presentuser.uk.to Open in urlscan Pro
74.3.163.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://presentuser.uk.to/
Submission: On March 04 via automatic, source certstream-suspicious (March 4th 2023, 9:17:05 am UTC) — Scanned from CA

Summary HTTP 108 Redirects Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 47 domains to perform 108 HTTP transactions. The main IP is 74.3.163.156, located in Vancouver, Canada and belongs to SHAW, CA. The main domain is presentuser.uk.to.
TLS certificate: Issued by SSL.com RSA SSL subCA on March 4th 2023. Valid for: 3 months.

This is the only time presentuser.uk.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	74.3.163.156 74.3.163.156	6327 (SHAW) (SHAW)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:251... 2600:9000:2512:400:1d:4e86:6040:93a1	16509 (AMAZON-02) (AMAZON-02)
18 18	2a04:4e42::347 2a04:4e42::347	54113 (FASTLY) (FASTLY)
1	2600:9000:251... 2600:9000:2510:2400:3:eabd:d180:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2600:9000:25c... 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	149.56.240.27 149.56.240.27	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.164.124.123 18.164.124.123	16509 (AMAZON-02) (AMAZON-02)
3	18.119.77.66 18.119.77.66	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.83 172.64.151.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:d3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:abcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
9 9	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
3 3	54.175.87.114 54.175.87.114	14618 (AMAZON-AES) (AMAZON-AES)
4 9	23.205.6.178 23.205.6.178	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	13.225.223.106 13.225.223.106	16509 (AMAZON-02) (AMAZON-02)
4	104.126.116.66 104.126.116.66	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	13.224.214.83 13.224.214.83	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
4	3.23.123.16 3.23.123.16	16509 (AMAZON-02) (AMAZON-02)
2 3	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
4 10	3.234.8.37 3.234.8.37	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
3 3	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	104.18.35.34 104.18.35.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.54.69.176 52.54.69.176	14618 (AMAZON-AES) (AMAZON-AES)
5 6	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
6 7	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.229.155.93 3.229.155.93	14618 (AMAZON-AES) (AMAZON-AES)
2	52.206.196.140 52.206.196.140	14618 (AMAZON-AES) (AMAZON-AES)
1	23.3.112.166 23.3.112.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	72.251.238.254 72.251.238.254	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 4	54.156.61.9 54.156.61.9	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.39.49 13.226.39.49	16509 (AMAZON-02) (AMAZON-02)
2 3	52.6.131.58 52.6.131.58	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:baf3:573d:4b62:a404	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.233.108.47 34.233.108.47	14618 (AMAZON-AES) (AMAZON-AES)
13	100.25.82.195 100.25.82.195	14618 (AMAZON-AES) (AMAZON-AES)
1 2	199.187.193.202 199.187.193.202	47043 (SMARTADSE...) (SMARTADSERVER)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.16.111.154 104.16.111.154	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	34.216.233.123 34.216.233.123	16509 (AMAZON-02) (AMAZON-02)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.229.229.107 3.229.229.107	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.121.140.14 74.121.140.14	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	207.198.113.203 207.198.113.203	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	69.175.41.44 69.175.41.44	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
108	47

2 74.3.163.156 (Vancouver, Canada)

ASN6327 (SHAW, CA)

presentuser.uk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2512:400:1d:4e86:6040:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.filmelier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a04:4e42::347 (United States) 18 redirects

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2510:2400:3:eabd:d180:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.filmelier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.filmelier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.27 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.124.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-123.jfk50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.119.77.66 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-77-66.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:abcc (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.148.16 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.71.131.137 (United States) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.13.32.147 (Lockport, United States) 3 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.175.87.114 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.205.6.178 (Piscataway, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-6-178.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.223.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-106.jfk51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.126.116.66 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-116-66.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.214.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-83.phl50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.23.123.16 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-123-16.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.234.8.37 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-8-37.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.105.23 (Palos Park, United States) 3 redirects

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-tc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.54.69.176 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-69-176.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.181.211 (North Bergen, United States) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.111.113.62 (Kansas City, United States) 6 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.155.93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-155-93.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.196.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-196-140.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.3.112.166 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-112-166.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.238.254 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.156.61.9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-61-9.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-49.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.131.58 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-131-58.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:baf3:573d:4b62:a404 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:864e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.108.47 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-108-47.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 100.25.82.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-82-195.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.202 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.111.154 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.216.233.123 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-233-123.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.229.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-229-107.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.14 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.203 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::23 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.194.66.159 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.175.41.44 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.184 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858 sync.crwdcntrl.net — Cisco Umbrella Rank: 759	38 KB
19	filmelier.com static.filmelier.com www.filmelier.com — Cisco Umbrella Rank: 595546 media.filmelier.com	125 KB
18	statically.io 18 redirects cdn.statically.io — Cisco Umbrella Rank: 7631	2 KB
11	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 11985 t.sharethis.com — Cisco Umbrella Rank: 6467 sync.sharethis.com — Cisco Umbrella Rank: 2848	17 KB
10	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1027	6 KB
9	bluekai.com 4 redirects tags.bluekai.com — Cisco Umbrella Rank: 549 stags.bluekai.com — Cisco Umbrella Rank: 494	3 KB
9	adsrvr.org 9 redirects match.adsrvr.org — Cisco Umbrella Rank: 296	4 KB
7	tapad.com 6 redirects pixel.tapad.com — Cisco Umbrella Rank: 424	1 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 377 ib.adnxs.com — Cisco Umbrella Rank: 203	8 KB
6	yahoo.com 6 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 848 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	3 KB
5	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 589 ce.lijit.com — Cisco Umbrella Rank: 869 vpod1q.qa.lijit.com Failed	7 KB
5	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 202	1 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4085 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4939 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14884	15 KB
4	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 566 i6.liadm.com — Cisco Umbrella Rank: 2104	2 KB
4	33across.com 3 redirects dp2.33across.com — Cisco Umbrella Rank: 9547 cdn-tc.33across.com — Cisco Umbrella Rank: 18270 dp1.33across.com — Cisco Umbrella Rank: 8265	2 KB
4	onaudience.com 4 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2072	2 KB
3	demdex.net 3 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	3 KB
3	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1402 beacon.krxd.net — Cisco Umbrella Rank: 585	832 B
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 7507	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 342	1 KB
3	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1317	2 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 10365 ic.tynt.com — Cisco Umbrella Rank: 6189 de.tynt.com — Cisco Umbrella Rank: 1556	7 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 19308 t.dtscout.com — Cisco Umbrella Rank: 14901	5 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361	1 KB
2	turn.com 2 redirects d.turn.com — Cisco Umbrella Rank: 1192	856 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 591	639 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 596	966 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	552 B
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1273	1 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1313	743 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1710	548 B
2	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 22323	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 19547 s4.histats.com — Cisco Umbrella Rank: 16238	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	uk.to presentuser.uk.to	32 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 730	602 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 541	674 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	661 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 644	614 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 13280	544 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 2284	549 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 821	480 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1650
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 4365	16 KB
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 16541	596 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	829 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	44 KB
108	47

	Domain	Requested by
18	cdn.statically.io	18 redirects
17	media.filmelier.com	presentuser.uk.to
13	sync.crwdcntrl.net	bcp.crwdcntrl.net
10	ps.eyeota.net	4 redirects presentuser.uk.to bcp.crwdcntrl.net data-beacons.s-onetag.com
9	match.adsrvr.org	9 redirects
8	tags.bluekai.com	3 redirects presentuser.uk.to de.tynt.com tags.bkrtx.com bcp.crwdcntrl.net
7	pixel.tapad.com	6 redirects
6	secure.adnxs.com	5 redirects presentuser.uk.to
5	cm.g.doubleclick.net	3 redirects bcp.crwdcntrl.net
4	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
4	sync.sharethis.com	presentuser.uk.to
4	t.sharethis.com	pd.sharethis.com t.sharethis.com
4	pixel.onaudience.com	4 redirects
4	tags.crwdcntrl.net	e.dtscout.com cdn-tc.33across.com tags.crwdcntrl.net
3	dpm.demdex.net	3 redirects
3	i.liadm.com	2 redirects
3	ap.lijit.com	1 redirects presentuser.uk.to data-beacons.s-onetag.com
3	map.go.affec.tv	2 redirects presentuser.uk.to
3	idsync.rlcdn.com	2 redirects presentuser.uk.to
3	loadus.exelator.com	2 redirects bcp.crwdcntrl.net
3	ups.analytics.yahoo.com	3 redirects
3	cms.analytics.yahoo.com	3 redirects
3	pd.sharethis.com	e.dtscout.com presentuser.uk.to t.sharethis.com
3	get.s-onetag.com	e.dtscout.com get.s-onetag.com
2	ce.lijit.com
2	px.ads.linkedin.com	1 redirects
2	d.turn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync.smartadserver.com	1 redirects bcp.crwdcntrl.net
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	beacon.krxd.net	presentuser.uk.to bcp.crwdcntrl.net
2	dp2.33across.com	2 redirects
2	ml314.com	1 redirects presentuser.uk.to
2	a.dtssrv.com	e.dtscout.com
2	t.dtscout.com	e.dtscout.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	presentuser.uk.to	presentuser.uk.to
1	ib.adnxs.com	1 redirects
1	um.simpli.fi	1 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.mathtag.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	i6.liadm.com
1	api.intentiq.com	data-beacons.s-onetag.com
1	stags.bluekai.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	dp1.33across.com	1 redirects
1	usermatch.krxd.net	1 redirects
1	cdn-tc.33across.com	de.tynt.com
1	de.tynt.com	cdn.tynt.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	ic.tynt.com	presentuser.uk.to
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	e.dtscout.com
1	cdn.tynt.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	presentuser.uk.to
1	fonts.googleapis.com	presentuser.uk.to
1	www.filmelier.com	presentuser.uk.to
1	static.filmelier.com	presentuser.uk.to
1	www.googletagmanager.com	presentuser.uk.to
0	vpod1q.qa.lijit.com Failed	ap.lijit.com
108	68

This site contains no links.

Subject Issuer	Validity	Valid
presentuser.uk.to SSL.com RSA SSL subCA	`2023-03-04` - `2023-06-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.filmelier.com Amazon RSA 2048 M02	`2023-03-01` - `2023-10-16`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
histats.com R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.dtscout.com GTS CA 1P5	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
sharethis.com Amazon RSA 2048 M01	`2023-02-09` - `2023-07-20`	5 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.dtscdn.com GTS CA 1P5	`2023-01-24` - `2023-04-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-01` - `2023-07-01`	a year	crt.sh
cert1-prod.aut.a24365.net R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-17`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M01	`2023-02-28` - `2023-04-17`	2 months	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-11-04` - `2023-05-04`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://presentuser.uk.to/
Frame ID: AB1F54BA7F6A8737B1A96A2B173D630E
Requests: 63 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401677921418F09BF6A888F75F6704
Frame ID: 66C8876A7A4B361D01370D726B11B234
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
Frame ID: 335445F2FCF0B42823EEE7A297040F1F
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1120.23353/a/CA/t_.js?cid=c010&cls=C
Frame ID: 516B6F5FDC0FC717D0C53F1EAD247975
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: CE2438E93D4AC432B0C0BEB975FB1748
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212114271902057&ret=html&random=1677921419
Frame ID: 01325CA229862D8045E030C7647A5276
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: F7F7E57ED829B53BBC780F2A2F84DC90
Requests: 3 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=
Frame ID: C608407E8D16972CA540E3068748668B
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38471
Frame ID: 6017C26078537AF974449B4A62E8E86E
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 6FE4ACA6B384F17BFF80C335F8E0B655
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Frame ID: E43AB08C279B6C959EEE128879AA1EB2
Requests: 24 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 8AF96257ABBA435721834317AE1B1C68
Requests: 2 HTTP requests in this frame

Frame: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=
Frame ID: 30720C47BC764B0B39A87E8177502B95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Choose movies to watch on streamings | Filmelier

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

108
Requests

49 %
HTTPS

22 %
IPv6

47
Domains

68
Subdomains

47
IPs

4
Countries

345 kB
Transfer

676 kB
Size

96
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.statically.io/img/www.filmelier.com/images/svg/star_border.svg HTTP 301
https://www.filmelier.com/images/svg/star_border.svg

Request Chain 3

https://cdn.statically.io/img/media.filmelier.com/images/ingressos/icone/04961261b43b7557c0ebb8aeeaff3acc.png HTTP 301
https://media.filmelier.com/images/ingressos/icone/04961261b43b7557c0ebb8aeeaff3acc.png

Request Chain 4

https://cdn.statically.io/img/media.filmelier.com/tit/khUKz7/poster/creed-iii_UzhpP6w.jpeg HTTP 301
https://media.filmelier.com/tit/khUKz7/poster/creed-iii_UzhpP6w.jpeg

Request Chain 5

https://cdn.statically.io/img/media.filmelier.com/tit/lUl7ms/poster/ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg HTTP 301
https://media.filmelier.com/tit/lUl7ms/poster/ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg

Request Chain 6

https://cdn.statically.io/img/media.filmelier.com/tit/uQEiLh/poster/avatar-the-way-of-water_vp-KVv0.jpeg HTTP 301
https://media.filmelier.com/tit/uQEiLh/poster/avatar-the-way-of-water_vp-KVv0.jpeg

Request Chain 7

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/057c3fff7dbc3a0eaa00538f71dce850.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/057c3fff7dbc3a0eaa00538f71dce850.png

Request Chain 8

https://cdn.statically.io/img/media.filmelier.com/tit/PMQjJm/poster/all-quiet-on-the-western-front_auRWdt0.jpeg HTTP 301
https://media.filmelier.com/tit/PMQjJm/poster/all-quiet-on-the-western-front_auRWdt0.jpeg

Request Chain 9

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/365599cc6c68bb404af36411d40a866c.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/365599cc6c68bb404af36411d40a866c.png

Request Chain 10

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/3c2240ab8a1197cc1f97daaa70958eba.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/3c2240ab8a1197cc1f97daaa70958eba.png

Request Chain 11

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/143db9a043c4910c79fc82a5dc5cde3a.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/143db9a043c4910c79fc82a5dc5cde3a.png

Request Chain 12

https://cdn.statically.io/img/media.filmelier.com/tit/UPOM48/poster/everything-everywhere-all-at-once_rqh7rpU.jpeg HTTP 301
https://media.filmelier.com/tit/UPOM48/poster/everything-everywhere-all-at-once_rqh7rpU.jpeg

Request Chain 13

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/c62e499ccd0bd4565fa200f551dc7a59.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/c62e499ccd0bd4565fa200f551dc7a59.png

Request Chain 14

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/65f84b0900ac6bc5f93a7041ace60490.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/65f84b0900ac6bc5f93a7041ace60490.png

Request Chain 15

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/64c40c65322125bc7f3001b0d72aac61.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/64c40c65322125bc7f3001b0d72aac61.png

Request Chain 16

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/10d4791f6c7a6b55a513eb06bc38d056.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/10d4791f6c7a6b55a513eb06bc38d056.png

Request Chain 17

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/fae1284401468df37404e0b7aa1de3a6.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/fae1284401468df37404e0b7aa1de3a6.png

Request Chain 18

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/a3f4a6e70112909c3e59630277239f4c.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/a3f4a6e70112909c3e59630277239f4c.png

Request Chain 19

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/19428f67c1b0b6434d52210c7b785ea4.png HTTP 301
https://media.filmelier.com/images/plataformas/icone_mobile/19428f67c1b0b6434d52210c7b785ea4.png

Request Chain 35

https://pixel.onaudience.com/?partner=137085098&mapped=10401677921418F09BF6A888F75F6704 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-EfIPGydE2pTBYats6G.uC.0IRm4Qz1X4Jw--~A&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=a9a21421f53d29fe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=cTFIQ0Jod005OTlyT3lCQQ%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJIJeVt_WhFTqOucHRoOBvM&google_cver=1

Request Chain 45

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=

Request Chain 46

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
https://sync.sharethis.com/nlsn?uid=898e4707917cf35f463c5b1bfb3149a1

Request Chain 47

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=21R7qz6YeLBsAHYU5T1KU7rk4BPu_f5pNFwFuSn3RkA8&gdpr=0&gdpr_consent=

Request Chain 48

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQADGQDDIsAAAAIagciAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3634013441745747989 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzNDAxMzQ0MTc0NTc0Nzk4ORAAGg0Ii5mMoAYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=c0b26642cc42b5bfb3247c2008b0ea70878e467cd4cd01d7c7a02f2122a782eef4cb09cee1a4f8eb&person_id=3634013441745747989&eid=50082

Request Chain 49

https://tags.bluekai.com/site/59574?id=ZGQADGQDDIsAAAAIagciAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 50

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1677921419402.4 HTTP 302
https://tags.bluekai.com/site/27519?id=212114271902057&ret=html&random=1677921419

Request Chain 52

https://map.go.affec.tv/map/3a/?pid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&ts=1677921419402.1 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D64030c8b4e18270001bf23a4%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D64030c8b4e18270001bf23a4%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%2526redirect_url%253D HTTP 302
https://map.go.affec.tv/map/an/4996230101624092723?ch=64030c8b4e18270001bf23a4&chc=tt&gdpr=&gdpr_consent=&redirect_url= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=64030c8b4e18270001bf23a4&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url= HTTP 302
https://map.go.affec.tv/map/ttd/43d9f61e-e1e5-4f12-bf34-abd0ca422c66?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 53

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&random=1677921419402.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&random=1677921419402.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&ttd_puid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 54

https://dp2.33across.com/ps/?pid=1205&rand=1677921419402.3 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212114271054159

Request Chain 55

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&33random=1677921419402.5&cat=33across HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&33random=1677921419402.5&cat=33across HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFONkh5T3RjTmI0akFUNlpQa3J3cXpKMklVS0hDVjJfMk5OMFNrVGRadEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnFONkh5T3RjTmI0akFUNlpQa3J3cXpKMklVS0hDVjJfMk5OMFNrVGRadEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHVLmrhULeRphPAwoTNqX2g&google_cver=1

Request Chain 56

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&random=1677921419402.7&pu=https%3A%2F%2Fpresentuser.uk.to%2F HTTP 302
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212114271004796&seg_code=33x&random=1677921419 HTTP 307
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212114271004796%26seg_code%3D33x%26random%3D1677921419

Request Chain 58

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 59

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGQADGQDDIsAAAAIagciAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1120.23353%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1120.23353%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=87983356 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=

Request Chain 67

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rnd=66806 HTTP 303
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rnd=66806&_li_chk=true&previous_uuid=92d06e4a8769476f87d247e54b610c6e HTTP 303
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=66806&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ

Request Chain 69

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=34aa4e40ed9f3f62ceb49063f6cf2521 HTTP 307
https://cm.mgid.com/m?c=34aa4e40ed9f3f62ceb49063f6cf2521&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 70

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=68c9ac05-2c76-4568-8915-b2f063b4974c&gdpr=0

Request Chain 71

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

Request Chain 72

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBE2AA3F-DB90-4D8E-845E-C41280CC3B95&gdpr=0

Request Chain 73

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66/gdpr=0/gdpr_consent=

Request Chain 74

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8b4b6b61-0497-4a1f-aed0-4cb50d510f64%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D8b4b6b61-0497-4a1f-aed0-4cb50d510f64%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8547619048978178239&pt=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2C HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64

Request Chain 75

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=43d4442d68784e70acbda482ac2fc146

Request Chain 77

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30034998202391105553334567787131214803/gdpr=0

Request Chain 80

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-804d129f-8b75-4d1c-416e-074603549260$ip$149.56.153.180&gdpr=0&gdpr_consent=

Request Chain 82

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-DltWn3ZE2pxDnN1jBg_NKnKEqBTZBrVfT2s-~A&gdpr=0

Request Chain 83

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=69366403-0c8d-4e00-888f-89f3a7fd5e22&src=lot&gdpr=0

Request Chain 84

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=07c32014-7569-4837-ae6f-6eca0a6db232-64030c8d-4341/gdpr=0

Request Chain 86

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZAMMjQALh-S8eAA_ HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZAMMjQALh-S8eAA_/gdpr=0&_test=ZAMMjQALh-S8eAA_

Request Chain 90

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/34aa4e40ed9f3f62ceb49063f6cf2521/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2896301705357113380/gdpr=0

Request Chain 91

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=149216305 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8547619048978178239/gdpr=0/rand=149216305

Request Chain 92

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rand=34498&pu= HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rand=34498&pu=&expected_cookie=c156bcdd-acff-451b-9ae6-e8906a5b58e5

Request Chain 93

https://um.simpli.fi/lj_match?r=68586 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=708B1D43D36043C289B8127389049EFA

Request Chain 98

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GQNsZSZHOYUKcZxrQrGnw2hJ/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=34aa4e40ed9f3f62ceb49063f6cf2521

Request Chain 100

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&bid=1e2n4ou

Request Chain 101

https://tags.bluekai.com/site/29539?limit=1&id=2MeC9iAscPxOavrNRjHg9EAUAIBKwH5bw_zhgldY_fNQ HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI HTTP 302
https://tags.bluekai.com/site/19505?id=y-PnYcTLZE2pIoAdSMwtS7kGD.TnR1kUsb.II-~A

Request Chain 102

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=23PIJ5390ahjYRjqvb4WOnSN-Rv2JeyWWRM288NHf7u0 HTTP 302
https://dpm.demdex.net/ibs:dpid=540&dpuuid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D8b4b6b61-0497-4a1f-aed0-4cb50d510f64%252C%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=30034998202391105553334567787131214803&pt=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2C%2C

Request Chain 103

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2896301705357113380&newuser=1&referrer_pid=51md42u

Request Chain 104

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=8547619048978178239&bid=2cr76e1&referrer_pid=51md42u

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
presentuser.uk.to/ 79 KB
12 KB 585ms
146ms Document
text/html 74.3.163.156
SHAW

General

Check archive.org

Show headers Download Go to

Full URL: https://presentuser.uk.to/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.3.163.156 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 39619a5cc29d050dc2d8aea88dde90ed501181ab0ae10ec3f27e49cee001eace

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 11757
Content-Type: text/html; charset=UTF-8
Date: Sat, 04 Mar 2023 09:16:58 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 91ms
42ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237442725-1

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76fd346c2358259916fa366bf9c1781fa94829c5ee666945ace7f990d7977dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44745
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Mar 2023 09:16:58 GMT

GET
H2 200 logo-filmelier.webp
static.filmelier.com/dist/images/ 2 KB
2 KB 97ms
20ms Image
image/webp 2600:9000:2512:400:1d:4e86:6040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.filmelier.com/dist/images/logo-filmelier.webp?v=1.37.0
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2512:400:1d:4e86:6040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 17e4acd1ed6037500fff30a11e1bf6686195563e353709e33f59acdc28c7c446

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Thu, 02 Mar 2023 19:12:12 GMT
via: 1.1 ad2d59fb6f7c4118dea14b5b7a9a1658.cloudfront.net (CloudFront)
last-modified: Thu, 02 Mar 2023 19:04:59 GMT
server: nginx
x-amz-cf-pop: JFK50-P7
age: 137086
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1694
x-amz-cf-id: n5f9tT6riF1xYvk0jeF8T2ZgXA7JeNKb8NCVYPtDMYFxXLSiI_YIUA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

star_border.svg
www.filmelier.com/images/svg/
Redirect Chain

https://cdn.statically.io/img/www.filmelier.com/images/svg/star_border.svg
https://www.filmelier.com/images/svg/star_border.svg

349 B
630 B

92ms
18ms

Image
image/svg+xml

2600:9000:2510:2400:3:eabd:d180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.filmelier.com/images/svg/star_border.svg
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:2510:2400:3:eabd:d180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 57624503de135d6d3af8c9d813dc2f901ea779c29a8d537b241f3ee11bd69fdc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 12:56:27 GMT
content-encoding: gzip
via: 1.1 cfc46590021b7df312893ffb67317bb2.cloudfront.net (CloudFront)
last-modified: Tue, 28 Feb 2023 20:58:33 GMT
server: nginx
x-amz-cf-pop: JFK50-P5
age: 159631
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
x-amz-cf-id: 4EW0JGUKlk5NxwOjle8BdKDHDzkmqXzDiX9f3I4zKBk8FTTRSfcC2A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://www.filmelier.com/images/svg/star_border.svg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

04961261b43b7557c0ebb8aeeaff3acc.png
media.filmelier.com/images/ingressos/icone/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/ingressos/icone/04961261b43b7557c0ebb8aeeaff3acc.png
https://media.filmelier.com/images/ingressos/icone/04961261b43b7557c0ebb8aeeaff3acc.png

6 KB
6 KB

279ms
81ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/ingressos/icone/04961261b43b7557c0ebb8aeeaff3acc.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 75dcd6173f42a1d17502f2a3df023ad268356634afac34df3a545ffdccf84505

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Mar 2023 16:43:35 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Feb 2023 19:40:59 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 59603
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 5988
x-amz-cf-id: R5EMGoQmHoXsRmAQ7WhJGe8hYAeGCx893HoNoryR5pyFH173txFsxA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/ingressos/icone/04961261b43b7557c0ebb8aeeaff3acc.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

creed-iii_UzhpP6w.jpeg
media.filmelier.com/tit/khUKz7/poster/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/tit/khUKz7/poster/creed-iii_UzhpP6w.jpeg
https://media.filmelier.com/tit/khUKz7/poster/creed-iii_UzhpP6w.jpeg

17 KB
17 KB

296ms
100ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/tit/khUKz7/poster/creed-iii_UzhpP6w.jpeg
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98ad728b38982939b92c04b688542295454671415641c7820864751525ab366b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 05:04:38 GMT
x-amz-version-id: fLi494MWbojtX1DPeq8q9iMCaW1mlQ2Y
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 360741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16911
last-modified: Tue, 28 Feb 2023 01:07:02 GMT
server: AmazonS3
etag: "7e0ff5a181190c10b63976d7bcaf622b"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hkzPQwEHvJMrYAkfD9VheCrareHO-KYD5Jtztvpf4fUOaQaZ5v4mCg==

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/tit/khUKz7/poster/creed-iii_UzhpP6w.jpeg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg
media.filmelier.com/tit/lUl7ms/poster/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/tit/lUl7ms/poster/ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg
https://media.filmelier.com/tit/lUl7ms/poster/ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg

15 KB
16 KB

353ms
156ms

Image
image/jpeg

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/tit/lUl7ms/poster/ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56e01303d7a77f61dd930688c403fba6a5854b84e03459e81439044549679b53

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 15:40:29 GMT
x-amz-version-id: xwTlXZQ_6Fs74R75VoxVnB.HilsGcRDl
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Mon, 09 Jan 2023 22:18:08 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 3692190
etag: "ad05ebca81670ed90b369ebb37954f29"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 15546
x-amz-cf-id: 1CTkCTQk5fin697KKVMWiGstcTXKzJQTDcBuufUV84Z--nUFM2SErQ==

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/tit/lUl7ms/poster/ant-man-and-the-wasp-quantumania_OlKU93Q.jpeg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

avatar-the-way-of-water_vp-KVv0.jpeg
media.filmelier.com/tit/uQEiLh/poster/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/tit/uQEiLh/poster/avatar-the-way-of-water_vp-KVv0.jpeg
https://media.filmelier.com/tit/uQEiLh/poster/avatar-the-way-of-water_vp-KVv0.jpeg

15 KB
15 KB

372ms
176ms

Image
image/jpeg

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/tit/uQEiLh/poster/avatar-the-way-of-water_vp-KVv0.jpeg
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2179eb03ad633905534d94cf02338c8ceb66a2399973fe4894f73eece8dd668d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:54:09 GMT
x-amz-version-id: 6nd_4J8ZBR_heGJQMtamWVoeSqgtv72p
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 02 Dec 2022 23:21:08 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 307370
etag: "47917555ae3a280cb935c4723114dec7"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 15180
x-amz-cf-id: unAXlgfF4Zw0ITLAhfot0_UqoXyPgmX6R0nB5ssxdy2TvN1FHoMhIA==

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/tit/uQEiLh/poster/avatar-the-way-of-water_vp-KVv0.jpeg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

057c3fff7dbc3a0eaa00538f71dce850.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/057c3fff7dbc3a0eaa00538f71dce850.png
https://media.filmelier.com/images/plataformas/icone_mobile/057c3fff7dbc3a0eaa00538f71dce850.png

934 B
1 KB

282ms
85ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/057c3fff7dbc3a0eaa00538f71dce850.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 62be90715761df3f3aa53ade2648924e670f674a4ef0188c754c16ad3ba9b857

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Thu, 12 Jan 2023 11:36:01 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:45 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 4398056
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 934
x-amz-cf-id: vefog7HfxjkIiohJSYu43ddoufXjkjkFfOfoPMLHmkAsiBinVdJypg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/057c3fff7dbc3a0eaa00538f71dce850.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

all-quiet-on-the-western-front_auRWdt0.jpeg
media.filmelier.com/tit/PMQjJm/poster/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/tit/PMQjJm/poster/all-quiet-on-the-western-front_auRWdt0.jpeg
https://media.filmelier.com/tit/PMQjJm/poster/all-quiet-on-the-western-front_auRWdt0.jpeg

23 KB
24 KB

354ms
189ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/tit/PMQjJm/poster/all-quiet-on-the-western-front_auRWdt0.jpeg
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13c87cbf550d997925c9e9314abc362e57f0f8307a3cf5a6a992539b75fa2e10

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 09:45:45 GMT
x-amz-version-id: GOxIqaKqC99lyPyeLrRkNa9nNVZzp3RP
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-pop: PHL51-P1
age: 257475
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 23710
last-modified: Thu, 27 Oct 2022 15:54:42 GMT
server: AmazonS3
etag: "5e1fb5363f643eb771326daefaf9b242"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XUwPSTBPCH6zqlAokTG_nxqq3-3mR4tH09494C33EXpXwX4mxVd6DQ==

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/tit/PMQjJm/poster/all-quiet-on-the-western-front_auRWdt0.jpeg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

365599cc6c68bb404af36411d40a866c.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/365599cc6c68bb404af36411d40a866c.png
https://media.filmelier.com/images/plataformas/icone_mobile/365599cc6c68bb404af36411d40a866c.png

636 B
1019 B

365ms
199ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/365599cc6c68bb404af36411d40a866c.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5780e1b3684423207df8fd0d69ccc4aa6f6938c6aa314a6ddf7423b1797f4d78

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Dec 2022 07:28:37 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:49 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5622502
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 636
x-amz-cf-id: NAQLQDFPVJQuoSWy-qcjq84l8eHrNeCZEFXGMPAACnG11newAUSUSQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/365599cc6c68bb404af36411d40a866c.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

3c2240ab8a1197cc1f97daaa70958eba.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/3c2240ab8a1197cc1f97daaa70958eba.png
https://media.filmelier.com/images/plataformas/icone_mobile/3c2240ab8a1197cc1f97daaa70958eba.png

2 KB
2 KB

254ms
88ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/3c2240ab8a1197cc1f97daaa70958eba.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ec98ec2d803c80774159820877455919a7961b1d39ebee213c076f618b2e739

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Feb 2023 18:28:25 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 18:28:03 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 2472513
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1623
x-amz-cf-id: -61Wa7d5XYCW2N_ll1lVtqabHPVL0Iq9-tDIjixWDywkd0HKgOhMuw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/3c2240ab8a1197cc1f97daaa70958eba.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

143db9a043c4910c79fc82a5dc5cde3a.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/143db9a043c4910c79fc82a5dc5cde3a.png
https://media.filmelier.com/images/plataformas/icone_mobile/143db9a043c4910c79fc82a5dc5cde3a.png

1 KB
2 KB

363ms
198ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/143db9a043c4910c79fc82a5dc5cde3a.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1be6c87a4b0c8f874d58e836a5697a84f06d63282dd6173dd80244c372687357

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Sun, 01 Jan 2023 16:32:28 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:47 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5330671
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1274
x-amz-cf-id: Vrk54hPFl72FCxRXOp59AOojPb7PLjew9JOH7LRuLPJQtVjc_IG3lg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/143db9a043c4910c79fc82a5dc5cde3a.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

everything-everywhere-all-at-once_rqh7rpU.jpeg
media.filmelier.com/tit/UPOM48/poster/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/tit/UPOM48/poster/everything-everywhere-all-at-once_rqh7rpU.jpeg
https://media.filmelier.com/tit/UPOM48/poster/everything-everywhere-all-at-once_rqh7rpU.jpeg

28 KB
29 KB

407ms
242ms

Image
image/jpeg

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/tit/UPOM48/poster/everything-everywhere-all-at-once_rqh7rpU.jpeg
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24b901c57653533d5f8a6ebe28ad9ee3a2ed4d30814bbdccb6c7a892ad598760

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:25:33 GMT
x-amz-version-id: gj8yZW3aRjE9iF1Jh1wgYkuyIPqgH3cO
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Sat, 11 Jun 2022 15:51:28 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 417087
etag: "c4284436cea23ea6452b9d6581fc56b6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31536000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 29036
x-amz-cf-id: B9Hh61M9TraYswPapONZtBOXaYaUPH0BYmOK41VxMVjVFArxjwPSkA==

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/tit/UPOM48/poster/everything-everywhere-all-at-once_rqh7rpU.jpeg
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

c62e499ccd0bd4565fa200f551dc7a59.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/c62e499ccd0bd4565fa200f551dc7a59.png
https://media.filmelier.com/images/plataformas/icone_mobile/c62e499ccd0bd4565fa200f551dc7a59.png

2 KB
2 KB

367ms
202ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/c62e499ccd0bd4565fa200f551dc7a59.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ec98ec2d803c80774159820877455919a7961b1d39ebee213c076f618b2e739

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Fri, 03 Feb 2023 18:42:55 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 03 Feb 2023 18:30:51 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 2471644
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1623
x-amz-cf-id: 4xDQrwDLO5oo5fVshVAFHAIroIRqoeb3FtJsINUhj4YLwoYFpS9P-A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/c62e499ccd0bd4565fa200f551dc7a59.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

65f84b0900ac6bc5f93a7041ace60490.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/65f84b0900ac6bc5f93a7041ace60490.png
https://media.filmelier.com/images/plataformas/icone_mobile/65f84b0900ac6bc5f93a7041ace60490.png

2 KB
2 KB

367ms
202ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/65f84b0900ac6bc5f93a7041ace60490.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 16b37f0c6442287359df99c57542f29975c2b4f1bb41af87586e9a3bb135645c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Sun, 25 Dec 2022 13:21:21 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:46 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5946938
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1593
x-amz-cf-id: MK3wUYDTMaYkaTUsAT0EpeVcwg_PQPGKAadFkdNMq84Pujr1YK6kGg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/65f84b0900ac6bc5f93a7041ace60490.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

64c40c65322125bc7f3001b0d72aac61.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/64c40c65322125bc7f3001b0d72aac61.png
https://media.filmelier.com/images/plataformas/icone_mobile/64c40c65322125bc7f3001b0d72aac61.png

2 KB
2 KB

265ms
100ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/64c40c65322125bc7f3001b0d72aac61.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 70f32536594af33267a15c096fe8fd9d0b9b60e2f3eb7129b54ac84ca8bfa4de

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Mon, 09 Jan 2023 11:33:01 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:46 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 4657437
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1687
x-amz-cf-id: EAPIM0INX6iQLgHzFdOFehgVORNR79IB7mqQjenDv5A7HlR0eF1joA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/64c40c65322125bc7f3001b0d72aac61.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

10d4791f6c7a6b55a513eb06bc38d056.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/10d4791f6c7a6b55a513eb06bc38d056.png
https://media.filmelier.com/images/plataformas/icone_mobile/10d4791f6c7a6b55a513eb06bc38d056.png

1 KB
1 KB

368ms
203ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/10d4791f6c7a6b55a513eb06bc38d056.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cdb6bf77769ce21e2078af3d5d7a5cd1e5409299d0d49b2964fadbdfe2637af5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Wed, 04 Jan 2023 23:44:04 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:44 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5045575
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 1097
x-amz-cf-id: irt05RUwy-Xue3TVfmcp8YAl7kGovhQ8_F1fgt77RCci3-gnlcUggA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/10d4791f6c7a6b55a513eb06bc38d056.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

fae1284401468df37404e0b7aa1de3a6.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/fae1284401468df37404e0b7aa1de3a6.png
https://media.filmelier.com/images/plataformas/icone_mobile/fae1284401468df37404e0b7aa1de3a6.png

699 B
1 KB

367ms
201ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/fae1284401468df37404e0b7aa1de3a6.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 251ae267da628657d45ad143738fc83d4bd27dd1e8d694ebe6a74b3230de970e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Thu, 29 Dec 2022 21:11:41 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:54 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5573118
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 699
x-amz-cf-id: Ivrp_HMw_PHsuS8ezOerambAl_kjXMpJdXRScpoREWhs9cxLAKyN7w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/fae1284401468df37404e0b7aa1de3a6.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

a3f4a6e70112909c3e59630277239f4c.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/a3f4a6e70112909c3e59630277239f4c.png
https://media.filmelier.com/images/plataformas/icone_mobile/a3f4a6e70112909c3e59630277239f4c.png

453 B
844 B

250ms
84ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/a3f4a6e70112909c3e59630277239f4c.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 471301b6f762bbd35bf091d6ba9136566e7fed82a516ffbd64d78c7aeacf9892

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Dec 2022 13:57:07 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:50 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5685591
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 453
x-amz-cf-id: Ii-5_AF4hmhNfyNaqQtep8h9RNQyMmFJs0aNdXf_v4m5w25mMeQRAg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/a3f4a6e70112909c3e59630277239f4c.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H2

200

19428f67c1b0b6434d52210c7b785ea4.png
media.filmelier.com/images/plataformas/icone_mobile/
Redirect Chain

https://cdn.statically.io/img/media.filmelier.com/images/plataformas/icone_mobile/19428f67c1b0b6434d52210c7b785ea4.png
https://media.filmelier.com/images/plataformas/icone_mobile/19428f67c1b0b6434d52210c7b785ea4.png

672 B
1 KB

363ms
197ms

Image
image/png

2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.filmelier.com/images/plataformas/icone_mobile/19428f67c1b0b6434d52210c7b785ea4.png
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 2600:9000:25c8:a400:1c:ea8b:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d9ff37f82cabece717d70f2251c92f5837b5796ef3d91e669d1f727a05dab0bc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Sun, 25 Dec 2022 02:34:51 GMT
via: 1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Sep 2022 22:05:48 GMT
server: nginx
x-amz-cf-pop: PHL51-P1
age: 5985728
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=315360000, public, max-age=31536000
accept-ranges: bytes
content-length: 672
x-amz-cf-id: PY6EtSLTn_GaDdK9S9aSSP1DQVPpCsnRP_MqJ3_44yEEMFJOzhIf8A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://media.filmelier.com/images/plataformas/icone_mobile/19428f67c1b0b6434d52210c7b785ea4.png
access-control-expose-headers: *
cache-control: public, max-age=5
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30
x-served-by: cache-yul12820-YUL

GET
H/1.1 200
OK icons.svg
presentuser.uk.to/images/svg/ 60 KB
21 KB 1885ms
1850ms Other
text/html 74.3.163.156
SHAW

General

Check archive.org

Show headers Download Go to

Full URL: https://presentuser.uk.to/images/svg/icons.svg?v=1.37.0
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 74.3.163.156 Vancouver, Canada, ASN6327 (SHAW, CA),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3c82eceddb9cc7cb5f9ad4daeb0a5a44cf67886ae06e8442f50ea69fcb83f031

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:58 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 20972

GET
H2 200 css
fonts.googleapis.com/ 1003 B
829 B 83ms
36ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Mar 2023 09:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 07:39:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Mar 2023 09:16:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
19ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237442725-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 04 Mar 2023 08:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1774
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 04 Mar 2023 10:47:24 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 74ms
10ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:08:46 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
etag: "-375139978"
content-type: text/javascript
x-cdn-pop: bhs
accept-ranges: bytes
content-length: 4364
x-request-id: 709722510

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 34ms
32ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=640716834&t=pageview&_s=1&dl=https%3A%2F%2Fpresentuser.uk.to%2F&ul=en-us&de=UTF-8&dt=Choose%20movies%20to%20watch%20on%20streamings%20%7C%20Filmelier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=875838039&gjid=2046911951&cid=45238730.1677921419&tid=UA-237442725-1&_gid=901752169.1677921419&_r=1&gtm=457e3310&z=51381836

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://presentuser.uk.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://presentuser.uk.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 381 B
516 B 51ms
10ms Script
text/html 149.56.240.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4588550&@f16&@g1&@h1&@i1&@j1677921418823&@k0&@l1&@mChoose%20movies%20to%20watch%20on%20streamings%20%7C%20Filmelier&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-78952712&@b3:1677921419&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpresentuser.uk.to%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534106.ip-149-56-240.net
Software: /
Resource Hash: 12fff1c2e46bc4a9510946e2678b447f18ae57b63b8be303c50df33ed8287285

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:58 GMT
Connection: close
Content-Length: 381
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
e.dtscout.com/e/ 8 KB
4 KB 90ms
42ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4588550&@f16&@g1&@h1&@i1&@j1677921418823&@k0&@l1&@mChoose%20movies%20to%20watch%20on%20streamings%20%7C%20Filmelier&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-78952712&@b3:1677921419&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpresentuser.uk.to%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c2b46b827a82cf364a4aa881f75cbd4ffa563f630b6252a3fc9dac4b6f71fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:58 GMT
x-t: 0.783
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2nFISgOi2%2F4EOKK8AqQR63MBnt8wZoEJMhvLQVFBJiYOCWTY7gzzkAxu9Yel8nj%2FYEpY%2FlHZ1gtrwaLnEjsTgvmAevuTqrQ7bpEWH2vkvYsnKWrHx%2BOVsi6uDzYWNw9hkjStgaOhXCx%2FaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 7a29060469858ce3-EWR
expires: Sat, 04 Mar 2023 09:16:57 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 66C8 1 KB
784 B 53ms
41ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401677921418F09BF6A888F75F6704
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60deac65803fecd741348dd8102a363ea486e551e9af2e09893885036067938b

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a290604d9de8ce3-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 04 Mar 2023 09:16:59 GMT
expires: Sat, 04 Mar 2023 09:16:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEEHW2ly%2FaLgT3x6o3QTZiIq5skCLjRojJ3CgfsrxgYaseDRQlEIxD2NKMlxLOgCkOfZKA%2F0SYmiS1yln4arhVJs0%2FMqh%2B7a9R0EySkQClkqgbPx8pbDxIKUlJcJ4C3Rp%2BDmrSMiIol9pSM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 93ms
21ms Script
text/javascript 18.164.124.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-123.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 11:00:36 GMT
x-amz-version-id: Cbjpq7uzlYJGW75uYJ0hJ2.4T0hYLuBY
content-encoding: gzip
last-modified: Tue, 28 Feb 2023 11:00:34 GMT
server: AmazonS3
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P7
etag: W/"da6f9d421ee18b85a6159832b88d2387"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 80184
x-amz-cf-id: DdyfsEvwECmq4c2zHhkE_z6mPYxwxqM4LlnE4oVAJsf8iOithjmEEw==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 162ms
35ms Script
application/javascript 18.119.77.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.77.66 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-77-66.us-east-2.compute.amazonaws.com

Software

Resource Hash

b350103fd2d0fcc3d5d092093a98fb06cc4a88c7ebd66b2e66abd2e795808a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2273
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 11 KB
4 KB 96ms
33ms Script
application/javascript 172.64.151.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b846c4b264ad13b786802e2499269abfac72809ca9dbe23907a88f624f5eb9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 20:39:09 GMT
server: cloudflare
age: 58979
etag: W/"63bdcced-2a6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7a2906052828542b-YYZ
expires: Tue, 07 Mar 2023 09:16:59 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
340 B 50ms
44ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=presentuser.uk.to&_ss=1mhx7ruhql&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=1g1f&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 597ff16840cb51919d0d67f71bf9e28cd90c484bcd405462cb24b2e05dd6d4da

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
x-t: 0.2
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l89Io4zSbF9q%2B3iqe%2F6wmoNSqzbAwDdrjKXXQ9HcuICuLLrKY6XwcJVqkFPmUEf8LLotVnjhWcrjLpMLg1OvzuzAwU0LYUAATI3U3OnpN2t1CwoNZrX0nqSXgDkNNgc0e8HoiP1cMX7Vp%2B8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a290604d9df8ce3-EWR
expires: Sat, 04 Mar 2023 09:16:58 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 52 KB
16 KB 70ms
21ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 11:20:13 GMT
content-encoding: gzip
via: 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 79007
x-amz-server-side-encryption: AES256
etag: W/"d92273856cbc8d3aad0c2259f9be9a68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 4fu8-tEeHfZlNKZyEL289_mPymqlCKr1fBwJ7-OT7QnpVL8Wegg_SQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
596 B 103ms
53ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401677921418F09BF6A888F75F6704&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fpresentuser.uk.to%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
x-t: 1.86
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ol4Jq%2Bipc1sOG9T6I4vuKA5iwqo1DsO50gxHHO4tdS%2Frsf5U9SHcgu%2BRB8bbO4rqW83bLvq6LRLsXFIKRWUq74nYfVtcZ63eg2UhIcEAPPrl4wbjyBKSJ5BjuKfqQukcyAyJxVIu77IvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 7a290605aa51a1e6-YYZ
expires: Sat, 04 Mar 2023 09:21:47 GMT

GET
H2 200 e Show response
a.dtssrv.com/ 21 B
591 B 98ms
36ms XHR
application/json 2606:4700:3037::ac43:abcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/e?i=10401677921418F09BF6A888F75F6704
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:abcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f649c04d2211f4b8e05cbeaee52cdb49f771a34f80be4c7d68959791504298

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: cache
date: Sat, 04 Mar 2023 09:16:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoJk4M0JU0mosF7O%2FPVLZJL0tOf08UNhQVbQ4MvHDvf6CeFH9GAOfJx6%2FXLcb6bKO7wA3t6piU70UujRndoGZBonZe9waQariwtDpUkJb0fMJjYy3k0w737KQjB%2F3Y%2FNjezRXF803ZBWIIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://presentuser.uk.to
cache-control: s-maxage=0
access-control-allow-credentials: true
cf-ray: 7a290605bdec19b2-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 04 Mar 2023 11:16:59 GMT

GET
H2

200

2981
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401677921418F09BF6A888F75F6704
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&icm&gdpr=0&gdpr_consent=&cver
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-EfIPGydE2pTBYats6G.uC.0IRm4Qz1X4Jw--~A&gdpr=0
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=a9a21421f53d29fe
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=cTFIQ0Jod005OTlyT3lCQQ%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJIJeVt_WhFTqOucHRoOBvM&google_cver=1

62 B
314 B

106ms
106ms

Image
image/gif

23.205.6.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJIJeVt_WhFTqOucHRoOBvM&google_cver=1
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 23.205.6.178 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-6-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 04 Mar 2023 09:17:00 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEJIJeVt_WhFTqOucHRoOBvM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 535 B
943 B 157ms
80ms Fetch
application/json 13.225.223.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-106.jfk51.r.cloudfront.net
Software: /
Resource Hash: 338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
via: 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront), 1.1 9e89086b4bc4697bea1e1dec6ddc5c5c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK51-C1
x-amzn-requestid: 3637b9df-9998-4354-a1ed-0392daf39f6b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: BP7lzGmKCYcF2BA=
content-length: 535
x-amz-cf-id: sfpxNuPzBdgW-6Ajm2MjD814pfuk6v11TnEYDEdqAEk2vWnHPs_DMw==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 159ms
33ms Script
application/javascript 104.126.116.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6769532287701143&stid=ZGQADGQDDIsAAAAIagciAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.126.116.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-116-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

f6a5c4a2b64918ed6d1e866896635ef6b166c94623e41249352a52e3e51b6bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1361
Expires: Sat, 04 Mar 2023 10:16:59 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 36ms
35ms Image
image/gif 18.119.77.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fpresentuser.uk.to%2F&event_source=dtscout&rnd=0.6769532287701143&exptid=ZGQADGQDDIsAAAAIagciAw%3D%3D&fcmp=false

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.77.66 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-77-66.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 113ms
46ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1677921419163&dn=AFWU&iso=0&pu=https%3A%2F%2Fpresentuser.uk.to%2F&t=Choose%20movies%20to%20watch%20on%20streamings%20%7C%20Filmelier
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 290ms
85ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding: gzip
via: 1.1 934f97734451ac135c3e6c1480f72d4e.cloudfront.net (CloudFront)
date: Sat, 04 Mar 2023 08:36:06 GMT
last-modified: Mon, 30 Jan 2023 17:09:16 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 2458
etag: W/"b33b67ced6b706568683ecea83e198c4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: AttJ_V8yFrBgHo75nXPvl9RYbQIGBLPiUb-SaTlC1GBJR32rWECxyQ==

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 102ms
28ms Script
application/javascript 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=&pu=https%3A%2F%2Fpresentuser.uk.to%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 963801924f4ba1a842c88ee6175bcfb3c0f511b1f5d06388dab9c2c250a333af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Sat, 04 Mar 2023 09:16:58 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length: 1332
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3354 2 KB
1 KB 21ms
20ms Document
text/html 104.126.116.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6769532287701143&stid=ZGQADGQDDIsAAAAIagciAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.126.116.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-116-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sat, 04 Mar 2023 09:16:59 GMT
Expires: Sat, 11 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1120.23353/a/CA/ Frame 516B 20 KB
9 KB 21ms
21ms Script
text/javascript 104.126.116.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1120.23353/a/CA/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.126.116.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-116-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8748
Expires: Sat, 11 Mar 2023 09:16:59 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame CE24 438 B
675 B 37ms
36ms Script
application/javascript 18.119.77.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.77.66 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-77-66.us-east-2.compute.amazonaws.com

Software

Resource Hash

a4ab6d8ca203ed570ff0a425997272b0d69fd17ebd19c3ffedfefba029bb5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 516B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=

42 B
297 B

277ms
140ms

Image
image/gif

3.23.123.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

HTTP/1.1

Server

3.23.123.16 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-23-123-16.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGQADGQDDIsAAAAIagciAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:16:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.sharethis.com/ttd?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 215

GET
H/1.1

200
OK

nlsn
sync.sharethis.com/ Frame 516B
Redirect Chain

https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1
https://sync.sharethis.com/nlsn?uid=898e4707917cf35f463c5b1bfb3149a1

42 B
297 B

255ms
36ms

Image
image/gif

3.23.123.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/nlsn?uid=898e4707917cf35f463c5b1bfb3149a1

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

HTTP/1.1

Server

3.23.123.16 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-23-123-16.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGQADGQDDIsAAAAIagciAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

date: Sat, 04 Mar 2023 09:16:59 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://sync.sharethis.com/nlsn?uid=898e4707917cf35f463c5b1bfb3149a1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 516B
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=21R7qz6YeLBsAHYU5T1KU7rk4BPu_f5pNFwFuSn3RkA8&gdpr=0&gdpr_consent=

42 B
297 B

244ms
35ms

Image
image/gif

3.23.123.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=21R7qz6YeLBsAHYU5T1KU7rk4BPu_f5pNFwFuSn3RkA8&gdpr=0&gdpr_consent=

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

HTTP/1.1

Server

3.23.123.16 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-23-123-16.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGQADGQDDIsAAAAIagciAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=21R7qz6YeLBsAHYU5T1KU7rk4BPu_f5pNFwFuSn3RkA8&gdpr=0&gdpr_consent=
Date: Sat, 04 Mar 2023 09:16:59 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 516B
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGQADGQDDIsAAAAIagciAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3634013441745747989
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzNDAxMzQ0MTc0NTc0Nzk4ORAAGg0Ii5mMoAYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=c0b26642cc42b5bfb3247c2008b0ea70878e467cd4cd01d7c7a02f2122a782eef4cb09cee1a4f8eb&person_id=3634013441745747989&eid=50082

43 B
139 B

54ms
54ms

Image
image/gif

34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=c0b26642cc42b5bfb3247c2008b0ea70878e467cd4cd01d7c7a02f2122a782eef4cb09cee1a4f8eb&person_id=3634013441745747989&eid=50082
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Sun, 05 Mar 2023 04:16:59 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:16:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=c0b26642cc42b5bfb3247c2008b0ea70878e467cd4cd01d7c7a02f2122a782eef4cb09cee1a4f8eb&person_id=3634013441745747989&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 516B
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGQADGQDDIsAAAAIagciAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

226ms
37ms

Image
image/gif

3.23.123.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

HTTP/1.1

Server

3.23.123.16 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-23-123-16.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGQADGQDDIsAAAAIagciAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Sat, 04 Mar 2023 09:16:59 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame 0132
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1677921419402.4
https://tags.bluekai.com/site/27519?id=212114271902057&ret=html&random=1677921419

71 B
624 B

160ms
152ms

Document
text/html

23.205.6.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212114271902057&ret=html&random=1677921419
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=&pu=https%3A%2F%2Fpresentuser.uk.to%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.6.178 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-6-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

bk-server: 8f87
cache-control: max-age=0, no-cache, no-store
content-length: 71
content-type: text/html
date: Sat, 04 Mar 2023 09:16:59 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sat, 04 Mar 2023 09:16:59 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212114271902057&ret=html&random=1677921419
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP003
x-33x-status: 400000000040080C

GET
H2 200 lotame-sync.html Show response
cdn-tc.33across.com/ Frame F7F7 343 B
458 B 163ms
26ms Document
text/html 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-tc.33across.com/lotame-sync.html
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=&pu=https%3A%2F%2Fpresentuser.uk.to%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 52575
cache-control: public, max-age=259200
cf-cache-status: HIT
cf-ray: 7a290608a8cda1ff-YYZ
content-encoding: gzip
content-type: text/html
date: Sat, 04 Mar 2023 09:16:59 GMT
etag: W/"63bdccf6-157"
expires: Tue, 07 Mar 2023 09:16:59 GMT
last-modified: Tue, 10 Jan 2023 20:39:18 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

204

43d9f61e-e1e5-4f12-bf34-abd0ca422c66
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&ts=1677921419402.1
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D64030c8b4e18270001bf23a4%26chc%3Dtt%26gdpr%3D%26gdpr_consent%3D%26redirect_url%3D
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D64030c8b4e18270001bf23a4%2526chc%253Dtt%2526gdpr%253D%2526gdpr_consent%253D%25...
https://map.go.affec.tv/map/an/4996230101624092723?ch=64030c8b4e18270001bf23a4&chc=tt&gdpr=&gdpr_consent=&redirect_url=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&ch=64030c8b4e18270001bf23a4&chc=tt%7Can&gdpr=&gdpr_consent=&redirect_url=
https://map.go.affec.tv/map/ttd/43d9f61e-e1e5-4f12-bf34-abd0ca422c66?ttd_puid=&gdpr=0&gdpr_consent=

0
564 B

26ms
24ms

Image
text/plain

52.54.69.176
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/43d9f61e-e1e5-4f12-bf34-abd0ca422c66?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 52.54.69.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-69-176.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:16:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://map.go.affec.tv/map/ttd/43d9f61e-e1e5-4f12-bf34-abd0ca422c66?ttd_puid=&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&random=1677921419402.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&random=1677921419402.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&ttd_puid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
336 B

131ms
24ms

Image
text/plain

52.206.196.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 52.206.196.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-196-140.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n001-ash-prod.krxd.net
date: Sat, 04 Mar 2023 09:17:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1677921420
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Sat, 04 Mar 2023 09:16:59 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1677921419402.3
https://idsync.rlcdn.com/405716.gif?partner_uid=212114271054159

42 B
298 B

157ms
150ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212114271054159
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:16:59 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:16:59 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212114271054159
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&33random=1677921419402.5&cat=33across
https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&33random=1677921419402.5&cat=33across
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFONkh5T3RjTmI0akFUNlpQa3J3cXpKMklVS0hDVjJfMk5OMFNrVGRadEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnFONkh5T3RjTmI0akFUNlpQa3J3cXpKMklVS0hDVjJfMk5OMFNrVGRadEk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHVLmrhULeRphPAwoTNqX2g&google_cver=1

70 B
440 B

24ms
24ms

Image
image/gif

3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHVLmrhULeRphPAwoTNqX2g&google_cver=1
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: HTTP/1.1
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 04 Mar 2023 09:16:59 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:16:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEHVLmrhULeRphPAwoTNqX2g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://dp1.33across.com/ps/?pid=669&uid=CoIKS2QDDItx%2BF9PAz4OAg%3D%3D&us_privacy=&random=1677921419402.7&pu=https%3A%2F%2Fpresentuser.uk.to%2F
https://secure.adnxs.com/mapuid?t=2&member=1001&user=212114271004796&seg_code=33x&random=1677921419
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212114271004796%26seg_code%3D33x%26random%3D1677921419

43 B
1 KB

124ms
123ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212114271004796%26seg_code%3D33x%26random%3D1677921419

Requested by

Host: presentuser.uk.to
URL: https://presentuser.uk.to/

Protocol

HTTP/1.1

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Mar 2023 09:16:59 GMT
AN-X-Request-Uuid: 9a45c545-edc5-4dab-b106-c26654d810df
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Mar 2023 09:16:59 GMT
AN-X-Request-Uuid: 3ebcbb78-93f2-448a-b710-476c819ba860
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212114271004796%26seg_code%3D33x%26random%3D1677921419
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame CE24 51 KB
16 KB 105ms
27ms Script
application/javascript 23.3.112.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.3.112.166 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-3-112-166.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 04 Mar 2023 09:16:59 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Sat, 11 Mar 2023 09:16:59 GMT

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
465 B

31ms
24ms

Fetch
application/json

72.251.238.254
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: presentuser.uk.to
URL: https://presentuser.uk.to/
Protocol: HTTP/1.1
Server: 72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: dada5e4552ce2e0394098bbb6c007b503cb68975a7859790e06c77821786a2e9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://presentuser.uk.to
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Sat, 04 Mar 2023 09:16:59 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://presentuser.uk.to
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

5386 Show response
tags.bluekai.com/site/ Frame C608
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGQADGQDDIsAAAAIagciAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1120.23353%26cid%3Dc010%26...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=

62 B
314 B

88ms
88ms

Document
image/gif

23.205.6.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/5386?id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.6.178 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-6-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Sat, 04 Mar 2023 09:16:59 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 221
content-type: text/html
date: Sat, 04 Mar 2023 09:16:59 GMT
location: https://tags.bluekai.com/site/5386?id=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16311/ Frame F7F7 32 KB
10 KB 22ms
19ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by: Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://cdn-tc.33across.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 11:20:14 GMT
content-encoding: gzip
via: 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:01:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 79006
x-amz-server-side-encryption: AES256
etag: W/"17cbf13b92a75decc910b84476c56675"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: BXJtJRbMxGoAUdZq_mWc544bsP-xQa7W0MhBj4vYCdoqH8FZisd8PA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame F7F7 156 B
616 B 228ms
77ms XHR
application/json 54.156.61.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.61.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-61-9.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ad8ab222b1ea2298d94ae0d4d612878f33e6bc6be484a13adfbdb0dcfa9764ae

Request headers

Referer: https://cdn-tc.33across.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:16:59 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cdn-tc.33across.com
cache-control: no-cache
x-server: 10.40.45.57
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6017 0
0 100ms
27ms Document
text/plain 13.226.39.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38471
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-49.ewr53.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sat, 04 Mar 2023 09:17:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server: Apache-Coyote/1.1
via: 1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
x-amz-cf-id: oIQWUPfD1P3rxJqgKoH2cdBpYuct-moGKFtyMt7_fGapAs4La8JFQA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 113ms
76ms XHR
application/json 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://presentuser.uk.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Mar 2023 09:17:01 GMT
content-encoding: gzip
via: 1.1 205b9099637a29b949f9be6dceccecec.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 18:30:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: W/"6db43f44304c37d76768275ee4f01ba4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age: 86400
x-amz-cf-id: v1ELS1-ZLMxfrPellyjzv6TD_6EwD0zCvu82uJj_dDpb6oKHdIMfGw==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 317 B
1 KB 68ms
67ms XHR
application/json 54.156.61.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.61.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-61-9.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 321a4738313d4aa7030dca7c42a4eb02f58cc9570543097f23c82eb5a0700502

Request headers

Referer: https://presentuser.uk.to/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://presentuser.uk.to
cache-control: no-cache
x-server: 10.40.47.98
access-control-allow-credentials: true
content-length: 317
expires: 0

POST
H3 200 a
a.dtssrv.com/ 0
470 B 59ms
36ms Ping
text/html 2606:4700:3037::ac43:abcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=10401677921418F09BF6A888F75F6704&k=lotpano&v=661c636ea3630719c1a4b4b40e34a9fb927ad3a85881d02eae8d764113bd0992
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fpresentuser.uk.to%2F&j=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:abcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:17:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aea782hzU9uPbbsIRJ6pFefwt%2BD6WSUf%2B%2BjIcoscoiQUb6aAAEcimrgsgB8pmq6k8BT4Hqe%2BImsqyOE%2FPOYEGvh5WSyOTkGiBmlRMBNqMQPvxfSkZGGNuTlHD7kn26hjfPnsEtjmkm8wH74%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7a2906104bb33348-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 6FE4 2 KB
1 KB 20ms
19ms Document
text/html 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 79008
cache-control: max-age: 86400
content-encoding: gzip
content-type: text/html
date: Fri, 03 Mar 2023 11:20:13 GMT
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 177517a7a813d3db43efccb1bf2be96a.cloudfront.net (CloudFront)
x-amz-cf-id: IoLaVmPEeSk_ynwRf6dkpyTYJyrV56NDETpKzS7pRsiXdv29jx2zxA==
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

59074
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rnd=66806
https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rnd=66806&_li_chk=true&previous_uuid=92d06e4a8769476f87d247e54b610c6e
https://i6.liadm.com/s/59074?bidder_id=204553&rnd=66806&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ

43 B
436 B

110ms
25ms

Image
image/gif

2600:1f18:ed:550f:baf3:573d:4b62:a404
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/59074?bidder_id=204553&rnd=66806&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:baf3:573d:4b62:a404 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:17:01 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/59074?bidder_id=204553&rnd=66806&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ
Date: Sat, 04 Mar 2023 09:17:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame E43A 4 KB
4 KB 25ms
24ms Document
text/html 54.156.61.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.61.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-61-9.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c874cc00aedcdac8098714de1762baf3ea7a6e913b564ca09d3a73fe318a4782

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3736
content-type: text/html
date: Sat, 04 Mar 2023 09:17:00 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.44.5

GET
H2

200

m
cm.mgid.com/ Frame E43A
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=34aa4e40ed9f3f62ceb49063f6cf2521
https://cm.mgid.com/m?c=34aa4e40ed9f3f62ceb49063f6cf2521&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
179 B

106ms
105ms

Image
image/gif

2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=34aa4e40ed9f3f62ceb49063f6cf2521&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7a2906119e677154-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=34aa4e40ed9f3f62ceb49063f6cf2521&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7a290610ee1e7154-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame E43A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC...
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=68c9ac05-2c76-4568-8915-b2f063b4974c&gdpr=0

49 B
264 B

28ms
28ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=68c9ac05-2c76-4568-8915-b2f063b4974c&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.44.5
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=68c9ac05-2c76-4568-8915-b2f063b4974c&gdpr=0
Date: Sat, 04 Mar 2023 09:17:01 GMT
Connection: keep-alive
X-CI-RTID: 9fa5996c-c1a8-4e8c-9bb5-37cb226d9989
Content-Length: 131
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame E43A
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

0
316 B

54ms
53ms

Image
text/plain

199.187.193.202
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Server: 199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame E43A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBE2AA3F-DB90-4D8E-845E-C41280CC3B95&gdpr=0

49 B
264 B

61ms
61ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBE2AA3F-DB90-4D8E-845E-C41280CC3B95&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.32.95
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=FBE2AA3F-DB90-4D8E-845E-C41280CC3B95&gdpr=0
date: Sat, 04 Mar 2023 09:16:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66/gdpr=0/ Frame E43A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66/gdpr=0/gdpr_consent=

49 B
264 B

162ms
33ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.3.250
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66/gdpr=0/gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 249

GET
H2

200

tpid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame E43A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D8b4b6b61-0497-4a1f-aed0-4cb50d510f64%252Chttps%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8547619048978178239&pt=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64

49 B
264 B

30ms
29ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.34.15
content-length: 49
expires: 0

Redirect headers

date: Sat, 04 Mar 2023 09:17:01 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=43d4442d68784e70acbda482ac2fc146
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame E43A
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=43d4442d68784e70acbda482ac2fc146

49 B
265 B

41ms
38ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=43d4442d68784e70acbda482ac2fc146
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.173
content-length: 49
expires: 0

Redirect headers

date: Sat, 04 Mar 2023 09:17:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s3b-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=43d4442d68784e70acbda482ac2fc146
access-control-allow-origin: *
cache-control: no-store
cf-ray: 7a2906110f7ca1ec-YYZ
expires: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame E43A 0
620 B 36ms
26ms Image
text/plain 34.229.3.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=34aa4e40ed9f3f62ceb49063f6cf2521&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-229-3-43.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:17:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30034998202391105553334567787131214803/ Frame E43A
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30034998202391105553334567787131214803/gdpr=0

49 B
265 B

28ms
28ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30034998202391105553334567787131214803/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.42.176
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-usw2-2-v042-0dc25988f.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: o+GrxGRLTuE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=30034998202391105553334567787131214803/gdpr=0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame E43A 0
544 B 250ms
36ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:34aa4e40ed9f3f62ceb49063f6cf2521
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:17:00 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame E43A 0
335 B 34ms
25ms Image
text/plain 52.206.196.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=34aa4e40ed9f3f62ceb49063f6cf2521
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.196.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-196-140.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n030-ash-prod.krxd.net
date: Sat, 04 Mar 2023 09:17:00 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1677921420
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame E43A
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-804d129f-8b75-4d1c-416e-074603549260$ip$149.56.153.180&gdpr=0&gdpr_consent=

49 B
265 B

27ms
27ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-804d129f-8b75-4d1c-416e-074603549260$ip$149.56.153.180&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.43.152
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-804d129f-8b75-4d1c-416e-074603549260$ip$149.56.153.180&gdpr=0&gdpr_consent=
Date: Sat, 04 Mar 2023 09:17:01 GMT
Connection: keep-alive
Content-Length: 168
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame E43A 70 B
440 B 32ms
25ms Image
image/gif 3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=51mdg9u&uid=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 04 Mar 2023 09:17:00 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame E43A
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-DltWn3ZE2pxDnN1jBg_NKnKEqBTZBrVfT2s-~A&gdpr=0

49 B
265 B

139ms
31ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-DltWn3ZE2pxDnN1jBg_NKnKEqBTZBrVfT2s-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.47.98
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-DltWn3ZE2pxDnN1jBg_NKnKEqBTZBrVfT2s-~A&gdpr=0
date: Sat, 04 Mar 2023 09:17:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame E43A
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=69366403-0c8d-4e00-888f-89f3a7fd5e22&src=lot&gdpr=0

49 B
265 B

29ms
28ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=69366403-0c8d-4e00-888f-89f3a7fd5e22&src=lot&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.132
content-length: 49
expires: 0

Redirect headers

Date: Sat, 04 Mar 2023 09:17:01 GMT
Server: MT3 569 46451a0 master iad-pixel-x30 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=69366403-0c8d-4e00-888f-89f3a7fd5e22&src=lot&gdpr=0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 04 Mar 2023 09:17:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=07c32014-7569-4837-ae6f-6eca0a6db232-64030c8d-4341/ Frame E43A
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=07c32014-7569-4837-ae6f-6eca0a6db232-64030c8d-4341/gdpr=0

49 B
265 B

37ms
37ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=07c32014-7569-4837-ae6f-6eca0a6db232-64030c8d-4341/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.34.128
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=07c32014-7569-4837-ae6f-6eca0a6db232-64030c8d-4341/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E43A 0
674 B 201ms
25ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=34aa4e40ed9f3f62ceb49063f6cf2521&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0&_test=ZAMMjQALh-S8eAA_
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZAMMjQALh-S8eAA_/ Frame E43A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZAMMjQALh-S8eAA_
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZAMMjQALh-S8eAA_/gdpr=0&_test=ZAMMjQALh-S8eAA_

49 B
263 B

28ms
28ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZAMMjQALh-S8eAA_/gdpr=0&_test=ZAMMjQALh-S8eAA_
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.4.70
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-yyz4548-YYZ
pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1677921421.203391,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZAMMjQALh-S8eAA_/gdpr=0&_test=ZAMMjQALh-S8eAA_
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E43A 170 B
188 B 42ms
36ms Image
image/png 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MzRhYTRlNDBlZDlmM2Y2MmNlYjQ5MDYzZjZjZjI1MjE&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame E43A 62 B
314 B 157ms
151ms Image
image/gif 23.205.6.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=bf7c6f2435e336a93cacead161f696c0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.6.178 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-6-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 04 Mar 2023 09:17:00 GMT
content-length: 62
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E43A 170 B
188 B 40ms
35ms Image
image/png 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=MzRhYTRlNDBlZDlmM2Y2MmNlYjQ5MDYzZjZjZjI1MjE&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2896301705357113380/ Frame E43A
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/34aa4e40ed9f3f62ceb49063f6cf2521/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2896301705357113380/gdpr=0

49 B
264 B

30ms
30ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2896301705357113380/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.7.219
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2896301705357113380/gdpr=0
pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=149216305
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8547619048978178239/gdpr=0/ Frame E43A
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=149216305
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8547619048978178239/gdpr=0/rand=149216305

49 B
264 B

30ms
29ms

Image
image/gif

100.25.82.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8547619048978178239/gdpr=0/rand=149216305
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C136%2C116%2C106%2C104%2C100%2C94%2C92%2C80%2C54%2C49%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825
Protocol: H2
Server: 100.25.82.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-82-195.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:01 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.36.15
content-length: 49
expires: 0

Redirect headers

Date: Sat, 04 Mar 2023 09:17:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ec4e3583-8b60-44ea-a149-ccec50ddc7bb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8547619048978178239/gdpr=0/rand=149216305
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rand=34498&pu=
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rand=34498&pu=&expected_cookie=c156bcdd-acff-451b-9ae6-e8906a5b58e5

0
143 B

111ms
111ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rand=34498&pu=&expected_cookie=c156bcdd-acff-451b-9ae6-e8906a5b58e5
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:17:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0B6D035A13374CA79B4B6BF157A50760 Ref B: YMQ01EDGE0317 Ref C: 2023-03-04T09:17:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2D4ZKvl+OPNKUob00RQ==

Redirect headers

date: Sat, 04 Mar 2023 09:17:00 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 72809B9C2B9248839D73C7685ECB6539 Ref B: YMQ01EDGE0317 Ref C: 2023-03-04T09:17:01Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: /db_sync?pid=15697&puuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rand=34498&pu=&expected_cookie=c156bcdd-acff-451b-9ae6-e8906a5b58e5
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2D4ZJMYrtIHls1SFnwQ==

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=68586
https://ce.lijit.com/merge?pid=2&3pid=708B1D43D36043C289B8127389049EFA

43 B
679 B

158ms
28ms

Image
image/gif

69.175.41.44
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=708B1D43D36043C289B8127389049EFA
Protocol: HTTP/1.1
Server: 69.175.41.44 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: sovrn-193627-chi03-placeholder
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Mar 2023 09:17:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ord1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sat, 04 Mar 2023 09:17:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=708B1D43D36043C289B8127389049EFA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 03 Mar 2023 09:17:01 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ 43 B
436 B 29ms
27ms Image
image/gif 52.6.131.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GQNsZSZHOYUKcZxrQrGnw2hJ&rnd=68817

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.131.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-131-58.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:17:02 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 8AF9 85 B
483 B 19ms
19ms Document
text/html 18.164.124.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-123.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://presentuser.uk.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 605861
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Thu, 02 Mar 2023 06:34:55 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
x-amz-cf-id: kLzcoB3QXROashIdVZgw1RXQMzhWzHwgnnvDgCZsA85NmU36qqoowA==
x-amz-cf-pop: JFK50-P7
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 8AF9 766 B
1 KB 22ms
22ms Script
text/javascript 18.164.124.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-123.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 06:39:36 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 80f517c5ec4d986c177bb1a50f8c9156.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P7
age: 614247
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: N2KwkO_L29Bwh5taxcdEns-5ExZEsJauAOqHdQrEbugXWxRMJPdkDQ==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 516B 0
289 B 20ms
19ms Image
text/plain 104.126.116.66
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGQADGQDDIsAAAAIagciAw%253D%253D&tt=t.dhj&dhjLcy=1677921419325&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1120.23353&ell=d&cck=__stid&dmn=presentuser.uk.to&pn=%2F&qs=na&rdn=presentuser.uk.to&rpn=%2F&rqs=na&cc=CA&cont=NA&evid=QCQ6raYAP4nb49TPOsOv&urls=!1!405!b-13j,!1!456!b-13h,!1!433!b-14s,!1!0!b-14t,!1!471!b-150,!1!433!b-16f&rnd=1677921422436&cid=c010&version=1.1120.23353&cc=CA&cont=NA&cls=C&repeat=0&htmLcy=26

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.126.116.66 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-116-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1120.23353&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Mar 2023 09:17:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sat, 04 Mar 2023 09:17:02 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GQNsZSZHOYUKcZxrQrGnw2hJ/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=34aa4e40ed9f3f62ceb49063f6cf2521

43 B
999 B

29ms
29ms

Image
image/gif

69.175.41.44
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=34aa4e40ed9f3f62ceb49063f6cf2521
Protocol: HTTP/1.1
Server: 69.175.41.44 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: sovrn-193627-chi03-placeholder
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Mar 2023 09:17:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ord1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=34aa4e40ed9f3f62ceb49063f6cf2521
cache-control: no-cache
x-server: 10.40.43.152
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 717 B
1 KB 25ms
24ms Script
application/javascript 3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: c5e82954a413c742951d4ae5aaefd5b0caa7ff3ddf5be0125b46adb6943171c4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Sat, 04 Mar 2023 09:17:03 GMT
Content-Length: 717
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&bid=1e2n4ou

70 B
440 B

24ms
24ms

Image
image/gif

3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&bid=1e2n4ou
Protocol: HTTP/1.1
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 04 Mar 2023 09:17:03 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sat, 04 Mar 2023 09:17:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=43d9f61e-e1e5-4f12-bf34-abd0ca422c66&bid=1e2n4ou
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 191

GET
H2

200

19505
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/29539?limit=1&id=2MeC9iAscPxOavrNRjHg9EAUAIBKwH5bw_zhgldY_fNQ
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI
https://tags.bluekai.com/site/19505?id=y-PnYcTLZE2pIoAdSMwtS7kGD.TnR1kUsb.II-~A

62 B
314 B

83ms
83ms

Image
image/gif

23.205.6.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/19505?id=y-PnYcTLZE2pIoAdSMwtS7kGD.TnR1kUsb.II-~A
Protocol: H2
Server: 23.205.6.178 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-6-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 04 Mar 2023 09:17:03 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/19505?id=y-PnYcTLZE2pIoAdSMwtS7kGD.TnR1kUsb.II-~A
date: Sat, 04 Mar 2023 09:17:03 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

receive
pixel.tapad.com/idsync/ex/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3081&partner_device_id=23PIJ5390ahjYRjqvb4WOnSN-Rv2JeyWWRM288NHf7u0
https://dpm.demdex.net/ibs:dpid=540&dpuuid=8b4b6b61-0497-4a1f-aed0-4cb50d510f64&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=30034998202391105553334567787131214803&pt=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2C%2C

95 B
123 B

41ms
41ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=30034998202391105553334567787131214803&pt=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2C%2C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 09:17:03 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

DCS: dcs-prod-usw2-1-v042-0608424f9.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ireXYE/XS60=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=30034998202391105553334567787131214803&pt=8b4b6b61-0497-4a1f-aed0-4cb50d510f64%2C%2C
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2896301705357113380&newuser=1&referrer_pid=51md42u

70 B
440 B

24ms
24ms

Image
image/gif

3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2896301705357113380&newuser=1&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 04 Mar 2023 09:17:03 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=2896301705357113380&newuser=1&referrer_pid=51md42u
pragma: no-cache
date: Sat, 04 Mar 2023 09:17:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=8547619048978178239&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

24ms
24ms

Image
image/gif

3.234.8.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8547619048978178239&bid=2cr76e1&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 3.234.8.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-8-37.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 04 Mar 2023 09:17:03 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Sat, 04 Mar 2023 09:17:03 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.180; 149.56.153.180; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3c34f006-8a2d-47e4-86b4-cc4304f506ae
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ps.eyeota.net/match?uid=8547619048978178239&bid=2cr76e1&referrer_pid=51md42u
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 12 KB
4 KB 25ms
24ms Script
text/javascript 72.251.238.254
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://presentuser.uk.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 09:17:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Mar 2020 17:51:39 GMT
Server: nginx
ETag: W/"5e628dab-2e98"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ewr1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 11 Mar 2023 09:17:03 GMT

GET beacon
vpod1q.qa.lijit.com/ Frame 3072 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vpod1q.qa.lijit.com
URL: https://vpod1q.qa.lijit.com/beacon?informer=&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

96 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 10:48:33	Name: _li_ss Value: CgsKCQj_____BxDKFA
.uk.to/	1970-01-20 19:41:21	Name: _ga Value: GA1.2.45238730.1677921419
.uk.to/	1970-01-20 10:06:47	Name: _gid Value: GA1.2.901752169.1677921419
.uk.to/	1970-01-20 10:05:21	Name: _gat_gtag_UA_237442725_1 Value: 1
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstCfa4588550 Value: 1677921418823
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstCla4588550 Value: 1677921418823
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstCmu4588550 Value: 1677921418823
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstPn4588550 Value: 1
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstPt4588550 Value: 1
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstCnv4588550 Value: 1
presentuser.uk.to/	1970-01-20 18:50:57	Name: HstCns4588550 Value: 1
.dtscout.com/	1970-01-20 10:05:26	Name: m Value: 1
.dtscout.com/	1970-01-20 10:05:25	Name: st Value: 1
.dtscout.com/	1970-01-20 10:05:35	Name: oa Value: 1
.dtscout.com/	1970-01-20 12:29:21	Name: df Value: 1677921418
.dtscout.com/	1970-01-20 12:13:31	Name: l Value: 10401677921418F09BF6A888F75F6704
.uk.to/	1970-01-20 12:10:38	Name: __dtsu Value: 10401677921418F09BF6A888F75F6704
.sharethis.com/	1970-01-20 18:52:23	Name: __stid Value: ZGQADGQDDIsAAAAIagciAw==
.sharethis.com/	1970-01-20 18:52:23	Name: __stidv Value: 2
.uk.to/	1970-01-20 10:05:21	Name: lotame_domain_check Value: uk.to
.dtscdn.com/	1970-01-20 14:23:07	Name: uid Value: 10401677921418F09BF6A888F75F6704
.tynt.com/	1970-01-20 18:50:57	Name: uid Value: CoIKS2QDDItx+F9PAz4OAg==
.onaudience.com/	1970-01-20 18:50:57	Name: cookie Value: 682323e28eb07382
.onaudience.com/	1970-01-20 10:06:47	Name: done_redirects147 Value: 1
.tynt.com/	1970-01-20 12:14:57	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1677921419402%7D%5D
.t.sharethis.com/	1970-01-20 10:25:31	Name: pxcelPage_default_c010_C Value: 1_0_1677921419434
.adsrvr.org/	1970-01-20 18:52:23	Name: TDID Value: 43d9f61e-e1e5-4f12-bf34-abd0ca422c66
.tapad.com/	1970-01-20 11:31:45	Name: TapAd_TS Value: 1677921419534
.tapad.com/	1970-01-20 11:31:45	Name: TapAd_DID Value: 8b4b6b61-0497-4a1f-aed0-4cb50d510f64
.ml314.com/	1970-01-20 18:52:23	Name: pi Value: 3634013441745747989
.go.affec.tv/	1970-01-20 18:50:57	Name: ck Value: 64030c8b4e18270001bf23a3
.go.affec.tv/	1970-01-20 18:50:57	Name: oo Value: 1
.exelator.com/	1970-01-20 12:58:09	Name: EE Value: "898e4707917cf35f463c5b1bfb3149a1"
.eyeota.net/	1970-01-20 18:52:23	Name: mako_uid Value: 186abe90130-bab0000010a5236
.exelator.com/	1970-01-20 12:58:09	Name: ud Value: "eJxrXxzq6XKLQcHC0iLVxNzA3NLQPDnN2DTNxMw42TTJMCktydjQxDLRcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6ImfHxUUpaQyLSopPBR8O%252FQoAgQcqRA%253D%253D"
.onaudience.com/	1970-01-20 10:06:47	Name: done_redirects252 Value: 1
.bluekai.com/	1970-01-20 14:30:19	Name: bku Value: +rQ99/L19tEJptWl
.eyeota.net/	1970-01-20 10:05:22	Name: SERVERID Value: 21046~DM
.33across.com/	1970-01-20 18:50:57	Name: 33x_ps Value: u%3D212114271902057%3As1%3D1677921419619%3Ats%3D1677921419619
.yahoo.com/	1970-01-20 18:51:19	Name: A3 Value: d=AQABBIsMA2QCECUxu3vH8BgOfX4p8HlLtlMFEgEBAQFeBGQMZAAAAAAA_eMAAA&S=AQAAAmMzJwGiwhftwCRh9eL2urY
.lijit.com/	1970-01-20 18:50:57	Name: ljt_reader Value: GQNsZSZHOYUKcZxrQrGnw2hJ
.rlcdn.com/	1970-01-20 18:50:57	Name: rlas3 Value: ljSw6XEE0miiKHQ7a8K2x0C9u1Bp/1fZDgClgNOTMFE=
.bluekai.com/	1970-01-20 14:24:33	Name: bkdc Value: phx
.adnxs.com/	1970-01-20 12:14:57	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$Siz7Ep!]tbP6j2F-XstGt!@D:J$VGH4
.adnxs.com/	1970-01-20 12:14:57	Name: uuid2 Value: 8547619048978178239
.rlcdn.com/	1970-01-20 11:31:45	Name: pxrc Value: CIuZjKAGEgUI6AcQABIFCNtOEAA=
.go.affec.tv/	1970-01-20 18:50:57	Name: pt Value: eyJhbiI6eyJkdCI6MTY3NzkyMTQxOSwiaWQiOiI0OTk2MjMwMTAxNjI0MDkyNzIzIiwibHMiOjE2Nzc5MjE0MTl9LCJ0dCI6eyJkdCI6MTY3NzkyMTQxOSwiaWQiOiJDb0lLUzJRRERJdHgrRjlQQXo0T0FnPT0iLCJscyI6MTY3NzkyMTQxOX0sInRkIjp7ImR0IjoxNjc3OTIxNDE5LCJpZCI6IjQzZDlmNjFlLWUxZTUtNGYxMi1iZjM0LWFiZDBjYTQyMmM2NiIsImxzIjoxNjc3OTIxNDE5fSwidiI6MH0=\|1677921419\|f084a68580f557875be918bf024cc1cc25917c95
.doubleclick.net/	1970-01-20 19:41:21	Name: IDE Value: AHWqTUkV0jOSGfyYJ6ypa9fTFaA9SENWr7s3X8x4au4s2G4nTsMldeCa-C1eNlzUS2o
.crwdcntrl.net/	1970-01-20 16:34:09	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 16:34:09	Name: _cc_id Value: 34aa4e40ed9f3f62ceb49063f6cf2521
.onaudience.com/	1970-01-20 10:06:47	Name: done_redirects109 Value: 1
.krxd.net/	1970-01-20 14:24:33	Name: _kuid_ Value: PagWiu0s
.intentiq.com/	1970-01-20 19:41:21	Name: IQver Value: 1.9
.crwdcntrl.net/	1970-01-20 16:34:09	Name: _cc_cc Value: "ACZ4XmNQMDZJTDRJNTFITbFMM04zM0pOTTKxNDADMpPTjEyNDBmAIIWZp%2Bc%2FEPCDOGDA8%2BTFR12mj7IM%2FxkZt9eDSIZLpx6xoYqcO3qIGVXkx8YpLKgiu%2FddFkAV%2BdBwX4ARYjLD4cVz0NSvXv%2BUG1X95BPqqALvlqBr6kVX0n23ywBVEwAu8Vmx"
.crwdcntrl.net/	1970-01-20 16:34:09	Name: _cc_aud Value: "ABR4XmNgYGBIYebpAVIQwMzAwDUDzFzUCiIZH9YDSQBAqwQt"
.uk.to/	1970-01-20 16:34:09	Name: _cc_id Value: 34aa4e40ed9f3f62ceb49063f6cf2521
.uk.to/	1970-01-20 10:06:47	Name: panoramaId_expiry Value: 1678007820751
.uk.to/	1970-01-20 10:06:47	Name: panoramaId Value: 661c636ea3630719c1a4b4b40e34a9fb927ad3a85881d02eae8d764113bd0992
.mgid.com/	1970-01-20 18:50:57	Name: muidn Value: n240np9lEph1
.mgid.com/	1970-01-20 10:05:23	Name: __cf_bm Value: cqt5mGDF6xDf2t63Bu9fI0SEOsqGrcr_ZR42lg1tYkE-1677921420-0-ATVzRf7Q7S3n+bdKQWH8Gbf06T0Su1tS+PE+eQ4XpECzOo2PIsTpJozYBwKn1lPqzhVNTAtB6s53TBjT6XGEWbE=
.truoptik.com/	1970-01-20 18:50:57	Name: to_master_s Value: 43d4442d68784e70acbda482ac2fc146
.truoptik.com/	1970-01-20 18:50:57	Name: to_version_s Value: b2
.pubmatic.com/	1970-01-20 10:06:47	Name: KTPCACOOKIE Value: YES
.mathtag.com/	1970-01-20 19:31:16	Name: uuid Value: 69366403-0c8d-4e00-888f-89f3a7fd5e22
cm.mgid.com/	1970-01-20 10:48:33	Name: mg_sync Value: {}
sync.srv.stackadapt.com/	1970-01-20 18:50:57	Name: sa-user-id Value: s%3A0-804d129f-8b75-4d1c-416e-074603549260.g2sFFoVUV5awbrvv%2B7PKWLlM6iD1GEQs8c0GA5YeghY
.srv.stackadapt.com/	1970-01-20 18:50:57	Name: sa-user-id-v2 Value: s%3AgE0Sn4t1TRxBbgdGA1SSYJU4mbQ.36tpKV%2Br2C0LhbgMAruWU2v%2BfaYnNDw6csEhKuubKPc
.ipredictive.com/	1970-01-20 18:50:57	Name: cu Value: 68c9ac05-2c76-4568-8915-b2f063b4974c\|1677921421073
.pubmatic.com/	1970-01-20 18:50:57	Name: KADUSERCOOKIE Value: FBE2AA3F-DB90-4D8E-845E-C41280CC3B95
.sitescout.com/	1970-01-20 18:50:57	Name: ssi Value: 07c32014-7569-4837-ae6f-6eca0a6db232#1677921421091
.liadm.com/	1970-01-20 19:41:21	Name: lidid Value: 92d06e4a-8769-476f-87d2-47e54b610c6e
.sitescout.com/	1970-01-20 10:48:33	Name: _ssuma Value: eyI3IjoxNjc3OTIxNDIxMTE4fQ
.c.cintnetworks.com/	1970-01-20 10:05:25	Name: TiPMix Value: 7.5641391694559745
.c.cintnetworks.com/	1970-01-20 10:05:25	Name: x-ms-routing-name Value: self
.everesttech.net/	1970-01-20 18:50:57	Name: everest_g_v2 Value: g_surferid~ZAMMjQALh-S8eAA_
.smartadserver.com/	1970-01-20 18:52:23	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:52:23	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.rubiconproject.com/	1970-01-20 18:50:57	Name: khaos Value: LETR3AOM-1G-4GHA
.rubiconproject.com/	1970-01-20 18:50:57	Name: audit Value: 1\|p0Uq0y1YOOmFJtYNyshlFDokq4yAVfO42rREK91/XiEeECEUBMheiowrzI92cuisYCpWbCjKVydBK03vAHceENBQIIuieds9N5lE1u+dJiQNPP3yINRRLZbsGGNjLAUojj4j/6Pag1hGag1srcoI+M2O8qCVR0N4qoxmw57vRqc=
.demdex.net/	1970-01-20 14:24:33	Name: demdex Value: 30034998202391105553334567787131214803
.smartadserver.com/	1970-01-20 18:52:23	Name: pid Value: 4382240215837961541
.turn.com/	1970-01-20 14:24:33	Name: uid Value: 2896301705357113380
.dpm.demdex.net/	1970-01-20 14:24:33	Name: dpm Value: 30034998202391105553334567787131214803
.linkedin.com/	1970-01-20 12:14:57	Name: li_sugr Value: c156bcdd-acff-451b-9ae6-e8906a5b58e5
.linkedin.com/	1970-01-20 18:50:57	Name: bcookie Value: "v=2&2c760f8b-e02c-47cd-8f34-7c6044090bbe"
.linkedin.com/	1970-01-20 10:06:47	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2445:u=1:x=1:i=1677921421:t=1678007821:v=2:sig=AQFVoRM7j1VLujMMB0BEj_HWVmjGSEOh"
.simpli.fi/	1970-01-20 18:52:23	Name: suid Value: 708B1D43D36043C289B8127389049EFA
.lijit.com/	1970-01-20 18:50:57	Name: _ljtrtb_2 Value: 708B1D43D36043C289B8127389049EFA
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 22
.lijit.com/	1970-01-20 18:50:57	Name: ljtrtb Value: eJyrVjJSslIyN7BwMnQxMXYxNjMwMXY2srB0sjA0Mje2sDQwsXR1c1SqBQCzEwj1
.lijit.com/	1970-01-20 18:50:57	Name: _ljtrtb_5001 Value: 34aa4e40ed9f3f62ceb49063f6cf2521
.adsrvr.org/	1970-01-20 18:52:23	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjEsKnc56bOOxAFEhYKB2JsdWVrYWkSCwjUlKfe56bOOxAFGAEgASgCMgsI_MOGrv6mzjsQBTgBWgZleWVvdGFgAg..
.analytics.yahoo.com/	1970-01-20 18:50:57	Name: IDSYNC Value: "199z~2abl:19bk~2abl:19bn~2abl"
.tapad.com/	1970-01-20 11:31:45	Name: TapAd_3WAY_SYNCS Value: 1!1521-2!1521-3!1521

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn-tc.33across.com
cdn.statically.io
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
e.dtscout.com
fonts.googleapis.com
get.s-onetag.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
image6.pubmatic.com
loadus.exelator.com
map.go.affec.tv
match.adsrvr.org
media.filmelier.com
ml314.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
presentuser.uk.to
ps.eyeota.net
px.ads.linkedin.com
s10.histats.com
s4.histats.com
secure.adnxs.com
stags.bluekai.com
static.filmelier.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
vpod1q.qa.lijit.com
www.filmelier.com
www.google-analytics.com
www.googletagmanager.com
vpod1q.qa.lijit.com
100.25.82.195
104.126.116.66
104.16.111.154
104.18.35.34
108.138.128.46
13.224.214.83
13.225.223.106
13.226.39.49
142.251.40.226
146.59.148.16
149.56.240.27
151.101.194.49
172.64.151.83
18.119.77.66
18.164.124.123
199.187.193.202
207.198.113.203
23.205.6.178
23.3.112.166
2600:1f18:ed:550f:baf3:573d:4b62:a404
2600:9000:2510:2400:3:eabd:d180:93a1
2600:9000:2512:400:1d:4e86:6040:93a1
2600:9000:25c8:a400:1c:ea8b:d9c0:93a1
2606:4700:1::6813:864e
2606:4700:20::681a:d3c
2606:4700:21::8d65:780b
2606:4700:3037::ac43:abcc
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80e::200a
2607:f8b0:4006:81d::200e
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42::347
3.229.155.93
3.229.229.107
3.23.123.16
3.234.8.37
34.111.113.62
34.111.234.236
34.216.233.123
34.229.3.43
34.233.108.47
35.190.60.146
35.194.66.159
35.71.131.137
40.71.11.141
46.105.201.240
52.206.196.140
52.54.69.176
52.6.131.58
54.156.61.9
54.175.87.114
67.202.105.23
67.202.105.32
67.202.105.33
68.67.160.184
68.67.181.211
69.173.151.100
69.175.41.44
72.251.238.254
74.121.140.14
74.3.163.156
76.13.32.147
8.28.7.81
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12fff1c2e46bc4a9510946e2678b447f18ae57b63b8be303c50df33ed8287285
13c87cbf550d997925c9e9314abc362e57f0f8307a3cf5a6a992539b75fa2e10
16b37f0c6442287359df99c57542f29975c2b4f1bb41af87586e9a3bb135645c
17e4acd1ed6037500fff30a11e1bf6686195563e353709e33f59acdc28c7c446
1b846c4b264ad13b786802e2499269abfac72809ca9dbe23907a88f624f5eb9e
1be6c87a4b0c8f874d58e836a5697a84f06d63282dd6173dd80244c372687357
2179eb03ad633905534d94cf02338c8ceb66a2399973fe4894f73eece8dd668d
24b901c57653533d5f8a6ebe28ad9ee3a2ed4d30814bbdccb6c7a892ad598760
251ae267da628657d45ad143738fc83d4bd27dd1e8d694ebe6a74b3230de970e
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
321a4738313d4aa7030dca7c42a4eb02f58cc9570543097f23c82eb5a0700502
338dacde17883d60c2dfd00e56dd18d04bcebe147e818315978f530e19397009
39619a5cc29d050dc2d8aea88dde90ed501181ab0ae10ec3f27e49cee001eace
3c82eceddb9cc7cb5f9ad4daeb0a5a44cf67886ae06e8442f50ea69fcb83f031
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43f649c04d2211f4b8e05cbeaee52cdb49f771a34f80be4c7d68959791504298
46c2b46b827a82cf364a4aa881f75cbd4ffa563f630b6252a3fc9dac4b6f71fa
471301b6f762bbd35bf091d6ba9136566e7fed82a516ffbd64d78c7aeacf9892
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
56e01303d7a77f61dd930688c403fba6a5854b84e03459e81439044549679b53
57624503de135d6d3af8c9d813dc2f901ea779c29a8d537b241f3ee11bd69fdc
5780e1b3684423207df8fd0d69ccc4aa6f6938c6aa314a6ddf7423b1797f4d78
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
597ff16840cb51919d0d67f71bf9e28cd90c484bcd405462cb24b2e05dd6d4da
60deac65803fecd741348dd8102a363ea486e551e9af2e09893885036067938b
62be90715761df3f3aa53ade2648924e670f674a4ef0188c754c16ad3ba9b857
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec98ec2d803c80774159820877455919a7961b1d39ebee213c076f618b2e739
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
70f32536594af33267a15c096fe8fd9d0b9b60e2f3eb7129b54ac84ca8bfa4de
75dcd6173f42a1d17502f2a3df023ad268356634afac34df3a545ffdccf84505
76fd346c2358259916fa366bf9c1781fa94829c5ee666945ace7f990d7977dbe
7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
963801924f4ba1a842c88ee6175bcfb3c0f511b1f5d06388dab9c2c250a333af
98ad728b38982939b92c04b688542295454671415641c7820864751525ab366b
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
a4ab6d8ca203ed570ff0a425997272b0d69fd17ebd19c3ffedfefba029bb5894
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad8ab222b1ea2298d94ae0d4d612878f33e6bc6be484a13adfbdb0dcfa9764ae
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b350103fd2d0fcc3d5d092093a98fb06cc4a88c7ebd66b2e66abd2e795808a48
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c5e82954a413c742951d4ae5aaefd5b0caa7ff3ddf5be0125b46adb6943171c4
c874cc00aedcdac8098714de1762baf3ea7a6e913b564ca09d3a73fe318a4782
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdb6bf77769ce21e2078af3d5d7a5cd1e5409299d0d49b2964fadbdfe2637af5
d9ff37f82cabece717d70f2251c92f5837b5796ef3d91e669d1f727a05dab0bc
dada5e4552ce2e0394098bbb6c007b503cb68975a7859790e06c77821786a2e9
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f522106cb8eef17f67ab33bb623590773c6c58f65bfc805fff1f34a0abdf9c75
f6a5c4a2b64918ed6d1e866896635ef6b166c94623e41249352a52e3e51b6bfc
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

presentuser.uk.to Open in urlscan Pro 74.3.163.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

49 %HTTPS

22 %IPv6

47 Domains

68 Subdomains

47 IPs

4 Countries

345 kBTransfer

676 kBSize

96 Cookies

0 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

presentuser.uk.to Open in urlscan Pro
74.3.163.156 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

49 %
HTTPS

22 %
IPv6

47
Domains

68
Subdomains

47
IPs

4
Countries

345 kB
Transfer

676 kB
Size

96
Cookies

108 HTTP transactions
0 data transactions