primitivesurvivors.org Open in urlscan Pro
2606:4700:20::6818:e6b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ife.panicrefe.com/e2X6yEqiD_GMPNFnm0YyyaJOWhngTHr17O_LEYWBdlFO8OoOKothnyywmLgEAce1HGh8dr6u5FqIY4GYl99mX6Q0SI0Gwlpl...
Effective URL:
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Submission: On November 09 via api (November 9th 2019, 5:30:08 am UTC) from BE

Summary HTTP 67 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 31 domains to perform 67 HTTP transactions. The main IP is 2606:4700:20::6818:e6b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is primitivesurvivors.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 7th 2019. Valid for: 6 months.

This is the only time primitivesurvivors.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::6818:7a1f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	89.46.100.124 89.46.100.124	9009 (M247) (M247)
1 1	54.68.175.98 54.68.175.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	54.148.113.91 54.148.113.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
22	2606:4700:20:... 2606:4700:20::6818:e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:30:... 2606:4700:30::681c:155	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.194.142.16 54.194.142.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 5	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
15 18	54.72.102.227 54.72.102.227	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.156.24.221 35.156.24.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.58.41.129 52.58.41.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 3	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 1	2a00:1288:110... 2a00:1288:110:c305::a000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	52.58.86.83 52.58.86.83	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.59.140.41 52.59.140.41	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
67	25

1 2606:4700:30::6818:7a1f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ife.panicrefe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.46.100.124 (Romania) 1 redirects

ASN9009 (M247, GB)
PTR: hxy.newself-improvement.pw

www.elliornic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.175.98 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-68-175-98.us-west-2.compute.amazonaws.com

blu145.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.113.91 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-113-91.us-west-2.compute.amazonaws.com

outpostnine5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::6818:e6b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

primitivesurvivors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:155 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

globenation.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.142.16 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-142-16.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.72.102.227 (Dublin, Ireland) 15 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-102-227.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.24.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-24-221.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.41.129 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-41-129.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::a000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.86.83 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-86-83.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.140.41 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-140-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	adroll.com 16 redirects s.adroll.com d.adroll.com	28 KB
22	primitivesurvivors.org primitivesurvivors.org	978 KB
6	facebook.com www.facebook.com staticxx.facebook.com	905 B
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
5	facebook.net connect.facebook.net	237 KB
3	yahoo.com 2 redirects ups.analytics.yahoo.com ads.yahoo.com	1 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	bidswitch.net 1 redirects x.bidswitch.net	913 B
2	3lift.com 1 redirects eb2.3lift.com	694 B
2	outbrain.com 1 redirects sync.outbrain.com	657 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	721 B
2	google.com 1 redirects www.google.com	338 B
2	yimg.com s.yimg.com	6 KB
2	globenation.net globenation.net	36 KB
1	rlcdn.com idsync.rlcdn.com	62 B
1	adnxs.com ib.adnxs.com	875 B
1	taboola.com trc.taboola.com	276 B
1	pubmatic.com simage2.pubmatic.com	862 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	addevent.com track.addevent.com
1	youtube.com 1 redirects www.youtube.com	438 B
1	google.de www.google.de	109 B
1	gstatic.com fonts.gstatic.com	25 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	outpostnine5.com 1 redirects outpostnine5.com	762 B
1	blu145.com 1 redirects blu145.com	326 B
1	elliornic.com 1 redirects www.elliornic.com	375 B
1	panicrefe.com 1 redirects ife.panicrefe.com	669 B
67	31

	Domain	Requested by
22	primitivesurvivors.org	primitivesurvivors.org
18	d.adroll.com	15 redirects s.adroll.com
5	s.adroll.com	1 redirects primitivesurvivors.org s.adroll.com
5	www.facebook.com	primitivesurvivors.org connect.facebook.net
5	connect.facebook.net	primitivesurvivors.org connect.facebook.net
4	platform.twitter.com	primitivesurvivors.org platform.twitter.com
3	www.google-analytics.com	1 redirects primitivesurvivors.org
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	www.google.com	1 redirects primitivesurvivors.org
2	s.yimg.com	primitivesurvivors.org s.yimg.com
2	globenation.net	primitivesurvivors.org
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	ads.yahoo.com	1 redirects
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	syndication.twitter.com	primitivesurvivors.org
1	track.addevent.com	primitivesurvivors.org
1	www.youtube.com	1 redirects
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	primitivesurvivors.org
1	stats.g.doubleclick.net	1 redirects
1	fonts.gstatic.com	primitivesurvivors.org
1	fonts.googleapis.com	primitivesurvivors.org
1	outpostnine5.com	1 redirects
1	blu145.com	1 redirects
1	www.elliornic.com	1 redirects
1	ife.panicrefe.com	1 redirects
67	36

This site contains no links.

Subject Issuer	Validity	Valid
ssl371273.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-11-01` - `2019-12-16`	a month	crt.sh
*.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
addevent.com Amazon	`2019-04-11` - `2020-05-11`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 5 frames:

Primary Page: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Frame ID: 2C3D6248C8D4FC07008CA2B7236F5B73
Requests: 63 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 6AFEDCF92913BFE57A9B54DF7205AEB0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fprimitivesurvivors.org
Frame ID: 837A318B5A8BC1C81E6B5D2D5AE20F89
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3d95144f4f6abc%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff2c3cc5f0a028b8%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey
Frame ID: B77C8DF306D1EE9DBD3729BF99E9E335
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Frame ID: 3759D6CFACBD49D00E98CBD6B2F2A72A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ife.panicrefe.com/e2X6yEqiD_GMPNFnm0YyyaJOWhngTHr17O_LEYWBdlFO8OoOKothnyywmLgEAce1HGh8dr6u5FqI... HTTP 302
https://www.elliornic.com/eZ_i9y2mAxW9WTfhsly9KgDcQzGSkThEkv_6gHFdLWgFGZWXOS5WnET1BcFaKL-tCS-hEtxYNo8M... HTTP 302
http://blu145.com/?a=24&c=19&s1=160838&s2=515024898&s3=686f746d61696c323238305f32305f313537323... HTTP 302
http://outpostnine5.com/?a=24&c=19&s1=160838&s2=515024898&s3=686f746d61696c323238305f32305f313537323... HTTP 302
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

67
Requests

97 %
HTTPS

44 %
IPv6

31
Domains

36
Subdomains

25
IPs

7
Countries

1359 kB
Transfer

3087 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ife.panicrefe.com/e2X6yEqiD_GMPNFnm0YyyaJOWhngTHr17O_LEYWBdlFO8OoOKothnyywmLgEAce1HGh8dr6u5FqIY4GYl99mX6Q0SI0GwlplCxwmEwe_JaodcQ HTTP 302
https://www.elliornic.com/eZ_i9y2mAxW9WTfhsly9KgDcQzGSkThEkv_6gHFdLWgFGZWXOS5WnET1BcFaKL-tCS-hEtxYNo8MvpKpuRrJFA~~/686f746d61696c323238305f32305f313537323732383338362e3638/f2d382974c83caeb9134777bde73863a/30303a3239 HTTP 302
http://blu145.com/?a=24&c=19&s1=160838&s2=515024898&s3=686f746d61696c323238305f32305f313537323732383338362e3638&cs=24-1 HTTP 302
http://outpostnine5.com/?a=24&c=19&s1=160838&s2=515024898&s3=686f746d61696c323238305f32305f313537323732383338362e3638&cs=24-1&ckmguid=a1302833-b0eb-41b0-be19-0503a4c761e9 HTTP 302
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613762164&t=pageview&_s=1&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1&ul=en-us&de=UTF-8&dt=Tactical%20LED%20Headlamp%20TL900&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=2103564760&gjid=992962381&cid=622642894.1573277388&tid=UA-64827807-7&_gid=2132527864.1573277388&_r=1&z=1195597377 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_gid=2132527864.1573277388&gjid=992962381&_v=j79&z=1195597377 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_v=j79&z=1195597377 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_v=j79&z=1195597377&slf_rd=1&random=3576994886

Request Chain 39

https://www.youtube.com/iframe_api HTTP 302
https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAQT4AZJUFAAAAAAAAAACGMydme4FIhkA8aeDS-_aQNnPyWGD4pZlaewBx5StRnIlMgFy

Request Chain 46

https://s.adroll.com/j/exp/GYKIC6XRBVAZFHHGCZVSTM/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 48

https://d.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&pv=24550550388.73666&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1 HTTP 302
https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js

Request Chain 51

https://d.adroll.com/cm/aol/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf3edb426-02b1-11ea-bec1-062215f20634 HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf3edb426-02b1-11ea-bec1-062215f20634&verify=true

Request Chain 52

https://d.adroll.com/cm/index/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expiration=1604813391 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expiration=1604813391&C=1

Request Chain 53

https://d.adroll.com/cm/n/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expires=365

Request Chain 54

https://d.adroll.com/cm/outbrain/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&rdrctExp=true

Request Chain 55

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 56

https://d.adroll.com/cm/r/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 57

https://d.adroll.com/cm/taboola/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

Request Chain 58

https://d.adroll.com/cm/triplelift/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 59

https://d.adroll.com/fb/tr/?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805 HTTP 302
https://www.facebook.com/tr/?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&cd[external_id]=gCXkg8r07OoOBbp6SzwQ4w

Request Chain 60

https://d.adroll.com/cm/b/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

Request Chain 61

https://d.adroll.com/cm/x/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

Request Chain 62

https://d.adroll.com/cm/l/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=8025e483caf4ecea0e05ba7a4b3c10e3

Request Chain 63

https://d.adroll.com/cm/o/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=8025e483caf4ecea0e05ba7a4b3c10e3 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8025e483caf4ecea0e05ba7a4b3c10e3

Request Chain 64

https://d.adroll.com/cm/g/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=gCXkg8r07OoOBbp6SzwQ4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=gCXkg8r07OoOBbp6SzwQ4w&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 7ps1 Show response
primitivesurvivors.org/tl900/11/
Redirect Chain

http://ife.panicrefe.com/e2X6yEqiD_GMPNFnm0YyyaJOWhngTHr17O_LEYWBdlFO8OoOKothnyywmLgEAce1HGh8dr6u5FqIY4GYl99mX6Q0SI0GwlplCxwmEwe_JaodcQ
https://www.elliornic.com/eZ_i9y2mAxW9WTfhsly9KgDcQzGSkThEkv_6gHFdLWgFGZWXOS5WnET1BcFaKL-tCS-hEtxYNo8MvpKpuRrJFA~~/686f746d61696c323238305f32305f313537323732383338362e3638/f2d382974c83caeb9134777bd...
http://blu145.com/?a=24&c=19&s1=160838&s2=515024898&s3=686f746d61696c323238305f32305f313537323732383338362e3638&cs=24-1
http://outpostnine5.com/?a=24&c=19&s1=160838&s2=515024898&s3=686f746d61696c323238305f32305f313537323732383338362e3638&cs=24-1&ckmguid=a1302833-b0eb-41b0-be19-0503a4c761e9
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

52 KB
12 KB

637ms
569ms

Document
text/html

2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: dca9c8dad78915319584a0b6f8734523de68fde1408fbeb48591abd36bc49982

Request headers

:method: GET
:authority: primitivesurvivors.org
:scheme: https
:path: /tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Sat, 09 Nov 2019 05:29:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da4fcf9f2e94e9eb5e29dde3baafd53181573277384; expires=Sun, 08-Nov-20 05:29:44 GMT; path=/; domain=.primitivesurvivors.org; HttpOnly PHPSESSID=1b2dfa7a2f8ae77e959ed35c4ac93240; path=/
x-powered-by: PHP/5.6.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 532d64073cdf5994-VIE
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2019 05:29:44 GMT
Location: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=GYUU0TJOh1mVp1cqri0OSV3d4KPWnjPc8nPiS/r4ymfsloCiNZffjA==; domain=.outpostnine5.com; path=/; HttpOnly trk=ee98Tqy2TFbcptRdft9Rswzu1i7lvkXpmi9YMqgJZP5T3Axgpi1yXw==; domain=.outpostnine5.com; expires=Fri, 08-Nov-2024 21:29:44 GMT; path=/; HttpOnly c4=GYUU0TJOh1nZvcOYLbiJJMDWZnw2AD9IlXT/17M7E/Y=; domain=.outpostnine5.com; expires=Mon, 09-Dec-2019 05:29:44 GMT; path=/; HttpOnly
Content-Length: 256

GET
H2 200 kprofile.css
primitivesurvivors.org/tl900/11/resources/css/ 1 KB
538 B 529ms
528ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kprofile.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba7688c6781687a0560056511cec478e3310f55f1ad2795c462771912746f9e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Mar 2016 01:36:08 GMT
server: cloudflare
etag: W/"4203fc-498-52da7d6acf200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b190c5994-VIE

GET
H2 200 kform.css
primitivesurvivors.org/tl900/11/resources/css/ 7 KB
2 KB 529ms
528ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kform.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50fb038a77f7d6cd85aaa4923a370dc5122e9f2f17d0f61ad8370ee1d3e803a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 11 Mar 2016 19:02:46 GMT
server: cloudflare
etag: W/"4203fb-1c52-52dca9391c180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b190d5994-VIE

GET
H2 200 kcart.css
primitivesurvivors.org/tl900/11/resources/css/ 2 KB
802 B 530ms
529ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kcart.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08eac26f4f8eb8cf4ff8de77487af119b1449bfa547ff86a46451e014b02320

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Mar 2016 01:36:08 GMT
server: cloudflare
etag: W/"4203fa-867-52da7d6acf200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b190e5994-VIE

GET
H2 200 kvalidator.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 29 KB
7 KB 657ms
656ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/kvalidator.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46591debdbac746096895e17605faee023954bf033c18dfc7a349056e32d8c92

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Oct 2018 11:29:13 GMT
server: cloudflare
etag: W/"3c9c7c-731a-579849c9d1710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b19105994-VIE

GET
H2 200 klander.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 34 KB
7 KB 527ms
527ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/klander.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb13b0ae34ab1f7dff4fcfc79187f338f85d6a7a61969f483a1c8084064a537

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Mar 2016 17:48:47 GMT
server: cloudflare
etag: W/"42040b-8700-52e92b565bdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b19115994-VIE

GET
H2 200 kcart.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 21 KB
5 KB 654ms
654ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/kcart.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f84f4427e998b11e18c08b994cb8f7d932b638feeb25645d6547f91eefed22

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Aug 2016 17:50:57 GMT
server: cloudflare
etag: W/"42040a-5272-539a72cc54240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b19125994-VIE

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
28 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 27377
x-xss-protection: 0
pragma: public
x-fb-debug: OqPCGPfcGEd8E5A7Xizo6pp0iF+FD+ZmREwACgZEklQ6ilCGfMFHWFJy8TQ+28hBjQ/zCcwWUQTrnaJ5EplKJA==
x-fb-trip-id: 2000377899
x-frame-options: DENY
date: Sat, 09 Nov 2019 05:29:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 990036034350304 Show response
connect.facebook.net/signals/config/ 306 KB
74 KB 295ms
295ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/990036034350304?v=2.9.11&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f50e0fe480c601d2c5ae920021f2ae06429d6ae1a89eddfa7d945496e29fa1fa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: QnWIqYlzRuaHo8JU1c514DGA9+jVBf2msRv6NIobloxcfwfDrHkH6YGfnBKCyU+BVq0QA7uonpSXD9nT4ZksoQ==
x-fb-trip-id: 2000377899
x-frame-options: DENY
date: Sat, 09 Nov 2019 05:29:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lander.css
primitivesurvivors.org/assets/ 295 KB
48 KB 896ms
893ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/assets/lander.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8788a53e1f7c3d009811faac4bf6f61e5bf12bfcf713025818b81875cfd769ff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 11 Feb 2016 08:34:36 GMT
server: cloudflare
etag: W/"3c0514-49c14-52b7a6bac1f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b99865994-VIE

GET
H2 200 font-awesome.css
primitivesurvivors.org/tl900/css/ 34 KB
7 KB 2295ms
2291ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/css/font-awesome.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e97ff9485834e2d01d61f33fe17566489e9c8e3aaea2fb8b29031a927de04d7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 13 May 2016 14:08:45 GMT
server: cloudflare
etag: W/"4207b4-88a8-532b9d0161540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b998b5994-VIE

GET
H2 200 css
fonts.googleapis.com/ 43 KB
2 KB 25ms
22ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

824d86c986f37f5a31a31af28b48b35b709229132e161d7d080c9ca03aa176c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 09 Nov 2019 05:29:45 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 09 Nov 2019 05:29:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sat, 09 Nov 2019 05:29:45 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
primitivesurvivors.org/tl900/js/ 94 KB
32 KB 900ms
897ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/js/jquery-1.11.2.min.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 May 2015 04:53:52 GMT
server: cloudflare
etag: W/"4203ce-176bf-5170907873800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b998d5994-VIE

GET
H2 200 session.js Show response
primitivesurvivors.org/tl900/11/ 332 B
315 B 2399ms
2397ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/session.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca2a42ad46cb3c74ce4616f3b80b0ab47921e751de00abe4349dd56605c3168

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:47 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Mar 2019 18:19:57 GMT
server: cloudflare
etag: W/"420422-14c-584b2e6f38f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b998e5994-VIE

GET
H2 200 cs.js Show response
primitivesurvivors.org/affiliateCustom/ 4 KB
1 KB 1381ms
1379ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/affiliateCustom/cs.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d336858203d04f4d1e402e0cb8a450ed8b4b48a95c8c23b1f95fbdc06b9d28

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Mar 2017 18:18:30 GMT
server: cloudflare
etag: W/"4a06cd-eb7-54a2809f8c980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640b998f5994-VIE

GET
H2 200 closemodal.png
primitivesurvivors.org/tl900/images/ 2 KB
2 KB 3396ms
3395ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/closemodal.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc6fc782c0d4686eb82136912f17a5de08ef8a8cb1e9da93c1f315eaa832db7f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:48 GMT
cf-cache-status: MISS
last-modified: Wed, 04 Nov 2015 23:41:16 GMT
server: cloudflare
etag: "4204f8-972-523bf8be01f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 532d640b99905994-VIE
content-length: 2418

GET
H2 200 globenation-logo.png
primitivesurvivors.org/tl900/images/ 23 KB
23 KB 1116ms
1109ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/globenation-logo.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0bcc49581e06a4877102e5a6ea47f090d937af5efbe68ee42060578090be8b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:49 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Feb 2016 08:25:02 GMT
server: cloudflare
etag: "420507-5c68-52b7a49759380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 532d641aa9615994-VIE
content-length: 23656

GET
H2 200 northwest-night-beam_h.jpg
primitivesurvivors.org/tl900/images/ 201 KB
202 KB 2471ms
2464ms Image
image/jpeg 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/northwest-night-beam_h.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b5bdc221f51188cd5c216018126d5685f5b8de0767b06f6b31ea2b68dcea7e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:50 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Apr 2016 16:55:03 GMT
server: cloudflare
etag: "420ba6-3258c-53060a39507c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 532d641aa9665994-VIE
content-length: 206220

GET
H2 200 TL900Headlamp.png
primitivesurvivors.org/tl900/images/ 237 KB
237 KB 999ms
992ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/TL900Headlamp.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35f35f38ed0da3018adc2ee9637b77e37ac57fa713456ef14c07e91e04da76a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:48 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Feb 2017 18:50:46 GMT
server: cloudflare
etag: "420520-3b321-5490edb968d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 532d641aa9685994-VIE
content-length: 242465

GET
H2 200 tltweet.jpg
primitivesurvivors.org/tl900/images/ 61 KB
62 KB 2428ms
2422ms Image
image/jpeg 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/tltweet.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82340800cd760a12a655d91f5f9a31aca3043df2de74eb8b724b937a8fe9664f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:50 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Apr 2016 16:56:28 GMT
server: cloudflare
etag: "420ba8-f5ce-53060a8a60700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 532d641aa96a5994-VIE
content-length: 62926

GET
H/1.1 200
OK g700-tactical-flashlight-blinding-a-beer.jpg
globenation.net/wp-content/uploads/2015/11/ 20 KB
21 KB 2895ms
2855ms Image
image/jpeg 2606:4700:30::681c:155
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://globenation.net/wp-content/uploads/2015/11/g700-tactical-flashlight-blinding-a-beer.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:155 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9c042a373085a520d831dc9ad0239a3543f1be3f822680dcb2650ac4a06905

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 05:29:50 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Nov 2015 07:11:41 GMT
Server: cloudflare
ETag: "2e0b7f-507d-52466c56be540"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: private, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 532d641aea645a18-VIE
Content-Length: 20605

GET
H/1.1 200
OK flashlight-for-nightime.jpg
globenation.net/wp-content/uploads/2015/11/ 15 KB
15 KB 1926ms
1886ms Image
image/jpeg 2606:4700:30::681c:155
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://globenation.net/wp-content/uploads/2015/11/flashlight-for-nightime.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:155 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516c7eb9a1b4a829f30052828d4e12000560c5114fa07b5dd823aaeb4793cccf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 05:29:49 GMT
CF-Cache-Status: MISS
Last-Modified: Fri, 13 Nov 2015 07:11:43 GMT
Server: cloudflare
ETag: "2e0b7d-3ab8-52466c58a69c0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: private, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 532d641ae855cbac-VIE
Content-Length: 15032

GET
H2 200 tl900video.png
primitivesurvivors.org/tl900/images/ 107 KB
107 KB 1364ms
1359ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/tl900video.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41169675c092f84afb7c56b104f6e631bef24ddb5446326847df58cf9a29ec62

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:49 GMT
cf-cache-status: MISS
last-modified: Wed, 13 Apr 2016 16:56:44 GMT
server: cloudflare
etag: "420ba7-1aa4c-53060a99a2b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 532d641aa96c5994-VIE
content-length: 109132

GET
H2 200 lander.js Show response
primitivesurvivors.org/assets/ 565 KB
156 KB 2582ms
2581ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/assets/lander.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a4c7a1148a8b64ac46e8ef4c3a0e5a343d4aa01a4c97400ca099b6fd0c5d4b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Mar 2016 01:49:08 GMT
server: cloudflare
etag: W/"3c0940-8d301-52d07166fcd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=14400
cf-ray: 532d640d7b905994-VIE

GET
H2 200 /
www.facebook.com/tr/ 44 B
359 B 29ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990036034350304&ev=PageView&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1573277385855&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=30&fbp=fb.1.1573277385854.1794790424&it=1573277385493&coo=false&rqm=GET

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 05:29:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3370
date: Sat, 09 Nov 2019 04:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 09 Nov 2019 06:33:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
211 B 29ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990036034350304&ev=Microdata&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1573277386360&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22meta%3Adescription%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22meta%3Akeywords%22%3A%22Tactical%2C%20LED%2C%20Headlamp%2C%20TL900%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22..%2Fimages%2FTL900Headlamp.png%22%2C%22og%3Atitle%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22og%3Adescription%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.11&r=stable&ec=1&o=30&fbp=fb.1.1573277385854.1794790424&it=1573277385493&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 05:29:47 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 51ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: A49770777E479DE7
x-amz-id-2: 1VmvziebzMHi6as9PdsVBL2vP1remx7sB4CgzuMSwXALnQVN2zZLQlRKP1tB611+G5Okak4EZdU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4da7d1c528cd355156f4ea164027dfccec203df551b4531b8d07552d49bc5ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Rpr/3Xd7BFzK7dWAKCF1TA==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 1778
etag: "b5c4d7eaf42c9746b7fa78e10b9e7145"
x-fb-debug: +fpooQnF3olVhl0Nb1YtNpQJbj4u/MaaWFMoxeMs4HCmUYrjTdOu6Im/YkAOEgJBaMbXvuzxR8sqm4zZnHhCfw==
x-fb-trip-id: 2000377899
x-fb-content-md5: 63ba02c47dbce5b3bd70ed75d906de56
x-frame-options: DENY
date: Sat, 09 Nov 2019 05:29:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Nov 2019 05:38:23 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v29/ 25 KB
25 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v29/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open%20Sans:400,700|Oswald:400,700|Droid%20Sans:400,700|Roboto:400,700|Lato:400,700|PT%20Sans:400,700|Source%20Sans%20Pro:400,700|Noto%20Sans:400,700|PT%20Sans:400,700|Ubuntu:400,700|Bitter:400,700|PT%20Serif:400,700|Rokkitt:400,700|Droid%20Serif:400,700|Raleway:400,700|Inconsolata:400,700
Origin: https://primitivesurvivors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Tue, 29 Oct 2019 23:24:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 23:06:58 GMT
server: sffe
age: 885912
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25376
x-xss-protection: 0
expires: Wed, 28 Oct 2020 23:24:35 GMT

GET
H2 200 fontawesome-webfont.woff2
primitivesurvivors.org/tl900/fonts/ 65 KB
65 KB 2404ms
2401ms Font
application/octet-stream 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Sec-Fetch-Mode: cors
Referer: https://primitivesurvivors.org/tl900/css/font-awesome.css
Origin: https://primitivesurvivors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2016 22:45:38 GMT
server: cloudflare
etag: W/"4203c4-10440-52d7d393cc880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: private, max-age=14400
cf-ray: 532d641ad97e5994-VIE

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 26ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash: f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 05:29:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 23:03:20 GMT
Server: ECS (fcn/40B4)
Etag: "dbb5834a50c19a7a8e3ad3ae8f1c1329+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28705

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1613762164&t=pageview&_s=1&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_gid=2132527864.1573277388&gjid=992962381&_v=j79&z=1195597377
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_v=j79&z=1195597377
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_v=j79&z=1195597377&slf_rd=1&random=3576994886

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_v=j79&z=1195597377&slf_rd=1&random=3576994886

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=622642894.1573277388&jid=2103564760&_v=j79&z=1195597377&slf_rd=1&random=3576994886
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bf58f4a3f2ea68dc5bff85ec2c4c7f1b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5580d067f51d4ed2802c3e132a6d88d05e52a8b9fb52f2952d376a983f6b4a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: m3cwTy5hsQ/YDkpSgBSawQ==
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 59569
etag: "4f20a732ff24bc93b9bc2c6342006670"
x-fb-debug: 9kQdOug0OQcXAKNJ+zWSDTgqmeyf/VQDorzLvUJWrr4OTPX/LmbuaCOm4O0CrF+tyP9z3cIy254eFuLwpIo5oQ==
x-fb-trip-id: 365799557
x-fb-content-md5: 28d60fa36fbca15d0af3121483752e92
x-frame-options: DENY
date: Sat, 09 Nov 2019 05:29:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sun, 08 Nov 2020 05:04:21 GMT

GET
H2 200 435582.json Show response
s.yimg.com/wi/config/ 2 B
481 B 239ms
215ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/435582.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 4CA2FBA1A112C354
x-amz-id-2: 9Yu31Fl0bwT03Cbr+FERSbA+bwPdvmvbMG0CwXbgXI7cE+dCtbMMGxslwPCWn07U6XzxDgPg6eM=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 6AFE 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bf58f4a3f2ea68dc5bff85ec2c4c7f1b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
cookie: fr=0roJ9gn1mYq5u1LGn..Bdxk7L...1.0.Bdxk7L.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 07 Nov 2020 22:58:20 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 6hv/yTYaReepDpwJ8SGvuGNt9zslnsK0Eoyte/QHK8CX73eCuuvdzkyioov2HetLQIOsoAfpwKyJFZ9+0UvriQ==
content-length: 12378
x-fb-trip-id: 2000377899
date: Sat, 09 Nov 2019 05:29:48 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2 200 __utm.gif
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=primitivesurvivors.org&utmsr=1600x1200&utmul=en-us&utmr=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1&utmp=primitivesurvivors.org%2Ftl900%2F11%2F7ps1&utmcc=__utma%3D1.9670681153.1.1.1.1%3B&utme=8(vjsv)9(v4.11.4)

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Oct 2019 16:33:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 824188
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24-1.php Show response
primitivesurvivors.org/affiliateCustom/ 1 KB
833 B 204ms
204ms XHR
text/html 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/affiliateCustom/24-1.php?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1&rand=1573277388.94
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/assets/lander.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: cec3eae9dd4755cfc98d4c7f0bc94c542f49fe1208d2abf1bffc414580c9cb32

Request headers

Accept: */*
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Nov 2019 05:29:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 532d6420eb6c5994-VIE

GET
H/1.1 200
OK widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame 837A 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=https%3A%2F%2Fprimitivesurvivors.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4190) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2019 05:29:48 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Tue, 22 Oct 2019 22:27:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4190)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 share_button.php
www.facebook.com/v2.6/plugins/ Frame B77C 0
0 154ms
154ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3d95144f4f6abc%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff2c3cc5f0a028b8%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bf58f4a3f2ea68dc5bff85ec2c4c7f1b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3d95144f4f6abc%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff2c3cc5f0a028b8%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.11
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: I0KYzEk1vKqmrFWCrTuKVXfKtaPvx7Zphxj42BMGYD3U5m68+BcLOGdSeW+9qlT31oblu6SwPtJQokTt2vxcrg==
date: Sat, 09 Nov 2019 05:29:49 GMT
alt-svc: h3-23=":443"; ma=3600

GET
H2

429

index
www.google.com/sorry/
Redirect Chain

https://www.youtube.com/iframe_api
https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAQT4AZJUFAAAAAAAAAACGMydme4FIhkA8aeDS-_aQNnPyWGD4pZlaewBx5StRnIlMgFy

0
0

13ms
12ms

Script
text/html

2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAQT4AZJUFAAAAAAAAAACGMydme4FIhkA8aeDS-_aQNnPyWGD4pZlaewBx5StRnIlMgFy
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:49 GMT
server: HTTP server (unknown)
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.com/sorry/index?continue=https://www.youtube.com/iframe_api&q=EhAqAQT4AZJUFAAAAAAAAAACGMydme4FIhkA8aeDS-_aQNnPyWGD4pZlaewBx5StRnIlMgFy
cache-control: no-store, no-cache, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 140ms
27ms Image
text/html 54.194.142.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=0690cfbd-0985-43e2-76a8-a2d5bcd7ed19&url=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1&cache=1573277388979
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.142.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-142-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H/1.1 200
OK button.d941c9a422e2e3faf474b82a1f39e936.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.d941c9a422e2e3faf474b82a1f39e936.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 05:29:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Oct 2019 22:27:16 GMT
Server: ECS (fcn/4188)
Etag: "89c7a09d87bdc0f1b87105d8f841b83e+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H/1.1 200
OK tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
platform.twitter.com/widgets/ Frame 3759 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2d991e3dfc9abb2549972ce8b64c5d85.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2019 05:29:49 GMT
Etag: "9850897fbd5e30929f1e073621f9d7ca+gzip"
Last-Modified: Tue, 22 Oct 2019 22:27:22 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4185)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12256

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 116ms
115ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1573277389150%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%223541749%3A1571780739496%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Sat, 09 Nov 2019 05:29:49 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 769d65b1fa02f4b3dcd5dd0a136cebe1
x-transaction: 00281bb100b17730
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 async.php Show response
primitivesurvivors.org/tl900/11/resources/ 68 B
275 B 1452ms
1451ms XHR
text/html 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/async.php
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/resources/js/klander.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: b4e8e7c614ca82dfe42171a02ff5aecb3903a8ab99782c69bc7c991a1dc49129

Request headers

Sec-Fetch-Mode: cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 532d642ccf275994-VIE
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 33 KB
11 KB 11ms
11ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 45427ffe827afaf27a56b280cfa901b8228d17adb6e9916cd65e484bae35289c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: MKHlo7aDBLVtPrgSDWVQuEW7faFu6hz6
Content-Encoding: gzip
ETag: "39816173c27b8eb807912fbb168fa35f"
x-amz-request-id: B2D9C932C71A00CA
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10534
x-amz-id-2: aPgzyR9AnXcCMGnnGPd1Dm/TLpOXRE0QQQiP8/5QnepiuYw4fDJ4kSxkGJ9pJxPZtyB9DCqrKjk=
Last-Modified: Thu, 07 Nov 2019 17:09:53 GMT
Server: AmazonS3
Date: Sat, 09 Nov 2019 05:29:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/GYKIC6XRBVAZFHHGCZVSTM/index.js
https://s.adroll.com/j/exp/index.js

28 B
680 B

33ms
32ms

Script
application/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: 6x4BdWVghHjhZLxtZYI8Zg378dv__SgQ
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: E86351EC60AAE435
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 28
x-amz-id-2: FryevkimJpkc4E5cg9yE0V7OmTPYuO3MTaHfy0Q3uyP4GKF2ExJh7IJty10qi4MdM6sxdCbARCM=
Last-Modified: Thu, 07 Nov 2019 20:11:45 GMT
Server: AmazonS3
Date: Sat, 09 Nov 2019 05:29:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Sat, 09 Nov 2019 05:29:51 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2 200 GYKIC6XRBVAZFHHGCZVSTM Show response
d.adroll.com/consent/check/ 88 B
553 B 106ms
33ms Script
application/javascript 54.72.102.227
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM?_s=2d6caeede23966f51261f9a7bd13058e&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.102.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-102-227.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: fe2d738d3ddec5704a5f322c4866d5104e389a6e65464ab3862748b23df3e31c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: application/javascript
content-length: 88

GET
H/1.1

200
OK

FAMX2Q6M6VHQDAOB75DEFM.js Show response
s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/
Redirect Chain

https://d.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&pv=24550550388.73666&cookie=&adroll_s_ref=&keyw=&arrfrr=h...
https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js

11 KB
4 KB

187ms
186ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b3f3920c61e817825daea23e6cf86053d84ec62200b7744c4e38a6e5180fc8bc

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: m_MDYZon.hb10Y4rf2l4M.yoCT2JPwy0
Content-Encoding: gzip
ETag: "4a85a35ab0b2b6c5d5b77f2113990d12"
x-amz-request-id: 990C49AD504EEF93
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3488
x-amz-id-2: qWHczE2ccboNKbM/ZeomR6HgXgENy4iq1NzkcHw6o/8q3QDDuGvbqRWMmBLH7HZHusOCE7SlKxo=
Last-Modified: Wed, 23 Oct 2019 22:57:51 GMT
Server: AmazonS3
Date: Sat, 09 Nov 2019 05:29:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

date: Sat, 09 Nov 2019 05:29:51 GMT
x-segment-display-name
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 302
content-length: 0
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.16.1
x-rule: */tl900*
x-segment-eid: FAMX2Q6M6VHQDAOB75DEFM
location: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
cache-control: no-store, no-cache, must-revalidate
x-pixel-eid: IDGHOAWM3RCVRD6E2YMDXN
x-segment-name: 548a42e1
x-advertisable-eid: GYKIC6XRBVAZFHHGCZVSTM
x-conversion-currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 6ms
6ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: atvSN6PPtUMGdsyAD1c9U4_SrQeLKtXi
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: B58BDF719BF7CEDC
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: 5QJsdQKTXTPLSE7wmq020k3tOZSf8tzWSiI+zmfbxlNLdeBnGkq4gKwJ8fCilbMHd7Pqfs60eKU=
Last-Modified: Thu, 07 Nov 2019 19:26:29 GMT
Server: AmazonS3
Date: Sat, 09 Nov 2019 05:29:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 1516295368673519 Show response
connect.facebook.net/signals/config/ 306 KB
75 KB 104ms
104ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1516295368673519?v=2.9.11&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f65fb2a253cdc4e06983f1b678f07c4aa2e5f67019fb99a47ad8efa88a57903a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: fErmT9lKjyL5cseqWHCdGtH+cmaz+QECey+12K32r8EmvzqW6KY6e6udSg/5JgMrEVcmUziHMVvBevdN6DSq+w==
x-fb-trip-id: 2000377899
x-frame-options: DENY
date: Sat, 09 Nov 2019 05:29:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://pixel.advertising.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf3edb426-02b1-11ea-bec1-06...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf3edb426-02b1-11ea-bec1-06...

0
472 B

18ms
5ms

Image
text/plain

52.58.41.129
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf3edb426-02b1-11ea-bec1-062215f20634&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-41-129.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 204
date: Sat, 09 Nov 2019 05:29:51 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sat, 09 Nov 2019 05:29:51 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPf3edb426-02b1-11ea-bec1-062215f20634&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expiration=1604813391
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expiration=1604813391&C=1

43 B
898 B

12ms
12ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expiration=1604813391&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Nov 2019 05:29:51 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 09 Nov 2019 05:29:51 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Nov 2019 05:29:51 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expiration=1604813391&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Sat, 09 Nov 2019 05:29:51 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expires=365

0
239 B

10ms
9ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&expires=365
cache-control: no-store, no-cache, must-revalidate
content-length: 124

GET
H2

200

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&rdrctExp=true

0
316 B

135ms
135ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&rdrctExp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:51 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, FRA, Europe1
x-timer: S1573277391.406959,VS0,VE129
accept-ranges: bytes, bytes
x-served-by: cache-jfk8125-JFK, cache-fra19139-FRA
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.25
x-traceid: 7bc0b6a64d5661c44e10a88721b8a6cd
content-length: 0
x-cache-hits: 0, 0

Redirect headers

date: Sat, 09 Nov 2019 05:29:51 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, FRA, Europe1
x-timer: S1573277391.309299,VS0,VE91
accept-ranges: bytes, bytes
x-served-by: cache-jfk8125-JFK, cache-fra19139-FRA
status: 302
x-cache: MISS, MISS
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&rdrctExp=true
backend-ip: 104.156.90.25
x-traceid: 5a734b7d4d200df037c3fec070655747
content-length: 0
x-cache-hits: 0, 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
862 B

42ms
14ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Sat, 09 Nov 2019 05:29:51 GMT
X-lat: Pug22035:0:449
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
cache-control: no-store, no-cache, must-revalidate
content-length: 220

GET
H2

200

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
518 B

30ms
29ms

Image
image/gif

54.72.102.227
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.102.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-102-227.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42

Redirect headers

Date: Sat, 09 Nov 2019 05:29:51 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

0
276 B

18ms
15ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sat, 09 Nov 2019 05:29:51 GMT
via: 1.1 varnish
server: nginx
x-timer: S1573277391.323525,VS0,VE8
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19139-FRA

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
cache-control: no-store, no-cache, must-revalidate
content-length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://eb2.3lift.com/xuid?mid=4714&xuid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&dongle=c85e&gdpr=1&cmp_cs=

37 B
335 B

12ms
9ms

Image
image/gif

52.58.86.83
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.86.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-86-83.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Sat, 09 Nov 2019 05:29:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Sat, 09 Nov 2019 05:29:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://d.adroll.com/fb/tr/?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[a...
https://www.facebook.com/tr/?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[...

44 B
235 B

8ms
6ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&cd[external_id]=gCXkg8r07OoOBbp6SzwQ4w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 05:29:51 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://www.facebook.com/tr/?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&cd[external_id]=gCXkg8r07OoOBbp6SzwQ4w
cache-control: no-store, no-cache, must-revalidate
content-length: 313

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://x.bidswitch.net/sync?dsp_id=44&user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

43 B
380 B

11ms
6ms

Image
image/gif

52.59.140.41
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.140.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-59-140-41.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Sat, 09 Nov 2019 05:29:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Sat, 09 Nov 2019 05:29:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://ib.adnxs.com/setuid?entity=172&code=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

43 B
875 B

55ms
6ms

Image
image/gif

37.252.172.249
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Nov 2019 05:29:53 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.235:80
AN-X-Request-Uuid: 1f8f33ed-d0b7-4ebe-b689-484c46e82b53
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ib.adnxs.com/setuid?entity=172&code=ODAyNWU0ODNjYWY0ZWNlYTBlMDViYTdhNGIzYzEwZTM
cache-control: no-store, no-cache, must-revalidate
content-length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://idsync.rlcdn.com/377928.gif?partner_uid=8025e483caf4ecea0e05ba7a4b3c10e3

0
62 B

175ms
143ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=8025e483caf4ecea0e05ba7a4b3c10e3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 204
date: Sat, 09 Nov 2019 05:29:51 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
status: 302
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://idsync.rlcdn.com/377928.gif?partner_uid=8025e483caf4ecea0e05ba7a4b3c10e3
cache-control: no-store, no-cache, must-revalidate
content-length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://us-u.openx.net/w/1.0/sd?id=537103138&val=8025e483caf4ecea0e05ba7a4b3c10e3
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8025e483caf4ecea0e05ba7a4b3c10e3

43 B
183 B

18ms
13ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8025e483caf4ecea0e05ba7a4b3c10e3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
via: 1.1 google
server: OXGW/16.167.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 09 Nov 2019 05:29:51 GMT
via: 1.1 google
server: OXGW/16.167.1
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=8025e483caf4ecea0e05ba7a4b3c10e3
alt-svc: clear
content-length: 0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=2242be3daddbef2448c5c77324d7d71f-1573277391035&xid_ch=f&advertisable=GYKIC6XRBVAZFHHGCZVSTM&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=gCXkg8r07OoOBbp6SzwQ4w
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=gCXkg8r07OoOBbp6SzwQ4w&google_tc=
https://d.adroll.com/cm/g/in

42 B
535 B

29ms
29ms

Image
image/gif

54.72.102.227
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.102.227 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-102-227.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: nginx/1.16.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status: 200
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 05:29:51 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1516295368673519&ev=PageView&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160838%26s5%3D%26s3%3D10251301%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1573277391396&cd[segment_eid]=FAMX2Q6M6VHQDAOB75DEFM&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=29&fbp=fb.1.1573277391396.1951269362&it=1573277385493&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160838&s5=&s3=10251301&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 05:29:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 05:29:51 GMT

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.primitivesurvivors.org/	1970-01-19 13:46:53	Name: __cfduid Value: dc486c0478555bb86b266f4b6f736d7921573277388
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: pop Value: off
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s1 Value: 24
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s4 Value:
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s3 Value: 10251301
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s2 Value: 160838
primitivesurvivors.org/tl900/11	1970-01-19 05:02:00	Name: uniq-nodo-8397828 Value: x
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: cs Value: 24-1
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s5 Value:
primitivesurvivors.org/tl900/11	1970-01-19 13:46:53	Name: addevent_track_cookie Value: 0690cfbd-0985-43e2-76a8-a2d5bcd7ed19
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: affId Value: 065D4A35

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 5) Message: Custom Snippets Loaded
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 32) Message: Pop Up Modal Disabled
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 104) Message: Custom Code Loaded #24-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
blu145.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
globenation.net
ib.adnxs.com
idsync.rlcdn.com
ife.panicrefe.com
outpostnine5.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
primitivesurvivors.org
s.adroll.com
s.yimg.com
simage2.pubmatic.com
staticxx.facebook.com
stats.g.doubleclick.net
sync.outbrain.com
syndication.twitter.com
track.addevent.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.elliornic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.youtube.com
x.bidswitch.net
104.244.42.8
151.101.14.2
172.217.22.66
185.64.189.110
2.18.233.40
2.18.234.21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6818:e6b
2606:4700:30::6818:7a1f
2606:4700:30::681c:155
2a00:1288:110:c305::a000
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2003
2a00:1450:4001:808::200e
2a00:1450:4001:815::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.95.120.147
35.156.24.221
35.190.72.21
37.252.172.249
52.58.41.129
52.58.86.83
52.59.140.41
54.148.113.91
54.194.142.16
54.68.175.98
54.72.102.227
69.173.144.136
89.46.100.124
0e97ff9485834e2d01d61f33fe17566489e9c8e3aaea2fb8b29031a927de04d7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1bb13b0ae34ab1f7dff4fcfc79187f338f85d6a7a61969f483a1c8084064a537
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
41169675c092f84afb7c56b104f6e631bef24ddb5446326847df58cf9a29ec62
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45427ffe827afaf27a56b280cfa901b8228d17adb6e9916cd65e484bae35289c
46591debdbac746096895e17605faee023954bf033c18dfc7a349056e32d8c92
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da7d1c528cd355156f4ea164027dfccec203df551b4531b8d07552d49bc5ce8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516c7eb9a1b4a829f30052828d4e12000560c5114fa07b5dd823aaeb4793cccf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5580d067f51d4ed2802c3e132a6d88d05e52a8b9fb52f2952d376a983f6b4a55
66f84f4427e998b11e18c08b994cb8f7d932b638feeb25645d6547f91eefed22
73b5bdc221f51188cd5c216018126d5685f5b8de0767b06f6b31ea2b68dcea7e
73d336858203d04f4d1e402e0cb8a450ed8b4b48a95c8c23b1f95fbdc06b9d28
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
82340800cd760a12a655d91f5f9a31aca3043df2de74eb8b724b937a8fe9664f
824d86c986f37f5a31a31af28b48b35b709229132e161d7d080c9ca03aa176c4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8788a53e1f7c3d009811faac4bf6f61e5bf12bfcf713025818b81875cfd769ff
89a4c7a1148a8b64ac46e8ef4c3a0e5a343d4aa01a4c97400ca099b6fd0c5d4b
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
a05cb65ecfe9bb5ef6968b5cc9099d50cd8401c1aa73df4c214fee47018c4d12
a08eac26f4f8eb8cf4ff8de77487af119b1449bfa547ff86a46451e014b02320
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f3920c61e817825daea23e6cf86053d84ec62200b7744c4e38a6e5180fc8bc
b4e8e7c614ca82dfe42171a02ff5aecb3903a8ab99782c69bc7c991a1dc49129
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6fc782c0d4686eb82136912f17a5de08ef8a8cb1e9da93c1f315eaa832db7f
ca9c042a373085a520d831dc9ad0239a3543f1be3f822680dcb2650ac4a06905
cec3eae9dd4755cfc98d4c7f0bc94c542f49fe1208d2abf1bffc414580c9cb32
d50fb038a77f7d6cd85aaa4923a370dc5122e9f2f17d0f61ad8370ee1d3e803a
dba7688c6781687a0560056511cec478e3310f55f1ad2795c462771912746f9e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dca9c8dad78915319584a0b6f8734523de68fde1408fbeb48591abd36bc49982
e0bcc49581e06a4877102e5a6ea47f090d937af5efbe68ee42060578090be8b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f35f38ed0da3018adc2ee9637b77e37ac57fa713456ef14c07e91e04da76a
f50e0fe480c601d2c5ae920021f2ae06429d6ae1a89eddfa7d945496e29fa1fa
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9
f65fb2a253cdc4e06983f1b678f07c4aa2e5f67019fb99a47ad8efa88a57903a
fca2a42ad46cb3c74ce4616f3b80b0ab47921e751de00abe4349dd56605c3168
fe2d738d3ddec5704a5f322c4866d5104e389a6e65464ab3862748b23df3e31c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

primitivesurvivors.org Open in urlscan Pro 2606:4700:20::6818:e6b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

44 %IPv6

31 Domains

36 Subdomains

25 IPs

7 Countries

1359 kBTransfer

3087 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

primitivesurvivors.org Open in urlscan Pro
2606:4700:20::6818:e6b Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

44 %
IPv6

31
Domains

36
Subdomains

25
IPs

7
Countries

1359 kB
Transfer

3087 kB
Size

11
Cookies

67 HTTP transactions
0 data transactions