urlscan.io logo urlscan.io
SecurityTrails logo

duaneminaaisfotk2h7p.pages.dev Open in urlscan Pro
172.66.47.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://duaneminaaisfotk2h7p.pages.dev/
Submission: On July 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 26 domains to perform 36 HTTP transactions. The main IP is 172.66.47.20, located in United States and belongs to CLOUDFLARENET, US. The main domain is duaneminaaisfotk2h7p.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on May 21st 2024. Valid for: 3 months.
This is the only time duaneminaaisfotk2h7p.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.66.47.20 13335 (CLOUDFLAR...)
4 194.233.90.229 141995 (CAPL-AS-A...)
1 142.251.16.132 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 172.240.108.76 7979 (SERVERS-COM)
1 209.85.232.113 15169 (GOOGLE)
1 150.171.28.10 8075 (MICROSOFT...)
1 104.20.18.71 13335 (CLOUDFLAR...)
1 149.56.240.132 16276 (OVH)
3 141.101.120.10 13335 (CLOUDFLAR...)
2 23.48.104.70 20940 (AKAMAI-ASN1)
2 3.21.82.98 16509 (AMAZON-02)
1 172.64.153.173 13335 (CLOUDFLAR...)
2 67.202.105.33 32748 (STEADFAST)
1 23.222.79.184 20940 (AKAMAI-ASN1)
1 23.222.79.138 20940 (AKAMAI-ASN1)
1 2 13.107.42.14 8068 (MICROSOFT...)
2 2 13.32.151.31 16509 (AMAZON-02)
1 1 198.8.71.130 54312 (ROCKETFUEL)
2 2 54.81.130.240 14618 (AMAZON-AES)
1 107.178.254.65 396982 (GOOGLE-CL...)
2 2 67.202.105.21 32748 (STEADFAST)
1 35.244.154.8 396982 (GOOGLE-CL...)
1 2 68.67.160.186 29990 (ASN-APPNEX)
36 21
1    172.66.47.20 (United States)

ASN13335 (CLOUDFLARENET, US)
duaneminaaisfotk2h7p.pages.dev
4    194.233.90.229 (Singapore, Singapore)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi1861228.contaboserver.net
ads.bisniskini.biz.id
1    142.251.16.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f132.1e100.net
3.bp.blogspot.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.240.108.76 (United States)

ASN7979 (SERVERS-COM, US)
glossydollyknock.com
1    209.85.232.113 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f113.1e100.net
suggestqueries.google.com
1    150.171.28.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tse1.mm.bing.net
1    104.20.18.71 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.132 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534300.ip-149-56-240.net
s4.histats.com
3    141.101.120.10 (None, )

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
2    23.48.104.70 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-70.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
2    3.21.82.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-82-98.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
2    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    23.222.79.184 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-79-184.deploy.static.akamaitechnologies.com
t.sharethis.com
1    23.222.79.138 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-79-138.deploy.static.akamaitechnologies.com
t.sharethis.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    13.32.151.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-31.iad66.r.cloudfront.net
live.rezync.com
1    198.8.71.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    54.81.130.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-130-240.compute-1.amazonaws.com
i.liadm.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
dp2.33across.com
dp1.33across.com
1    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    68.67.160.186 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
4 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 30000
t.sharethis.com — Cisco Umbrella Rank: 7974
5 KB
4 bisniskini.biz.id
ads.bisniskini.biz.id
1 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 18487
ic.tynt.com — Cisco Umbrella Rank: 15045
de.tynt.com — Cisco Umbrella Rank: 2349
9 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 8004
t.dtscout.com — Cisco Umbrella Rank: 6811
4 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
2 KB
2 33across.com
dp2.33across.com — Cisco Umbrella Rank: 23691
dp1.33across.com — Cisco Umbrella Rank: 7472
1019 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 937
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2084
3 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
884 B
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 6153
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 6836
s4.histats.com — Cisco Umbrella Rank: 6819
5 KB
2 glossydollyknock.com
glossydollyknock.com
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
26 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
440 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1285
571 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1308
1 KB
1 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 3687
1 KB
1 google.com
suggestqueries.google.com — Cisco Umbrella Rank: 923
757 B
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 17124
665 B
1 pages.dev
duaneminaaisfotk2h7p.pages.dev
6 KB
0 onaudience.com Failed
pixel.onaudience.com Failed
0 dtscdn.com Failed
t.dtscdn.com Failed
0 crwdcntrl.net Failed
tags.crwdcntrl.net Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 affec.tv Failed
map.go.affec.tv Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
36 26
Domain Requested by
4 ads.bisniskini.biz.id duaneminaaisfotk2h7p.pages.dev
2 secure.adnxs.com 1 redirects duaneminaaisfotk2h7p.pages.dev
2 i.liadm.com 2 redirects
2 live.rezync.com 2 redirects
2 px.ads.linkedin.com 1 redirects duaneminaaisfotk2h7p.pages.dev
2 t.sharethis.com pd.sharethis.com
t.sharethis.com
2 pd.sharethis.com e.dtscout.com
duaneminaaisfotk2h7p.pages.dev
2 pxdrop.lijit.com e.dtscout.com
pxdrop.lijit.com
2 t.dtscout.com e.dtscout.com
2 glossydollyknock.com ads.bisniskini.biz.id
2 cdnjs.cloudflare.com duaneminaaisfotk2h7p.pages.dev
1 dp1.33across.com 1 redirects
1 idsync.rlcdn.com duaneminaaisfotk2h7p.pages.dev
1 dp2.33across.com 1 redirects
1 pippio.com duaneminaaisfotk2h7p.pages.dev
1 p.rfihub.com 1 redirects
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com duaneminaaisfotk2h7p.pages.dev
1 cdn.tynt.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 s10.histats.com duaneminaaisfotk2h7p.pages.dev
1 tse1.mm.bing.net duaneminaaisfotk2h7p.pages.dev
1 suggestqueries.google.com duaneminaaisfotk2h7p.pages.dev
1 3.bp.blogspot.com duaneminaaisfotk2h7p.pages.dev
1 duaneminaaisfotk2h7p.pages.dev
0 pixel.onaudience.com Failed duaneminaaisfotk2h7p.pages.dev
0 t.dtscdn.com Failed e.dtscout.com
0 tags.crwdcntrl.net Failed e.dtscout.com
0 pixel.tapad.com Failed duaneminaaisfotk2h7p.pages.dev
0 map.go.affec.tv Failed duaneminaaisfotk2h7p.pages.dev
0 match.adsrvr.org Failed duaneminaaisfotk2h7p.pages.dev
36 32

This site contains links to these domains. Also see Links.

Domain
cockysnailleather.com
Subject Issuer Validity Valid
duaneminaaisfotk2h7p.pages.dev
GTS CA 1P5		 2024-05-21 -
2024-08-19		 3 months crt.sh
ads.bisniskini.biz.id
E6		 2024-06-27 -
2024-09-25		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
glossydollyknock.com
R11		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-05-02 -
2024-10-29		 6 months crt.sh
s10.histats.com
E5		 2024-06-09 -
2024-09-07		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
dtscout.com
WE1		 2024-07-13 -
2024-10-11		 3 months crt.sh
cert2-prod.aut.a24365.net
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-20		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
cert1-prod.aut.a24365.net
R10		 2024-07-15 -
2024-10-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://duaneminaaisfotk2h7p.pages.dev/
Frame ID: 6F410270A128BDA09D7389A47B1F3037
Requests: 33 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017211405892D7536992847DD22E3
Frame ID: 6926EE612FF644A00691E35216C7C6DD
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1466.770&cid=c026&cls=sync
Frame ID: 6B4E444805E9184829CA7005D1D0433F
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1466.23394&cid=c010&cls=C
Frame ID: 925485486C1C804B6CD7E709E41A103C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

72 %
HTTPS

0 %
IPv6

26
Domains

32
Subdomains

21
IPs

4
Countries

64 kB
Transfer

144 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1721140590397.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1721140590397.1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 26
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&_rand=1721140590397.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&_rand=1721140590397.2&expected_cookie=41f2f01c-de4d-4845-8312-382a2ac8ba5e
Request Chain 28
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&us_privacy=&cache_buster=1721140590397.4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=dede7613-b5f6-4412-a3e9-f861c8e4542a%3A1721140590.8932314&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddede7613-b5f6-4412-a3e9-f861c8e4542a%253A1721140590.8932314%26pid%3D500040%26it%3D1%26iv%3Ddede7613-b5f6-4412-a3e9-f861c8e4542a%253A1721140590.8932314%26_%3D1721140590.8952377&cb=1721140590.895284 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759406024847786&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddede7613-b5f6-4412-a3e9-f861c8e4542a%253A1721140590.8932314%26pid%3D500040%26it%3D1%26iv%3Ddede7613-b5f6-4412-a3e9-f861c8e4542a%253A1721140590.8932314%26_%3D1721140590.8952377 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=dede7613-b5f6-4412-a3e9-f861c8e4542a%3A1721140590.8932314&pid=500040&it=1&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a%3A1721140590.8932314&_=1721140590.8952377 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314&pid=500040&_li_chk=true&_=1721140590.8952377&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314&previous_uuid=13e86e1442964f0e97a15e720f735693 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1721140590.8952377&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314
Request Chain 30
  • https://dp2.33across.com/ps/?pid=1205&rand=1721140590397.6 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212529382159505
Request Chain 31
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&random=1721140590397.7&pu=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212698590977258&seg_code=33x&random=1721140591 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698590977258%26seg_code%3D33x%26random%3D1721140591

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
duaneminaaisfotk2h7p.pages.dev/ 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.47.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46baf0d871f405ddce20ef5ada256d5a20b0933fa122ff6422d8ca2b27ac4058
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8a42b97529614c07-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Jul 2024 14:36:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkgaTDV%2B1R%2FPFO2EqBD3af66nEfw8CNN5JW7dVaBsG%2B%2BfMaa32suPYxD5C0Z%2FVVliinfytuJBdoD%2Ftz7uSb7Q9hJsmSANEbrQPZmYc8ryOaXYjd9NHHwVOwURWADouwnljpMgZYE7zhxKWDqYCr5Co4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
cb1f929c7c7c523575650f47146f231e
ads.bisniskini.biz.id/get/site/js/ 		0
65 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bisniskini.biz.id/get/site/js/cb1f929c7c7c523575650f47146f231e
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.90.229 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1861228.contaboserver.net
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:27 GMT
server
LiteSpeed
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
d6f51a1ed1d2f145512197f7cd7be46d
ads.bisniskini.biz.id/get/site/js/ 		280 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.90.229 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1861228.contaboserver.net
Software
LiteSpeed /
Resource Hash
10e2d2a0b7da99b617297de0468dcc18177bb4c0ea66c5738f9a5356e7d645b7

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:27 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
216
expires
Thu, 19 Nov 1981 08:52:00 GMT
d0b1e71bd1922518d7cf826d604fe57a
ads.bisniskini.biz.id/get/site/js/ 		19 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bisniskini.biz.id/get/site/js/d0b1e71bd1922518d7cf826d604fe57a
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.90.229 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1861228.contaboserver.net
Software
LiteSpeed /
Resource Hash
975381fd677695b4fe94a1352d347098a5acd8af613c89d28459dd8dd661b26e

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:27 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
39
expires
Thu, 19 Nov 1981 08:52:00 GMT
btn_close.gif
3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/ 		362 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-ZZSacDHLWlM/VhvlKTMjbLI/AAAAAAAAF2M/UDzU4rrvcaI/s1600/btn_close.gif
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
fife /
Resource Hash
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:17:53 GMT
x-content-type-options
nosniff
age
11913
content-disposition
inline;filename="btn_close.gif"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
362
x-xss-protection
0
server
fife
etag
"v1764"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 17 Jul 2024 11:17:53 GMT
9049b3a33fc36afe5806bf92a1b0bc1f
ads.bisniskini.biz.id/get/site/js/ 		279 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.90.229 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1861228.contaboserver.net
Software
LiteSpeed /
Resource Hash
245c7f6e0efbb44144f3272905a10e87fbd1a5fc868e0b07233e82780be45698

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:27 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
214
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.slim.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
Origin
https://duaneminaaisfotk2h7p.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
573362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22329
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-11ab4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjM6sDBSJJZBzQTyPaazVJHr34JGVYJBq94dk6ggkCh9PX9E9cFq1ZlZ%2B0XqBiUP0zU40ITWAqvSJLH6EzGsQQhdzQBEaUp0ZJiPAM%2F%2FtWiJhLUjSa4Bw0HbFzYdRXpguRCtBmfp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a42b9775e1eda05-MIA
expires
Sun, 06 Jul 2025 14:36:26 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.0/lazysizes.min.js
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
Origin
https://duaneminaaisfotk2h7p.pages.dev
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
70483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3150
last-modified
Sat, 02 Jan 2021 18:12:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ff0b799-1ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kHJj9SzX0u3va7TDLjU9HveSMYbpDLtIbWfX0ZMXBQXx8W0bgV6WITmR8hpHq4iNbW%2FGnz7HtHsLN2LPk5dURtiIL68iz6HqUnD1hSMNLDS5L%2FYmT2I2DjQTf6P%2FDYqVsL2yN4D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a42b9775e1cda05-MIA
expires
Sun, 06 Jul 2025 14:36:26 GMT
invoke.js
glossydollyknock.com/1f00c6b60ce46955dbdc5d473dcaea71/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://glossydollyknock.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js
Requested by
Host: ads.bisniskini.biz.id
URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 16 Jul 2024 14:36:28 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
glossydollyknock.com/1950ea5d6031cf383a263e7d6fcc4935/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://glossydollyknock.com/1950ea5d6031cf383a263e7d6fcc4935/invoke.js
Requested by
Host: ads.bisniskini.biz.id
URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 16 Jul 2024 14:36:28 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
search
suggestqueries.google.com/complete/ 		20 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.85.232.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f113.1e100.net
Software
gws /
Resource Hash
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-36HrFuNLo2A591uCpce8hQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 16 Jul 2024 14:36:28 GMT
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-36HrFuNLo2A591uCpce8hQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-encoding
br
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
permissions-policy
unload=()
expires
-1
th
tse1.mm.bing.net/ 		727 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.28.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:28 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 48ACBD26360F44749585F468BCB23F8C Ref B: MIAEDGE2808 Ref C: 2024-07-16T14:36:28Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
cache-control
no-cache
timing-allow-origin
*
access-control-allow-headers
*
content-length
727
expires
-1
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.18.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
52114
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
8a42b98a3cd0a4c7-MIA
content-length
4547
0.php
s4.histats.com/stats/ 		380 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4848173&@f16&@g1&@h1&@i1&@j1721140589193&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:43810940&@b3:1721140589&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.132 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534300.ip-149-56-240.net
Software
/
Resource Hash
d83c0c787cd36fb89f57994efdff2086ffd4b831e538a25e6c3322e9456a9bb9

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 16 Jul 2024 14:36:37 GMT
Connection
close
Content-Length
380
Content-Type
text/html;charset=UTF-8
/
e.dtscout.com/e/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4848173&@f16&@g1&@h1&@i1&@j1721140589193&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:43810940&@b3:1721140589&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f7ebc53b47a3186407355e65a24e8d05eadabe1ba119eba4f9c98a00e34cd06

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:29 GMT
x-t
0.279
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCVYjT1LlnGn54vgJzPFuVheq6no0PTHNnhKKwEYmg0aAtgKhJXPM9gq9YoD2By5FZzQ2mUUTXx%2F8nkfzpkaMWxtB0CdFYXgGis%2F2rT0jLEemSU1ikm1nLv2r9FniTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
8a42b98d08da099a-MIA
expires
Tue, 16 Jul 2024 14:36:28 GMT
/
t.dtscout.com/idg/ Frame 6926 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=104017211405892D7536992847DD22E3
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8a42b996bc123341-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 16 Jul 2024 14:36:31 GMT
expires
Tue, 16 Jul 2024 14:36:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QaLdOWoKMib%2BxIfZ%2BZbgeXJ31izNuZLea2ReUWbVmW3B12sKr3tgmUWpuZuG9yCq9HSO83vTa5RzlI%2BuxlbXt6X6KCYHKbqafq%2FOK7GI8lcC4NIrdmPvf7q58uTaw8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
t.dhj
pxdrop.lijit.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=duaneminaaisfotk2h7p.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.70 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eeb3c5c16bf7e0baac63207dca1e3a48ede607a5e466a25ce9dc9100f70d3ad5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 16 Jul 2024 14:36:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1398
Expires
Tue, 16 Jul 2024 15:36:30 GMT
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.82.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-82-98.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
babd732c75870c5605df3abe94472a8d9709028c2420b7cf0a7d6ee5068da052
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 16 Jul 2024 14:36:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
server
cloudflare
age
20865
etag
W/"651ed18d-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8a42b98f3c7cda33-MIA
expires
Fri, 19 Jul 2024 14:36:29 GMT
/
t.dtscout.com/pv/ 		51 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=duaneminaaisfotk2h7p.pages.dev&_ss=5d98yxb8tz&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5zp8&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc22a653d26cdfb0cc72918e085b154d1b1ed989c1bf04021fefd60980160a03

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:29 GMT
x-t
0.136
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iFMcSviv66HpsCjSK7k303s7mGnHLXrp7opMcg5lOC9uvU1aJYfqKaT47HlIdE4FdsSJY1WACCj75YvIpJlbyoqa%2FXH%2BzWMqr8DhPB4eTXGWnokPO3M4KFCo3mkEZSY%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
8a42b98df9b4099a-MIA
expires
Tue, 16 Jul 2024 14:36:28 GMT
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1721140590073&dn=AFWU&iso=0&pu=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&t=duaneminaaisfotk2h7p.pages.dev&chmob=0
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:30 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag
"4bc8846c-23"
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
t.dhj
t.sharethis.com/1/k/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.17694453520157127&stid=ZHWABGaWhW4AAAAJD9tqAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.79.184 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-79-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
176c44f2d4d376f2d64d3f34b58cfd93a21b974c6073452f9b43c3b2daa0e319
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 16 Jul 2024 14:36:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1385
Expires
Tue, 16 Jul 2024 15:36:30 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&event_source=dtscout&rnd=0.17694453520157127&exptid=ZHWABGaWhW4AAAAJD9tqAw%3D%3D&fcmp=false
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.21.82.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-21-82-98.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 16 Jul 2024 14:36:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Content-Type
image/gif
t_.htm
pxdrop.lijit.com/a/ Frame 6B4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1466.770&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=duaneminaaisfotk2h7p.pages.dev&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.70 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-70.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1174
Content-Type
text/html
Date
Tue, 16 Jul 2024 14:36:31 GMT
Expires
Tue, 23 Jul 2024 14:36:31 GMT
X-Robots-Tag
noindex, nofollow
t_.htm
t.sharethis.com/a/ Frame 9254 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1466.23394&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.17694453520157127&stid=ZHWABGaWhW4AAAAJD9tqAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.222.79.138 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-79-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1174
Content-Type
text/html
Date
Tue, 16 Jul 2024 14:36:30 GMT
Expires
Tue, 23 Jul 2024 14:36:30 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
v2
de.tynt.com/deb/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
90669e199cbd036c0e6242d247591df94cee8813f97ff89e8678133775f2221f

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 16 Jul 2024 14:36:30 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
1541
expires
Sat, 26 Jul 1997 05:00:00 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1721140590397.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1721140590397.1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
0
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&_rand=1721140590397.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&_rand=1721140590397.2&expected_cookie=41f2f01c-de4d-4845-8312-382a2ac8ba5e
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&_rand=1721140590397.2&expected_cookie=41f2f01c-de4d-4845-8312-382a2ac8ba5e
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:29 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 0B0113437DF94658B3216DAB1106C56D Ref B: MIA301000101023 Ref C: 2024-07-16T14:36:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYdXkWDsJdWa2BiSckZSw==

Redirect headers

date
Tue, 16 Jul 2024 14:36:29 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5B5F7EE540F648FE8E8814595060C55E Ref B: MIA301000101023 Ref C: 2024-07-16T14:36:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=15927&puuid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&_rand=1721140590397.2&expected_cookie=41f2f01c-de4d-4845-8312-382a2ac8ba5e
x-li-proto
http/2
content-length
0
x-li-uuid
AAYdXkWCfv6PAMwX5XwN5w==
/
map.go.affec.tv/map/3a/ 		0
0
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fduaneminaaisfotk2h...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=dede7613-b5f6-4412-a3e9-f861c8e4542a%3A1721140590.8932314&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddede7613-b5f6-4412...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759406024847786&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3Ddede76...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=dede7613-b5f6-4412-a3e9-f861c8e4542a%3A1721140590.8932314&pid=500040&it=1&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a%3A1721140590.8932314&_=172...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314&pid=500040&_li_chk=true&_=1721140590.8952377&iv=dede7613-b5f6-4412-a3e9-f861c8e...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1721140590.8952377&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314
42 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1721140590.8952377&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1721140590.8952377&iv=dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314
Date
Tue, 16 Jul 2024 14:36:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
receive
pixel.tapad.com/idsync/ex/ 		0
0
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1721140590397.6
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212529382159505
42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212529382159505
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 14:36:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:30 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212529382159505
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&random=1721140590397.7&pu=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212698590977258&seg_code=33x&random=1721140591
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698590977258%26seg_code%3D33x%26random%3D1721140591
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698590977258%26seg_code%3D33x%26random%3D1721140591
Requested by
Host: duaneminaaisfotk2h7p.pages.dev
URL: https://duaneminaaisfotk2h7p.pages.dev/
Protocol
H2
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://duaneminaaisfotk2h7p.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:32 GMT
an-x-request-uuid
6cbbe8f9-e3ed-46c2-8940-6336bb3e6886
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
181.214.150.149; 181.214.150.149; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Jul 2024 14:36:32 GMT
an-x-request-uuid
9b98605a-1690-4839-b204-7a66ddc4a2c9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212698590977258%26seg_code%3D33x%26random%3D1721140591
cache-control
no-store, no-cache, private
x-proxy-origin
181.214.150.149; 181.214.150.149; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		0
0
/
t.dtscdn.com/widget/ 		0
0
/
pixel.onaudience.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
Domain
map.go.affec.tv
URL
https://map.go.affec.tv/map/3a/?pid=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&ts=1721140590397.3
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKTGaWhW5Jbb6sEK%2FHAg%3D%3D&us_privacy=&random=1721140590397.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD
Domain
tags.crwdcntrl.net
URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Domain
t.dtscdn.com
URL
https://t.dtscdn.com/widget/?d=104017211405892D7536992847DD22E3&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Fduaneminaaisfotk2h7p.pages.dev%2F&r=
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=137085098&mapped=104017211405892D7536992847DD22E3

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| baseUrl object| atOptions function| $ function| jQuery object| lazySizes function| autoRelated function| parseSpintax object| seco object| seca object| sece object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi object| lotame_3825 number| char

42 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgA
duaneminaaisfotk2h7p.pages.dev/ Name: HstCfa4848173
Value: 1721140589193
duaneminaaisfotk2h7p.pages.dev/ Name: HstCla4848173
Value: 1721140589193
duaneminaaisfotk2h7p.pages.dev/ Name: HstCmu4848173
Value: 1721140589193
duaneminaaisfotk2h7p.pages.dev/ Name: HstPn4848173
Value: 1
duaneminaaisfotk2h7p.pages.dev/ Name: HstPt4848173
Value: 1
duaneminaaisfotk2h7p.pages.dev/ Name: HstCnv4848173
Value: 1
duaneminaaisfotk2h7p.pages.dev/ Name: HstCns4848173
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1721140589
.dtscout.com/ Name: l
Value: 104017211405892D7536992847DD22E3
.sharethis.com/ Name: __stid
Value: ZHWABGaWhW4AAAAJD9tqAw==
.sharethis.com/ Name: __stidv
Value: 2
.lijit.com/ Name: lijitAcc3PC
Value: 1
.tynt.com/ Name: uid
Value: CoIKTGaWhW5Jbb6sEK/HAg==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1721140590397%7D%5D
.linkedin.com/ Name: li_sugr
Value: 41f2f01c-de4d-4845-8312-382a2ac8ba5e
.linkedin.com/ Name: bcookie
Value: "v=2&baffacde-8d6b-49d3-8b3b-89fc3891900f"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=3145:u=1:x=1:i=1721140590:t=1721226990:v=2:sig=AQEAzsn4x_igTovUDYu4hwlXNmikCnlu"
.eyeota.net/ Name: mako_uid
Value: 190bbf9384d-3dfb0000010a494e
.eyeota.net/ Name: SERVERID
Value: 18766~DM
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1721140590748
.rezync.com/ Name: zync-uuid
Value: dede7613-b5f6-4412-a3e9-f861c8e4542a:1721140590.8932314
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTQxMDMwMrEwMTe3MBPiM9TVNTYNTHbKTLM0z00BAIudyK0lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsRGAIAwF0AmsmCMePwkJuA1IGMjS0kntvLN870o-Y4YbhEZZRqpg6hKNVjWcNbQo9wPOgObS8l6bsEDvtH0Jhj1_-wsdad5gWgAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByRWAIAwFwIvtxMfPHrsBCYVYuTPfFbt3h0No2XFSBdOULjrpeLPVlOeDYECH1bizhAX6A5M7bnc6AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NDc3tTQxMDMwMrEwMTe3MBPiM9TVNTYNTHbKTLM0z00BAIudyK0lAAAA
.duaneminaaisfotk2h7p.pages.dev/ Name: __dtsu
Value: 104017211405892D7536992847DD22E3
live.rezync.com/ Name: sd-session-id
Value: .eJwNykEOgyAQAMC_7FkMCwsLfMagrAlppY3opca_1-Mkc8H0lX3LTdoB6dhPGWB510cd0gW9_jZ5QQKMyOwiaa8NBWIOHu4BuvReP22q5TlFirBHq2a3ekWERmUrUa3B4xKEHJmckA0iaRf1GKI1FgnuP7xJJaY.ZpaFbw.SoltW5L9p-Cg7Z_-_a9pTYLXKAE
.liadm.com/ Name: lidid
Value: 13e86e14-4296-4f0e-97a1-5e720f735693
.33across.com/ Name: 33x_ps
Value: u%3D212698590977258%3As1%3D1721140591689%3Ats%3D1721140591689
.pippio.com/ Name: did
Value: ANdv342CwEqIcW7I
.pippio.com/ Name: didts
Value: 1721140591
.pippio.com/ Name: nnls
Value:
.rlcdn.com/ Name: rlas3
Value: vUrQLkn9wA2ODQ3e4zKTHP11gRFxb63saCD8EIdwBBQ=
.adnxs.com/ Name: XANDR_PANID
Value: OTcqutuIuZCfTntkJjfMKRHlPXhntRp-lMwDUTV2k-agXIW6-A5PESFskeMpSVaej1JAh6Tu19HAbuXyno4Dl7GRLKFOnP2U6tccj-XFemM.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4559440263192984276
.rlcdn.com/ Name: pxrc
Value: CPCK2rQGEgUI6AcQABIFCOhHEAA=
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Il]qF`h!!]tbP6j2F-XstGt!@DfP$odRp
.pippio.com/ Name: pxrc
Value: CPCK2rQGEgYI36wrEAA=

9 Console Messages

Source Level URL
Text
javascript warning URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://glossydollyknock.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.bisniskini.biz.id/get/site/js/d6f51a1ed1d2f145512197f7cd7be46d(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://glossydollyknock.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://glossydollyknock.com/1f00c6b60ce46955dbdc5d473dcaea71/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://glossydollyknock.com/1950ea5d6031cf383a263e7d6fcc4935/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.bisniskini.biz.id/get/site/js/9049b3a33fc36afe5806bf92a1b0bc1f(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://glossydollyknock.com/1950ea5d6031cf383a263e7d6fcc4935/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://glossydollyknock.com/1950ea5d6031cf383a263e7d6fcc4935/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://duaneminaaisfotk2h7p.pages.dev/(Line 133)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://duaneminaaisfotk2h7p.pages.dev/(Line 133)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://suggestqueries.google.com/complete/search?jsonp=autoRelated&hl=en&client=firefox&q=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://tse1.mm.bing.net/th?q=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
ads.bisniskini.biz.id
cdn.tynt.com
cdnjs.cloudflare.com
de.tynt.com
dp1.33across.com
dp2.33across.com
duaneminaaisfotk2h7p.pages.dev
e.dtscout.com
glossydollyknock.com
i.liadm.com
ic.tynt.com
idsync.rlcdn.com
live.rezync.com
map.go.affec.tv
match.adsrvr.org
p.rfihub.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
pixel.tapad.com
px.ads.linkedin.com
pxdrop.lijit.com
s10.histats.com
s4.histats.com
secure.adnxs.com
suggestqueries.google.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.crwdcntrl.net
tse1.mm.bing.net
map.go.affec.tv
match.adsrvr.org
pixel.onaudience.com
pixel.tapad.com
t.dtscdn.com
tags.crwdcntrl.net
104.17.24.14
104.20.18.71
107.178.254.65
13.107.42.14
13.32.151.31
141.101.120.10
142.251.16.132
149.56.240.132
150.171.28.10
172.240.108.76
172.64.153.173
172.66.47.20
194.233.90.229
198.8.71.130
209.85.232.113
23.222.79.138
23.222.79.184
23.48.104.70
3.21.82.98
35.244.154.8
54.81.130.240
67.202.105.21
67.202.105.33
68.67.160.186
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
0f7ebc53b47a3186407355e65a24e8d05eadabe1ba119eba4f9c98a00e34cd06
10e2d2a0b7da99b617297de0468dcc18177bb4c0ea66c5738f9a5356e7d645b7
176c44f2d4d376f2d64d3f34b58cfd93a21b974c6073452f9b43c3b2daa0e319
245c7f6e0efbb44144f3272905a10e87fbd1a5fc868e0b07233e82780be45698
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
46112dbceed738f759d03f04b115d5256a7d73660b7795acb382192ad84d9f98
46baf0d871f405ddce20ef5ada256d5a20b0933fa122ff6422d8ca2b27ac4058
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5ffae3c0e627b6a2083d67639bfa32ecfe695671ee25f8e1315d2067a4e28df4
7edda2585f580c167fd4e3a6c162534548cda437f8bef67c544f3aa9c162a17c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90669e199cbd036c0e6242d247591df94cee8813f97ff89e8678133775f2221f
975381fd677695b4fe94a1352d347098a5acd8af613c89d28459dd8dd661b26e
babd732c75870c5605df3abe94472a8d9709028c2420b7cf0a7d6ee5068da052
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
d83c0c787cd36fb89f57994efdff2086ffd4b831e538a25e6c3322e9456a9bb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeb3c5c16bf7e0baac63207dca1e3a48ede607a5e466a25ce9dc9100f70d3ad5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc22a653d26cdfb0cc72918e085b154d1b1ed989c1bf04021fefd60980160a03