cb95e3e204c02146c5e25af06057f90f71db1150cd66e203
04f4ae45c416f3cae99c9092537f549e56653297e79cea04501e0ebed1e9bd1c
070c462387ca7edfff45b5f687936e83936c032d8f41afff5a88143446419480
0e97ff9485834e2d01d61f33fe17566489e9c8e3aaea2fb8b29031a927de04d7
10bdeb0242f97e5483f914eb5b752df183725a366af8f0c9ba8bb645586006ff
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1bb13b0ae34ab1f7dff4fcfc79187f338f85d6a7a61969f483a1c8084064a537
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
336fcbed0b5b1a5c63e555efb1170170cf3a17ea6db699d15415d91930cdc0bd
41169675c092f84afb7c56b104f6e631bef24ddb5446326847df58cf9a29ec62
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463f145c9d00c2e08af55370a2b92ed23892cdb051cc832859f6162aaa5d53c4
46591debdbac746096895e17605faee023954bf033c18dfc7a349056e32d8c92
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516c7eb9a1b4a829f30052828d4e12000560c5114fa07b5dd823aaeb4793cccf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
66f84f4427e998b11e18c08b994cb8f7d932b638feeb25645d6547f91eefed22
73b5bdc221f51188cd5c216018126d5685f5b8de0767b06f6b31ea2b68dcea7e
73d336858203d04f4d1e402e0cb8a450ed8b4b48a95c8c23b1f95fbdc06b9d28
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
82340800cd760a12a655d91f5f9a31aca3043df2de74eb8b724b937a8fe9664f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8788a53e1f7c3d009811faac4bf6f61e5bf12bfcf713025818b81875cfd769ff
88abc59fee4d6efb376d4f04f4c5d2461dccd063a11cf1ca399a907df6d62d0b
89a4c7a1148a8b64ac46e8ef4c3a0e5a343d4aa01a4c97400ca099b6fd0c5d4b
8a1503a6be3910d5f7030723273f4c1d114995b1885cbce2e58b1a1fb8b61337
a08eac26f4f8eb8cf4ff8de77487af119b1449bfa547ff86a46451e014b02320
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f3920c61e817825daea23e6cf86053d84ec62200b7744c4e38a6e5180fc8bc
baad68c835ebeb6bb1c72f6cd8a86d482e1a6f5c050fcf18e80d21b8e6596aeb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6fc782c0d4686eb82136912f17a5de08ef8a8cb1e9da93c1f315eaa832db7f
ca9c042a373085a520d831dc9ad0239a3543f1be3f822680dcb2650ac4a06905
cec3eae9dd4755cfc98d4c7f0bc94c542f49fe1208d2abf1bffc414580c9cb32
d50fb038a77f7d6cd85aaa4923a370dc5122e9f2f17d0f61ad8370ee1d3e803a
dba7688c6781687a0560056511cec478e3310f55f1ad2795c462771912746f9e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dca9c8dad78915319584a0b6f8734523de68fde1408fbeb48591abd36bc49982
dfe2f38e5f729677625985e4826e7bbb25de05695ae7be5394c3015c46d9f3ae
e0bcc49581e06a4877102e5a6ea47f090d937af5efbe68ee42060578090be8b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f35f38ed0da3018adc2ee9637b77e37ac57fa713456ef14c07e91e04da76a
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fca2a42ad46cb3c74ce4616f3b80b0ab47921e751de00abe4349dd56605c3168
ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

primitivesurvivors.org Open in urlscan Pro 2606:4700:20::6818:e6b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

43 %IPv6

33 Domains

38 Subdomains

26 IPs

8 Countries

1449 kBTransfer

3400 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

primitivesurvivors.org Open in urlscan Pro
2606:4700:20::6818:e6b Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

43 %
IPv6

33
Domains

38
Subdomains

26
IPs

8
Countries

1449 kB
Transfer

3400 kB
Size

17
Cookies

68 HTTP transactions
0 data transactions