urlscan.io logo urlscan.io
SecurityTrails logo

casustir.xyz Open in urlscan Pro
2606:4700:3032::6815:4f89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://alfamovs.ngopigeden.xyz/register.php?chan=yakan99
Effective URL: https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebook_5_bu&m=&b=
Submission: On May 08 via manual from CA — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 5 countries across 40 domains to perform 97 HTTP transactions. The main IP is 2606:4700:3032::6815:4f89, located in and belongs to . The main domain is casustir.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 20th 2023. Valid for: 3 months.
This is the only time casustir.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.130.231.235 47583 (AS-HOSTINGER)
1 46.105.201.240 16276 (OVH)
1 149.56.240.127 16276 (OVH)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 13.224.250.85 16509 (AMAZON-02)
1 13.33.33.31 16509 (AMAZON-02)
3 13.224.250.21 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 141.94.171.214 16276 (OVH)
4 4 15.197.193.217 16509 (AMAZON-02)
2 104.69.166.9 ()
1 75.2.13.80 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... ()
1 2 2606:4700:303... ()
1 13.33.88.11 16509 (AMAZON-02)
1 2 209.191.163.209 14744 (INTERNAP-...)
2 13.251.52.23 16509 (AMAZON-02)
1 2606:4700:e2:... ()
1 1 52.0.248.85 ()
10 54.255.27.129 ()
1 2 52.46.155.104 ()
1 2 23.106.127.53 ()
2 2 185.84.60.20 ()
2 2 67.199.150.81 3257 (GTT-BACKB...)
3 3 34.111.113.62 ()
1 104.17.215.204 13335 (CLOUDFLAR...)
1 54.150.10.110 ()
1 40.112.192.69 ()
1 52.29.163.83 ()
1 44.233.12.236 ()
1 1 34.237.236.228 ()
1 1 106.10.236.147 ()
1 1 13.228.126.19 ()
1 1 103.229.206.240 ()
2 2 98.98.134.242 ()
2 64.233.170.157 ()
1 18.155.68.56 ()
2 2 104.254.150.241 ()
1 2 2620:1ec:21::14 ()
97 28
1    45.130.231.235 (Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv102.niagahoster.com
alfamovs.ngopigeden.xyz
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
1    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
3    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscout.com
1    13.224.250.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-85.sin52.r.cloudfront.net
get.s-onetag.com
1    13.33.33.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-31.sin2.r.cloudfront.net
onetag-geo.s-onetag.com
3    13.224.250.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-21.sin52.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
3    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    104.69.166.9 (None, )

ASN- ()
stags.bluekai.com
tags.bluekai.com
1    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
1    2606:4700:3033::6815:29f1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.5mno3.com
1    2606:4700:3031::6815:55d2 (United States)

ASN13335 (CLOUDFLARENET, US)
jdsyw33.com
1    2606:4700:3031::ac43:c38a (United States)

ASN13335 (CLOUDFLARENET, US)
go.tffkroute.com
1    2606:4700:3034::ac43:8c8b (None, )

ASN- ()
go.track-campaing.club
2    2606:4700:3032::6815:4f89 (None, )

ASN- ()
casustir.xyz
1    13.33.88.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-11.sin2.r.cloudfront.net
data-beacons.s-onetag.com
2    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
2    13.251.52.23 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-52-23.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2606:4700:e2::ac40:8d1f (None, )

ASN- ()
a.dtssrv.com
1    52.0.248.85 (None, )

ASN- ()
sync.ipredictive.com
10    54.255.27.129 (None, )

ASN- ()
sync.crwdcntrl.net
2    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
2    23.106.127.53 (None, )

ASN- ()
sync.smartadserver.com
2    185.84.60.20 (None, )

ASN- ()
c1.adform.net
2    67.199.150.81 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
3    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    104.17.215.204 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    54.150.10.110 (None, )

ASN- ()
loadus.exelator.com
1    40.112.192.69 (None, )

ASN- ()
c.cintnetworks.com
1    52.29.163.83 (None, )

ASN- ()
sync.sharethis.com
1    44.233.12.236 (None, )

ASN- ()
beacon.krxd.net
1    34.237.236.228 (None, )

ASN- ()
sync.srv.stackadapt.com
1    106.10.236.147 (None, )

ASN- ()
cms.analytics.yahoo.com
1    13.228.126.19 (None, )

ASN- ()
ups.analytics.yahoo.com
1    103.229.206.240 (None, )

ASN- ()
sync.mathtag.com
2    98.98.134.242 (None, )

ASN- ()
pixel-sync.sitescout.com
2    64.233.170.157 (None, )

ASN- ()
cm.g.doubleclick.net
1    18.155.68.56 (None, )

ASN- ()
aa.agkn.com
2    104.254.150.241 (None, )

ASN- ()
secure.adnxs.com
2    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
15 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1116
bcp.crwdcntrl.net — Cisco Umbrella Rank: 874
sync.crwdcntrl.net
29 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
2 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3963
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5126
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 3855
data-beacons.s-onetag.com — Cisco Umbrella Rank: 14268
14 KB
4 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 17917
t.dtscout.com — Cisco Umbrella Rank: 14459
5 KB
3 tapad.com
pixel.tapad.com
1 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2832
1 KB
2 linkedin.com
px.ads.linkedin.com
892 B
2 adnxs.com
secure.adnxs.com
2 KB
2 doubleclick.net
cm.g.doubleclick.net
376 B
2 sitescout.com
pixel-sync.sitescout.com
958 B
2 yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 699
552 B
2 adform.net
c1.adform.net
1 KB
2 smartadserver.com
sync.smartadserver.com
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 608
990 B
2 casustir.xyz
casustir.xyz
705 B
2 bluekai.com
stags.bluekai.com
tags.bluekai.com
903 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 18209
s4.histats.com — Cisco Umbrella Rank: 14853
5 KB
1 agkn.com
aa.agkn.com
723 B
1 mathtag.com
sync.mathtag.com
667 B
1 stackadapt.com
sync.srv.stackadapt.com
909 B
1 krxd.net
beacon.krxd.net
338 B
1 sharethis.com
sync.sharethis.com
549 B
1 cintnetworks.com
c.cintnetworks.com
543 B
1 exelator.com
loadus.exelator.com
324 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 2277
1 ipredictive.com
sync.ipredictive.com
480 B
1 dtssrv.com
a.dtssrv.com
458 B
1 track-campaing.club
go.track-campaing.club
739 B
1 tffkroute.com
go.tffkroute.com — Cisco Umbrella Rank: 638233
677 B
1 jdsyw33.com
jdsyw33.com — Cisco Umbrella Rank: 583182
752 B
1 5mno3.com
www.5mno3.com
765 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15842
609 B
1 ngopigeden.xyz
alfamovs.ngopigeden.xyz
2 KB
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 liadm.com Failed
i6.liadm.com Failed
0 eyeota.net Failed
ps.eyeota.net Failed
0 clickagy.com Failed
aorta.clickagy.com Failed
97 40
Domain Requested by
10 sync.crwdcntrl.net bcp.crwdcntrl.net
4 match.adsrvr.org 4 redirects
3 pixel.tapad.com 3 redirects
3 pixel.onaudience.com 3 redirects
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 t.dtscout.com e.dtscout.com
2 px.ads.linkedin.com 1 redirects
2 secure.adnxs.com 2 redirects
2 cm.g.doubleclick.net bcp.crwdcntrl.net
2 pixel-sync.sitescout.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 c1.adform.net 2 redirects
2 sync.smartadserver.com 1 redirects bcp.crwdcntrl.net
2 s.amazon-adsystem.com 1 redirects bcp.crwdcntrl.net
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 ap.lijit.com 1 redirects
2 casustir.xyz 1 redirects casustir.xyz
1 aa.agkn.com bcp.crwdcntrl.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 sync.mathtag.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 loadus.exelator.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 sync.ipredictive.com 1 redirects
1 a.dtssrv.com e.dtscout.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 go.track-campaing.club 1 redirects
1 go.tffkroute.com 1 redirects
1 jdsyw33.com 1 redirects
1 www.5mno3.com 1 redirects
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 stags.bluekai.com
1 t.dtscdn.com e.dtscout.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 s10.histats.com alfamovs.ngopigeden.xyz
1 alfamovs.ngopigeden.xyz
0 cdnjs.cloudflare.com Failed casustir.xyz
0 um.simpli.fi Failed
0 i6.liadm.com Failed
0 ps.eyeota.net Failed bcp.crwdcntrl.net
0 aorta.clickagy.com Failed bcp.crwdcntrl.net
97 49

This site contains no links.

Subject Issuer Validity Valid
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.dtscout.com
GTS CA 1P5		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.dtscdn.com
GTS CA 1P5		 2023-03-24 -
2023-06-22		 3 months crt.sh
casustir.xyz
GTS CA 1P5		 2023-04-20 -
2023-07-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-01 -
2023-07-01		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
c.cintnetworks.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-03-21 -
2023-09-21		 6 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-02-14 -
2023-08-31		 7 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh

This page contains 4 frames:

Primary Page: https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebook_5_bu&m=&b=
Frame ID: 13BE3BBED3EDE78C44C15A3EE8A0BC0D
Requests: 71 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01683583232211BF13E30CD28EDB1
Frame ID: F240788597EADA20DA628BE52A79A8CD
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: EE72B9A87AC469193CB48712071A2DB5
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Frame ID: 65325C7FA402480162B916523CAF9BAF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://alfamovs.ngopigeden.xyz/register.php?chan=yakan99 Page URL
  2. https://www.5mno3.com/scripts/un981c6l?a_aid=447fc4d7&a_bid=a6ae2671&chan=yakan99 HTTP 301
    https://jdsyw33.com/g?visitorid=6bfec9b766642a521d6819f7147538Qe&refid=447fc4d7&bannerid=a6ae267... HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=665&ref_id=6bfec9b766642a521d6819f7147538Qe_447fc4d7_a6... HTTP 302
    https://go.track-campaing.club/click?pid=73&offer_id=447&ref_id=6459710160a757000145d8fb&sub1=447fc4d7&sub5= HTTP 302
    https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&reqi=2... HTTP 302
    https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebo... Page URL

Page Statistics

97
Requests

27 %
HTTPS

23 %
IPv6

40
Domains

49
Subdomains

28
IPs

5
Countries

61 kB
Transfer

202 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://alfamovs.ngopigeden.xyz/register.php?chan=yakan99 Page URL
  2. https://www.5mno3.com/scripts/un981c6l?a_aid=447fc4d7&a_bid=a6ae2671&chan=yakan99 HTTP 301
    https://jdsyw33.com/g?visitorid=6bfec9b766642a521d6819f7147538Qe&refid=447fc4d7&bannerid=a6ae2671&extra_data1=&extra_data2= HTTP 302
    https://go.tffkroute.com/click?pid=6&offer_id=665&ref_id=6bfec9b766642a521d6819f7147538Qe_447fc4d7_a6ae2671&sub1=447fc4d7&sub8= HTTP 302
    https://go.track-campaing.club/click?pid=73&offer_id=447&ref_id=6459710160a757000145d8fb&sub1=447fc4d7&sub5= HTTP 302
    https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&reqi=2001:df1:800:a004:1::3&rand=a6d0a127-6c1c-4ec7-8ee3-4794cab1867f&lp=ebook_5_bu&m=&b= HTTP 302
    https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebook_5_bu&m=&b= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01683583232211BF13E30CD28EDB1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=4f8cc916-161a-4408-b2c4-81c4ba452d30&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=79565193fddfca86
Request Chain 15
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Request Chain 20
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=4e0abc54-96c8-46fb-bebd-38cdf80d15c3&gdpr=0
Request Chain 21
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=2536bffd0c3aee5583bad94465d75865 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=2536bffd0c3aee5583bad94465d75865&dcc=t
Request Chain 22
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Request Chain 23
  • https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2880859628447926750/gdpr=/gdpr_consent=
Request Chain 24
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=37108778-ED80-4B69-ADAE-BF9AD734C1FA&gdpr=0
Request Chain 25
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4f8cc916-161a-4408-b2c4-81c4ba452d30/gdpr=0/gdpr_consent=
Request Chain 26
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=2536bffd0c3aee5583bad94465d75865&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=2536bffd0c3aee5583bad94465d75865&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a3932303-a281-4809-9aba-5beb9db498c0%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253Da3932303-a281-4809-9aba-5beb9db498c0%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4f8cc916-161a-4408-b2c4-81c4ba452d30&ttd_puid=a3932303-a281-4809-9aba-5beb9db498c0%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253Da3932303-a281-4809-9aba-5beb9db498c0%2C HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a3932303-a281-4809-9aba-5beb9db498c0
Request Chain 32
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=2536bffd0c3aee5583bad94465d75865 HTTP 302
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:b7ddb71093d8ccce216aca463254994b HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJbTGRIuCioIARD1lgkaImM6YjdkZGI3MTA5M2Q4Y2NjZTIxNmFjYTQ2MzI1NDk5NGIQABoNCILi5aIGEgUI6AcQAEIASgA HTTP 307
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=b83c401550ca5eed5a77c073a9351e3eef146a419f3e7252d5bccfe18bece58225abae5358c0e7bc HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:b7ddb71093d8ccce216aca463254994b&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1683583235330&ip=103.254.153.207&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D208610804510005715400 HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=208610804510005715400 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347
Request Chain 33
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-90e6c421-4ad8-5a8a-53b8-64dc439c419f$ip$103.254.153.207&gdpr=0&gdpr_consent=
Request Chain 34
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=2536bffd0c3aee5583bad94465d75865&gdpr=0 HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=2536bffd0c3aee5583bad94465d75865&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkFwQmQtVGxBZkl0MzlsVWdwSFVqRzVMU0hOTlBiR2pyRHhBVjZsLVhIaEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkFwQmQtVGxBZkl0MzlsVWdwSFVqRzVMU0hOTlBiR2pyRHhBVjZsLVhIaEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEPkgFlX2XU9JFVnvOhVJwcI&google_cver=1 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D2%2526dc_mr%253D5%2526dc_orig%253D51mdg9u%2526 HTTP 302
  • https://ps.eyeota.net/match?uid=742146407235870088&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=WTxAxlCq1PW8Uj5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3842480314005772593&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=4f8cc916-161a-4408-b2c4-81c4ba452d30&bid=1e2n4ou
Request Chain 35
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-XwyAs5tE2pzHI3oRSuiaK1U1iew5lCdTD7k-~A&gdpr=0
Request Chain 36
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d9f56459-7102-4e00-97f6-7ed9ce81273e&src=lot&gdpr=0
Request Chain 37
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347/gdpr=0
Request Chain 42
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=102194271 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D102194271 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2683979395487946185/gdpr=0/rand=102194271
Request Chain 43
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf&rnd=46498 HTTP 303
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf&rnd=46498&_li_chk=true&previous_uuid=e0ee7f24453343f0bd8beda4646dd570 HTTP 303
  • https://i6.liadm.com/s/59074?bidder_id=204553&rnd=46498&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf
Request Chain 44
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GnQIDSZHkdd1O3e3Qha8FSpf&rand=42649&pu= HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GnQIDSZHkdd1O3e3Qha8FSpf&rand=42649&pu=&expected_cookie=7fe8dcaf-04ca-4720-babe-2c8e1dce84f7

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
register.php
alfamovs.ngopigeden.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://alfamovs.ngopigeden.xyz/register.php?chan=yakan99
Protocol
HTTP/1.1
Server
45.130.231.235 , Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv102.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
a7a5071b0da7b242b0ab0d99bdceaf13e4ef26045ecaf58e602e0489df797aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
992
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 22:00:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: alfamovs.ngopigeden.xyz
URL: http://alfamovs.ngopigeden.xyz/register.php?chan=yakan99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 21:56:07 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
357402792
0.php
s4.histats.com/stats/ 		376 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4626405&@f16&@g1&@h1&@i1&@j1683583231272&@k0&@l1&@mLoading...&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-145708134&@b3:1683583231&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 22:00:31 GMT
Connection
close
Content-Length
376
Content-Type
text/html;charset=UTF-8
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4626405&@f16&@g1&@h1&@i1&@j1683583231272&@k0&@l1&@mLoading...&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-145708134&@b3:1683583231&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&@w
Protocol
HTTP/1.1
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff80ce7d9e90b50cff942c1757d79204148d12d7183022e96d7455baaea664c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 22:00:32 GMT
X-T
0.465
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVkOvLOxfj8dyRlyHmfiiE0b%2B5QEJ0MYbnbYaG3fdzwURKk3w1n7BqNHYl2zByBQBAyXtRkGxl%2FF7FslyCFIVvZBtjitecuoH5ya40g1lPYEVaiCX1PAwP1tYs6v%2B79IHi1gRpkXb1KGBB8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-S
ger1
CF-RAY
7c44f9e00a3c87c3-SIN
Expires
Mon, 08 May 2023 22:00:31 GMT
/
t.dtscout.com/idg/ Frame F240 		1 KB
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01683583232211BF13E30CD28EDB1
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
082b0f57ea6189beb31eb219d524fcf976533723b5f078e4abcc998bcf7f7b10

Request headers

Referer
http://alfamovs.ngopigeden.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7c44f9e279c487a0-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 22:00:32 GMT
expires
Mon, 08 May 2023 22:00:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqrqlCzDZ%2BzWCMF8eQP1VI4deH8NdFbe1uaDBsbnR%2BOrzZPYm6vVbob4IEaMcUrJKdIY7otjSdLb18XKX24YZwL03U%2BjksZA0QCs2NeNekDnpKQHni%2BM0LkVcKWZQSREQJvIXKusY3PtZHU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-85.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
Cbjpq7uzlYJGW75uYJ0hJ2.4T0hYLuBY
content-encoding
gzip
via
1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 01:32:06 GMT
last-modified
Tue, 28 Feb 2023 11:00:34 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
73707
x-amz-server-side-encryption
AES256
etag
W/"da6f9d421ee18b85a6159832b88d2387"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
Y7CA8Rn2UDt1IJM5rQpcEKvZfXaLZhdJcpDWc7gb1huhCK9yVzwFmw==
/
t.dtscout.com/pv/ 		51 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=alfamovs.ngopigeden.xyz&_ss=4fdhvjqlzz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=2l7p&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dee45136c918374510c0aaf8e14a798493833c58df0e96e2c988f3ad4dde10ee

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:00:32 GMT
x-t
0.145
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfIjRty%2FaJHJuPuK%2B%2FLCBn3gLZZvCyivCVSfMjy2xq16oiN5H%2B1p6kakyHQnhjUT1WK5cF3oQ%2FcYcOB1iqCtQ26g6TvzluBKbj8x1Hlf47vIzO3yZ9SG%2F4FDKY8n69iHY2ngQWawh1nQ7AE%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
7c44f9e279c587a0-SIN
expires
Mon, 08 May 2023 22:00:31 GMT
/
onetag-geo.s-onetag.com/ 		535 B
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-31.sin2.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:00:32 GMT
via
1.1 f5171077d7910626ec3cf65e0c222f3c.cloudfront.net (CloudFront), 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1, SIN2-P1
x-amzn-requestid
e6cdf89c-b235-41d1-8010-bd00687893e2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
En6YMEpeiYcFe_Q=
content-length
535
x-amz-cf-id
Kokd_8boK-appuecU3gyi_ZvthuMc9wqXFprcfEKd-zOLR-i9ZyctQ==
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-21.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 14:35:41 GMT
content-encoding
gzip
via
1.1 7e15719c90fc4193eff06d80a6052924.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 22:28:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
age
26692
etag
W/"7e4e88e6c921eda7d40621e7d222cc0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LbT7aW7UJq5-g7nyZIb6Iwy2nxrAJO_Nc26j1EjR8ewmErJ2f3QSzA==
/
t.dtscdn.com/widget/ 		0
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A01683583232211BF13E30CD28EDB1&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&r=
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:00:33 GMT
x-t
1.09
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCdZRjhovuDtsjkL8sMNyuMq3Wae%2BtCgmzMDIA78NgiMebaHex23iKE94XS%2BOxqnEVx3W35YLimpKkcW%2FI8uyqCdGHIWpch3unet30hZozmaG2VFsruZUCbWSfVheJlnD0UoNGYfw%2FAdNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web12.ny1.dtscdn.com
cf-ray
7c44f9e54fee40ca-SIN
expires
Mon, 08 May 2023 21:11:47 GMT
52799
stags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01683583232211BF13E30CD28EDB1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=4f8cc916-161a-4408-b2c4-81c4ba452d30&icm&gdpr=0&gdpr_consent=&cver
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=79565193fddfca86
62 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/52799?id=79565193fddfca86
Protocol
H2
Server
104.69.166.9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 08 May 2023 22:00:34 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=79565193fddfca86
content-length
0
/
t.dtscout.com/pv/ 		0
337 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://alfamovs.ngopigeden.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryZJ6BPBOQntMyYlMx

Response headers

date
Mon, 08 May 2023 22:00:33 GMT
x-t
0.155
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JD5HZXjPvoKHMxSoS04tLs8FuhX22VFecdPZYnoqoE%2FWNUJJ5ZyPjW%2Fix5GWXJC5ijyt6FWVXP5rJixGqv83QNfKIyA%2Fknv%2FfBqczhUyvUyXPkHEeo4xkkuc%2BT%2FFuxnM2tBdSTzvaYZwhI0%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
7c44f9e53b4187a0-SIN
expires
Mon, 08 May 2023 22:00:32 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
http://alfamovs.ngopigeden.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 08 May 2023 22:00:32 GMT
content-length
0
vary
Origin
Primary Request /
casustir.xyz/ebookmul/5/cc/
Redirect Chain
  • https://www.5mno3.com/scripts/un981c6l?a_aid=447fc4d7&a_bid=a6ae2671&chan=yakan99
  • https://jdsyw33.com/g?visitorid=6bfec9b766642a521d6819f7147538Qe&refid=447fc4d7&bannerid=a6ae2671&extra_data1=&extra_data2=
  • https://go.tffkroute.com/click?pid=6&offer_id=665&ref_id=6bfec9b766642a521d6819f7147538Qe_447fc4d7_a6ae2671&sub1=447fc4d7&sub8=
  • https://go.track-campaing.club/click?pid=73&offer_id=447&ref_id=6459710160a757000145d8fb&sub1=447fc4d7&sub5=
  • https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&reqi=2001:df1:800:a004:1::3&rand=a6d0a127-6c1c-4ec7-8ee3-4794cab1867f&lp=ebook_5_bu&m=&b=
  • https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebook_5_bu&m=&b=
73 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebook_5_bu&m=&b=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:4f89 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://alfamovs.ngopigeden.xyz/register.php?chan=yakan99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c44f9f5081f6bca-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 22:00:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3IznXqut6QFPqqrSZJyoIaeKJyOjfcugQPg0SgJNuBBcMNbqPzZ%2Bh2Lxye5fWAl72xwGXTcMEcC8vcPfnTNcIebbe4igUPH2XTe4gTvMOerP%2FYEDYNZxserqeVYW5cdwLZxJHal%2FNp9BV8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c44f9f09e486bca-SIN
content-type
text/html; charset=UTF-8
date
Mon, 08 May 2023 22:00:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://casustir.xyz/ebookmul/5/cc/?affiliate_id=73_447fc4d7_&cid=64597102a52ab60001a010bc&lp=ebook_5_bu&m=&b=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uaJvuGjChfPPP0GsBCPuQjqe4LawJ6F84dhMZpa4%2FLTshReAzq6KMVkDzdk281Nbkz6vh0RJpXANip2XpQvs0Fcb%2F2lcTlA5JbPdOpoQ5DDa3%2FZ9WZtGpDHVeZnmz73xMljmK5lWt6JOXQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-xss-protection
1; mode=block
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-21.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://alfamovs.ngopigeden.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 08 May 2023 22:00:34 GMT
content-encoding
gzip
via
1.1 6b0d2463e38d8b2224f25b309fde2ba2.cloudfront.net (CloudFront)
last-modified
Wed, 26 Apr 2023 22:28:47 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
cache-control
public, max-age=86400
x-amz-cf-id
jOMEXP8FGSE_ij3INE6QdvamL-ykvhlr3xBZyzeexd707t_ZI62HpA==
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.88.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-88-11.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding
gzip
via
1.1 f376d87611123aa47c006262522a6a94.cloudfront.net (CloudFront)
date
Mon, 08 May 2023 21:16:20 GMT
last-modified
Mon, 30 Jan 2023 17:09:16 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2
age
2654
etag
W/"b33b67ced6b706568683ecea83e198c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
Uowt7-VQCSEX1wiLipb0TElasIeM41jWiAtQ2wiSYNYenb6kXn1gHQ==
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol
HTTP/1.1
Server
209.191.163.209 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 22:00:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://alfamovs.ngopigeden.xyz
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Mon, 08 May 2023 22:00:33 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
http://alfamovs.ngopigeden.xyz
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
data
bcp.crwdcntrl.net/6/ 		597 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.52.23 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-52-23.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
http://alfamovs.ngopigeden.xyz/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
http://alfamovs.ngopigeden.xyz
cache-control
no-cache
x-server
10.42.18.65
access-control-allow-credentials
true
content-length
597
expires
0
a
a.dtssrv.com/ 		0
458 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/a?i=51A01683583232211BF13E30CD28EDB1&k=lotpano&v=dba465a14b4c5e7594fdf9b88a5116d5393800722326a421d91bb312897e052a
Requested by
Host: e.dtscout.com
URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Falfamovs.ngopigeden.xyz%2Fregister.php%3Fchan%3Dyakan99&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8d1f -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:00:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRNPW5bItOzSAZQxJm7BhX31cPUpNrJDF8KqOelvtkJ%2BOkBsE3Wv7xp7pHTpx8Z5UtP4crOhrlnda8bmShy0A423c%2FwOMGebheli736EXvtsfcIAB4UBOdgLPFW165WAysMOpqYGlVak0Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7c44f9ec382c3f7b-SIN
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame EE72 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.250.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-250-21.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://alfamovs.ngopigeden.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
72092
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 08 May 2023 01:59:01 GMT
etag
W/"ab50484458d62eef36ef1969b84da1b5"
last-modified
Tue, 25 Apr 2023 19:53:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7e15719c90fc4193eff06d80a6052924.cloudfront.net (CloudFront)
x-amz-cf-id
ChDYAn99Vpj791oThl0eZ_OIdSAmdLHCrGkT0BX_jkbNBimX8gcAbA==
x-amz-cf-pop
SIN52-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 6532 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.52.23 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-52-23.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-cache
content-length
3892
content-type
text/html
date
Mon, 08 May 2023 22:00:33 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.42.26.109
qmap
sync.crwdcntrl.net/ Frame 6532
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC...
  • https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=4e0abc54-96c8-46fb-bebd-38cdf80d15c3&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=4e0abc54-96c8-46fb-bebd-38cdf80d15c3&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.23.134
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=4e0abc54-96c8-46fb-bebd-38cdf80d15c3&gdpr=0
Date
Mon, 08 May 2023 22:00:34 GMT
Connection
keep-alive
X-CI-RTID
8b73c586-4e8f-4aec-8d19-b66bd1bac30d
Content-Length
131
Content-Type
text/html; charset=utf-8
dcm
s.amazon-adsystem.com/ Frame 6532
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=2536bffd0c3aee5583bad94465d75865
  • https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=2536bffd0c3aee5583bad94465d75865&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=2536bffd0c3aee5583bad94465d75865&dcc=t
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 May 2023 22:00:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W241S0ZK5WTBWD2V3SGG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 08 May 2023 22:00:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SH8QF0K5AD43CJNV7KTP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=2536bffd0c3aee5583bad94465d75865&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame 6532
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
0
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
HTTP/1.1
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2880859628447926750/gdpr=/ Frame 6532
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1040
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1040
  • https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2880859628447926750/gdpr=/gdpr_consent=
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2880859628447926750/gdpr=/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.0.65
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=2880859628447926750/gdpr=/gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
qmap
sync.crwdcntrl.net/ Frame 6532
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=37108778-ED80-4B69-ADAE-BF9AD734C1FA&gdpr=0
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=37108778-ED80-4B69-ADAE-BF9AD734C1FA&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.18.65
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=37108778-ED80-4B69-ADAE-BF9AD734C1FA&gdpr=0
date
Mon, 08 May 2023 22:00:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4f8cc916-161a-4408-b2c4-81c4ba452d30/gdpr=0/ Frame 6532
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4f8cc916-161a-4408-b2c4-81c4ba452d30/gdpr=0/gdpr_consent=
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4f8cc916-161a-4408-b2c4-81c4ba452d30/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.13.243
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=4f8cc916-161a-4408-b2c4-81c4ba452d30/gdpr=0/gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
249
tpid=a3932303-a281-4809-9aba-5beb9db498c0
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 6532
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=2536bffd0c3aee5583bad94465d75865&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=2536bffd0c3aee5583bad94465d75865&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a3932303-a281-4809-9aba-5beb9db498c0%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4f8cc916-161a-4408-b2c4-81c4ba452d30&ttd_puid=a3932303-a281-4809-9aba-5beb9db498c0%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a3932303-a281-4809-9aba-5beb9db498c0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a3932303-a281-4809-9aba-5beb9db498c0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.0.86
content-length
49
expires
0

Redirect headers

date
Mon, 08 May 2023 22:00:34 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=a3932303-a281-4809-9aba-5beb9db498c0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 6532 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.215.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
/
loadus.exelator.com/load/ Frame 6532 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=2536bffd0c3aee5583bad94465d75865&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.10.110 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:00:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
identity
c.cintnetworks.com/ Frame 6532 		0
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:2536bffd0c3aee5583bad94465d75865
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.112.192.69 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 22:00:33 GMT
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Arr-Disable-Session-Affinity
true
Content-Length
0
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
lotame
sync.sharethis.com/ Frame 6532 		42 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=2536bffd0c3aee5583bad94465d75865&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.163.83 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Mon, 08 May 2023 22:00:34 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
Stid
ZH+AAmRZcQIAAAAIMVF1Aw==
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 6532 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=2536bffd0c3aee5583bad94465d75865
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.12.236 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-served-by
beacon-n007-pdx-prod.krxd.net
date
Mon, 08 May 2023 22:00:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1683583234
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
aorta.clickagy.com/ Frame 6532
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=120&cm=2536bffd0c3aee5583bad94465d75865
  • https://idsync.rlcdn.com/420246.gif?partner_uid=c:b7ddb71093d8ccce216aca463254994b
  • https://idsync.rlcdn.com/1000.gif?memo=CJbTGRIuCioIARD1lgkaImM6YjdkZGI3MTA5M2Q4Y2NjZTIxNmFjYTQ2MzI1NDk5NGIQABoNCILi5aIGEgUI6AcQAEIASgA
  • https://aorta.clickagy.com/pixel.gif?ch=114&cm=b83c401550ca5eed5a77c073a9351e3eef146a419f3e7252d5bccfe18bece58225abae5358c0e7bc
  • https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:b7ddb71093d8ccce216aca463254994b&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
  • https://d.agkn.com/pixel/10751/?che=1683583235330&ip=103.254.153.207&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D208610804510005715400
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=208610804510005715400
  • https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
  • https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347
0
0
qmap
sync.crwdcntrl.net/ Frame 6532
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-90e6c421-4ad8-5a8a-53b8-64dc439c419f$ip$103.254.153.207&gdpr=0&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-90e6c421-4ad8-5a8a-53b8-64dc439c419f$ip$103.254.153.207&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.28.43
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-90e6c421-4ad8-5a8a-53b8-64dc439c419f$ip$103.254.153.207&gdpr=0&gdpr_consent=
Date
Mon, 08 May 2023 22:00:35 GMT
Connection
keep-alive
Content-Length
169
Content-Type
text/html; charset=utf-8
match
ps.eyeota.net/ Frame 6532
Redirect Chain
  • https://ps.eyeota.net/match?bid=51mdg9u&uid=2536bffd0c3aee5583bad94465d75865&gdpr=0
  • https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=2536bffd0c3aee5583bad94465d75865&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkFwQmQtVGxBZkl0MzlsVWdwSFVqRzVMU0hOTlBiR2pyRHhBVjZsLVhIaEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkFwQmQtVGxBZkl0MzlsVWdwSFVqRzVMU0hOTlBiR2pyRHhBVjZsLVhIaEU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEPkgFlX2XU9JFVnvOhVJwcI&google_cver=1
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26dc_rc%3D2%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526dc_rc%253D2%2526dc_mr%253D5%2526dc_orig%253D51mdg9u%2526
  • https://ps.eyeota.net/match?uid=742146407235870088&bid=2cr76e1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
  • https://i.w55c.net/ping_match.gif?st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://pm.w55c.net/ping_match.gif?scc=1&st=EYEOTA&rurl=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D9sn4omv%26uid%3D_wfivefivec_%26newuser%3D1%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
  • https://ps.eyeota.net/match?bid=9sn4omv&uid=WTxAxlCq1PW8Uj5&newuser=1&dc_rc=3&dc_mr=5&dc_orig=51mdg9u&
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3842480314005772593&newuser=1&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=4f8cc916-161a-4408-b2c4-81c4ba452d30&bid=1e2n4ou
0
0
qmap
sync.crwdcntrl.net/ Frame 6532
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-XwyAs5tE2pzHI3oRSuiaK1U1iew5lCdTD7k-~A&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-XwyAs5tE2pzHI3oRSuiaK1U1iew5lCdTD7k-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.9.59
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-XwyAs5tE2pzHI3oRSuiaK1U1iew5lCdTD7k-~A&gdpr=0
date
Mon, 08 May 2023 22:00:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
qmap
sync.crwdcntrl.net/ Frame 6532
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d9f56459-7102-4e00-97f6-7ed9ce81273e&src=lot&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d9f56459-7102-4e00-97f6-7ed9ce81273e&src=lot&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.26.92
content-length
49
expires
0

Redirect headers

Date
Mon, 08 May 2023 22:00:34 GMT
Server
MT3 851 9bd98ae master hkg-pixel-x1 config_version:"79"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=d9f56459-7102-4e00-97f6-7ed9ce81273e&src=lot&gdpr=0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 08 May 2023 22:00:33 GMT
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347/ Frame 6532
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.7.187
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 6532 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjUzNmJmZmQwYzNhZWU1NTgzYmFkOTQ0NjVkNzU4NjU&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.157 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 6532 		62 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=1a4bb7f291f54b7a630c89d49f5387fd
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.166.9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 08 May 2023 22:00:34 GMT
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 6532 		103 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.56 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
via
1.1 16074517396ff3ce754e4ac422c346c8.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
SIN52-P1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
eVreON9sjkUQGB0JIEXPtnNv0CyK5C5anXmkPjiLmp9O8gNOlWD9aw==
expires
0
pixel
cm.g.doubleclick.net/ Frame 6532 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=MjUzNmJmZmQwYzNhZWU1NTgzYmFkOTQ0NjVkNzU4NjU&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.157 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rand=102194271
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2683979395487946185/gdpr=0/ Frame 6532
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=102194271
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D102194271
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2683979395487946185/gdpr=0/rand=102194271
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2683979395487946185/gdpr=0/rand=102194271
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=154%2C153%2C148%2C145%2C136%2C116%2C106%2C104%2C100%2C92%2C81%2C80%2C79%2C54%2C49%2C41%2C38%2C33%2C22%2C12%2C8%2C7%2C2&c=3825
Protocol
H2
Server
54.255.27.129 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 May 2023 22:00:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.21.92
content-length
49
expires
0

Redirect headers

Date
Mon, 08 May 2023 22:00:35 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.254.153.207; 103.254.153.207; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
387b25b6-d802-4fea-83ab-50033ad56cc7
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2683979395487946185/gdpr=0/rand=102194271
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
59074
i6.liadm.com/s/
Redirect Chain
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf&rnd=46498
  • https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf&rnd=46498&_li_chk=true&previous_uuid=e0ee7f24453343f0bd8beda4646dd570
  • https://i6.liadm.com/s/59074?bidder_id=204553&rnd=46498&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf
0
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GnQIDSZHkdd1O3e3Qha8FSpf&rand=42649&pu=
  • https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GnQIDSZHkdd1O3e3Qha8FSpf&rand=42649&pu=&expected_cookie=7fe8dcaf-04ca-4720-babe-2c8e1dce84f7
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GnQIDSZHkdd1O3e3Qha8FSpf&rand=42649&pu=&expected_cookie=7fe8dcaf-04ca-4720-babe-2c8e1dce84f7
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://alfamovs.ngopigeden.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 22:00:34 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9A81A0B9CA5F442D96757FA696DA5676 Ref B: SIN30EDGE0317 Ref C: 2023-05-08T22:00:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7NcSzFViLbWA9JMG0BQ==

Redirect headers

date
Mon, 08 May 2023 22:00:34 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 78D1F7ECC7FF491281CB79BF5B4B2D0F Ref B: SIN30EDGE0317 Ref C: 2023-05-08T22:00:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=15697&puuid=GnQIDSZHkdd1O3e3Qha8FSpf&rand=42649&pu=&expected_cookie=7fe8dcaf-04ca-4720-babe-2c8e1dce84f7
x-li-source-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7NcSvT0HeSBpCfhc4GA==
lj_match
um.simpli.fi/ 		0
0
metrics
connect-metrics-collector.s-onetag.com/ 		0
0
form.css
casustir.xyz/shared/css/ 		0
0
bootstrap.min.css
casustir.xyz/ebookmul/5/cc/files/ 		0
0
all.css
casustir.xyz/ebookmul/5/cc/files/ 		0
0
style.css
casustir.xyz/ebookmul/5/cc/files/ 		0
0
siempre.css
casustir.xyz/ebookmul/5/cc/css/ 		0
0
imask.min.js
cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/ 		0
0
jquery-2.2.4.min.js
casustir.xyz/ebookmul/5/cc/js/ 		0
0
bootstrap.min.js
casustir.xyz/ebookmul/5/cc/js/ 		0
0
personalizado.css
casustir.xyz/ebookmul/5/cc/files/ 		0
0
css
casustir.xyz/ebookmul/5/Content-Tab_files/ 		0
0
styles.css
casustir.xyz/ebookmul/5/cc/css/ 		0
0
style.css
casustir.xyz/ebookmul/5/cc/files2/ 		0
0
css
casustir.xyz/ebookmul/5/cc/files2/ 		0
0
all.js
casustir.xyz/ebookmul/5/cc/files2/ 		0
0
styles.f478bed59c5dc6a25ef2.css
casustir.xyz/ebookmul/5/cc/Content-Tab_files/ 		0
0
flag_zh.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_ar.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_bg.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_cs.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_da.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_de.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_el.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_en.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_es.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_fi.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_fr.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_he.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_hr.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_hu.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_it.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_ja.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_ms.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_nb.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_nl.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_pl.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_pt.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_ro.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_ru.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_sv.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
flag_tr.png
casustir.xyz/ebookmul/5/cc/files/ 		0
0
img17.jpg
casustir.xyz/ebookmul/5/cc/Content-Tab_files/bg/ 		0
0
loading.gif
casustir.xyz/shared/images/ 		0
0
visa.png
casustir.xyz/ebookmul/5/cc/img/ 		0
0
visa-master-cvv.png
casustir.xyz/shared/images/ 		0
0
payment2.png
casustir.xyz/ebookmul/5/cc/files2/ 		0
0
jquery.min.js
casustir.xyz/ebookmul/5/cc/files2/ 		0
0
script.js
casustir.xyz/ebookmul/5/cc/files2/ 		0
0
main.js
casustir.xyz/ebookmul/5/cc/ 		0
0
card_mask.js
casustir.xyz/shared/geo/en/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=14774dc0-1db7-4003-9d0a-433faaadc186-64597103-5347
Domain
ps.eyeota.net
URL
https://ps.eyeota.net/match?uid=4f8cc916-161a-4408-b2c4-81c4ba452d30&bid=1e2n4ou
Domain
i6.liadm.com
URL
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=46498&bidder_uuid=GnQIDSZHkdd1O3e3Qha8FSpf
Domain
um.simpli.fi
URL
https://um.simpli.fi/lj_match?r=30412
Domain
connect-metrics-collector.s-onetag.com
URL
https://connect-metrics-collector.s-onetag.com/metrics
Domain
casustir.xyz
URL
https://casustir.xyz/shared/css/form.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/bootstrap.min.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/all.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/style.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/css/siempre.css
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/imask/3.4.0/imask.min.js
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/js/jquery-2.2.4.min.js
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/js/bootstrap.min.js
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/personalizado.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/Content-Tab_files/css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/css/styles.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files2/style.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files2/css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files2/all.js
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/Content-Tab_files/styles.f478bed59c5dc6a25ef2.css
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_zh.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_ar.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_bg.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_cs.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_da.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_de.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_el.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_en.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_es.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_fi.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_fr.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_he.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_hr.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_hu.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_it.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_ja.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_ms.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_nb.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_nl.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_pl.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_pt.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_ro.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_ru.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_sv.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files/flag_tr.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/Content-Tab_files/bg/img17.jpg
Domain
casustir.xyz
URL
https://casustir.xyz/shared/images/loading.gif
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/img/visa.png
Domain
casustir.xyz
URL
https://casustir.xyz/shared/images/visa-master-cvv.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files2/payment2.png
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files2/jquery.min.js
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/files2/script.js
Domain
casustir.xyz
URL
https://casustir.xyz/ebookmul/5/cc/main.js?1683583235
Domain
casustir.xyz
URL
https://casustir.xyz/shared/geo/en/card_mask.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

34 Cookies

Domain/Path Name / Value
alfamovs.ngopigeden.xyz/ Name: PHPSESSID
Value: 37438d9e0c12c7d4373e4ce03d92ba90
alfamovs.ngopigeden.xyz/ Name: HstCfa4626405
Value: 1683583231272
alfamovs.ngopigeden.xyz/ Name: HstCla4626405
Value: 1683583231272
alfamovs.ngopigeden.xyz/ Name: HstCmu4626405
Value: 1683583231272
alfamovs.ngopigeden.xyz/ Name: HstPn4626405
Value: 1
alfamovs.ngopigeden.xyz/ Name: HstPt4626405
Value: 1
alfamovs.ngopigeden.xyz/ Name: HstCnv4626405
Value: 1
alfamovs.ngopigeden.xyz/ Name: HstCns4626405
Value: 1
.ngopigeden.xyz/ Name: __dtsu
Value: 51A01683583232211BF13E30CD28EDB1
.ngopigeden.xyz/ Name: lotame_domain_check
Value: ngopigeden.xyz
www.5mno3.com/ Name: PAPAffiliateId
Value: 447fc4d7
www.5mno3.com/ Name: PAPVisitorId
Value: 6bfec9b766642a521d6819f7147538Qe
.dtscdn.com/ Name: uid
Value: 51A01683583232211BF13E30CD28EDB1
.onaudience.com/ Name: cookie
Value: 1e75f6fc248c1385
.onaudience.com/ Name: done_redirects147
Value: 1
.adsrvr.org/ Name: TDID
Value: 4f8cc916-161a-4408-b2c4-81c4ba452d30
.lijit.com/ Name: ljt_reader
Value: GnQIDSZHkdd1O3e3Qha8FSpf
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 2536bffd0c3aee5583bad94465d75865
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDI1NktKS0sxSDZOTE01NbUwTkpMsTQxMTNNMTe1MDNlAIKUyEJGEA0BXOePHmJm%2FCjL8J%2BRkWH3vssCMPaHhvtw9vPz6jDhti%2BWMObhxXNYYOx3SxDs9dcfG8DEf2ycAlfzDEk9ADyTNKc%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIiSxkBFIQwMzAwDUDzFzUCiIZH9YDSQBHvARd"
.ngopigeden.xyz/ Name: _cc_id
Value: 2536bffd0c3aee5583bad94465d75865
.ngopigeden.xyz/ Name: _cc_cc
Value: ACZ4XmNQMDI1NktKS0sxSDZOTE01NbUwTkpMsTQxMTNNMTe1MDNlAIKUyEJGEA0BXOePHmJm%2FCjL8J%2BRkWH3vssCMPaHhvtw9vPz6jDhti%2BWMObhxXNYYOx3SxDs9dcfG8DEf2ycAlfzDEk9ADyTNKc%3D
.ngopigeden.xyz/ Name: _cc_aud
Value: ABR4XmNgYGBIiSxkBFIQwMzAwDUDzFzUCiIZH9YDSQBHvARd
.ngopigeden.xyz/ Name: panoramaId_expiry
Value: 1684188033880
.ngopigeden.xyz/ Name: panoramaId
Value: dba465a14b4c5e7594fdf9b88a5116d5393800722326a421d91bb312897e052a
.ngopigeden.xyz/ Name: panoramaIdType
Value: panoIndiv
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 37108778-ED80-4B69-ADAE-BF9AD734C1FA
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjy7_GOzIboOxAFOAFaBmxvdGFtZWAC
go.tffkroute.com/ Name: afclick
Value: 6459710160a757000145d8fb
go.tffkroute.com/ Name: afoffers
Value: {"665":1683583233}
.tapad.com/ Name: TapAd_TS
Value: 1683583234020
.tapad.com/ Name: TapAd_DID
Value: a3932303-a281-4809-9aba-5beb9db498c0

1 Console Messages

Source Level URL
Text
network error URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
aa.agkn.com
alfamovs.ngopigeden.xyz
aorta.clickagy.com
ap.lijit.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
c1.adform.net
casustir.xyz
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect-metrics-collector.s-onetag.com
data-beacons.s-onetag.com
dmp.truoptik.com
e.dtscout.com
get.s-onetag.com
go.tffkroute.com
go.track-campaing.club
i6.liadm.com
image6.pubmatic.com
jdsyw33.com
loadus.exelator.com
match.adsrvr.org
onetag-geo.s-onetag.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
secure.adnxs.com
stags.bluekai.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
um.simpli.fi
ups.analytics.yahoo.com
www.5mno3.com
aorta.clickagy.com
casustir.xyz
cdnjs.cloudflare.com
connect-metrics-collector.s-onetag.com
i6.liadm.com
ps.eyeota.net
um.simpli.fi
103.229.206.240
104.17.215.204
104.254.150.241
104.69.166.9
106.10.236.147
13.224.250.21
13.224.250.85
13.228.126.19
13.251.52.23
13.33.33.31
13.33.88.11
141.94.171.214
149.56.240.127
15.197.193.217
18.155.68.56
185.84.60.20
209.191.163.209
23.106.127.53
2606:4700:20::681a:d3c
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
2606:4700:3031::6815:55d2
2606:4700:3031::ac43:c38a
2606:4700:3032::6815:4f89
2606:4700:3033::6815:29f1
2606:4700:3034::ac43:8c8b
2606:4700:e2::ac40:8d1f
2620:1ec:21::14
34.111.113.62
34.237.236.228
40.112.192.69
44.233.12.236
45.130.231.235
46.105.201.240
52.0.248.85
52.29.163.83
52.46.155.104
54.150.10.110
54.255.27.129
64.233.170.157
67.199.150.81
75.2.13.80
98.98.134.242
082b0f57ea6189beb31eb219d524fcf976533723b5f078e4abcc998bcf7f7b10
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3ff80ce7d9e90b50cff942c1757d79204148d12d7183022e96d7455baaea664c
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262
a7a5071b0da7b242b0ab0d99bdceaf13e4ef26045ecaf58e602e0489df797aed
dee45136c918374510c0aaf8e14a798493833c58df0e96e2c988f3ad4dde10ee