minecraft.curseforge.com Open in urlscan Pro
104.19.147.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Submission: On August 07 via manual (August 7th 2023, 3:13:11 pm UTC) from CA — Scanned from CA

Summary HTTP 67 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 33 IPs in 3 countries across 40 domains to perform 67 HTTP transactions. The main IP is 104.19.147.132, located in and belongs to CLOUDFLARENET, US. The main domain is minecraft.curseforge.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2023. Valid for: a year.

This is the only time minecraft.curseforge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	104.19.147.132 104.19.147.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.80.68 142.250.80.68	15169 (GOOGLE) (GOOGLE)
1	142.250.72.110 142.250.72.110	15169 (GOOGLE) (GOOGLE)
4	142.250.176.200 142.250.176.200	15169 (GOOGLE) (GOOGLE)
1	52.85.151.8 52.85.151.8	16509 (AMAZON-02) (AMAZON-02)
1	52.85.151.89 52.85.151.89	16509 (AMAZON-02) (AMAZON-02)
1	18.160.46.100 18.160.46.100	16509 (AMAZON-02) (AMAZON-02)
4	142.250.81.234 142.250.81.234	15169 (GOOGLE) (GOOGLE)
2 4	18.154.227.100 18.154.227.100	16509 (AMAZON-02) (AMAZON-02)
2	13.107.226.40 13.107.226.40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	142.250.65.200 142.250.65.200	15169 (GOOGLE) (GOOGLE)
3	142.250.176.195 142.250.176.195	15169 (GOOGLE) (GOOGLE)
2	142.250.65.206 142.250.65.206	15169 (GOOGLE) (GOOGLE)
1	142.251.40.227 142.251.40.227	15169 (GOOGLE) (GOOGLE)
1	142.251.16.156 142.251.16.156	15169 (GOOGLE) (GOOGLE)
1	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	142.251.32.99 142.251.32.99	15169 (GOOGLE) (GOOGLE)
3	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 12	54.160.214.90 54.160.214.90	14618 (AMAZON-AES) (AMAZON-AES)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5 5	174.129.232.136 174.129.232.136	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 1	13.249.39.128 13.249.39.128	16509 (AMAZON-02) (AMAZON-02)
1 1	18.173.219.43 18.173.219.43	() ()
2 2	52.4.147.81 52.4.147.81	14618 (AMAZON-AES) (AMAZON-AES)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	207.198.113.89 207.198.113.89	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	50.116.194.23 50.116.194.23	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	34.197.192.192 34.197.192.192	14618 (AMAZON-AES) (AMAZON-AES)
3 3	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
5 6	52.204.157.89 52.204.157.89	14618 (AMAZON-AES) (AMAZON-AES)
1 1	15.235.42.103 15.235.42.103	16276 (OVH) (OVH)
1 1	54.147.190.158 54.147.190.158	14618 (AMAZON-AES) (AMAZON-AES)
1 1	104.17.215.204 104.17.215.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.220.58.27 3.220.58.27	14618 (AMAZON-AES) (AMAZON-AES)
1	34.237.227.78 34.237.227.78	14618 (AMAZON-AES) (AMAZON-AES)
1	107.22.84.226 107.22.84.226	14618 (AMAZON-AES) (AMAZON-AES)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1	3.143.121.78 3.143.121.78	16509 (AMAZON-02) (AMAZON-02)
1	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
67	33

10 104.19.147.132 (None, )

ASN13335 (CLOUDFLARENET, US)

minecraft.curseforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.68 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.176.200 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-8.iad89.r.cloudfront.net

configs.forgecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.151.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-151-89.iad89.r.cloudfront.net

elerium-static.curseforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.81.234 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.154.227.100 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-100.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.226.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.200 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.176.195 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.227 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.16.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.99 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.160.214.90 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-214-90.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 174.129.232.136 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-232-136.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-128.iad89.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.43 (United States) 1 redirects

ASN- ()
PTR: server-18-173-219-43.jfk52.r.cloudfront.net

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.4.147.81 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-147-81.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.89 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.194.23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)
PTR: d-atl1.turn.com

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.192.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.178.10 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (United States) 1 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.204.157.89 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-157-89.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.103 (Victoria, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.147.190.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-190-158.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.215.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.58.27 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-58-27.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.227.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-227-78.compute-1.amazonaws.com

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.84.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-84-226.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.143.121.78 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-143-121-78.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1044 bcp.crwdcntrl.net — Cisco Umbrella Rank: 904 sync.crwdcntrl.net — Cisco Umbrella Rank: 889	19 KB
11	curseforge.com minecraft.curseforge.com elerium-static.curseforge.com — Cisco Umbrella Rank: 686589	606 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 996 u.clarity.ms — Cisco Umbrella Rank: 8578 c.clarity.ms — Cisco Umbrella Rank: 1583	22 KB
6	mediawallahscript.com 5 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 2597	4 KB
5	clickagy.com 5 redirects aorta.clickagy.com — Cisco Umbrella Rank: 2289	2 KB
5	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 489 www.google-analytics.com — Cisco Umbrella Rank: 55	38 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 385	2 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 115 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	3 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	216 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 156	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	274 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 671 i6.liadm.com — Cisco Umbrella Rank: 2275	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 514	1 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 414	2 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 496	858 B
3	google.com www.google.com — Cisco Umbrella Rank: 3 apis.google.com — Cisco Umbrella Rank: 185	24 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1522 ups.analytics.yahoo.com — Cisco Umbrella Rank: 329	1 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1143	1 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1507	784 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 769	958 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 775	661 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 215	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 541 d.agkn.com — Cisco Umbrella Rank: 703	1 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 423	833 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 670	454 B
1	sharethis.com sync.sharethis.com — Cisco Umbrella Rank: 3233	549 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 632	338 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 2644	550 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 810	1 KB
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3704	412 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 3479	983 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 2328	512 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1497	418 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 648	674 B
1	ml314.com ml314.com — Cisco Umbrella Rank: 1885	404 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 9505	543 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 224	762 B
1	google.ca www.google.ca — Cisco Umbrella Rank: 8480	455 B
1	forgecdn.net configs.forgecdn.net — Cisco Umbrella Rank: 667170	21 KB
67	40

	Domain	Requested by
10	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
10	minecraft.curseforge.com	minecraft.curseforge.com
6	partner.mediawallahscript.com	5 redirects bcp.crwdcntrl.net
5	aorta.clickagy.com	5 redirects
4	match.adsrvr.org	4 redirects
4	sb.scorecardresearch.com	2 redirects minecraft.curseforge.com
4	fonts.googleapis.com	minecraft.curseforge.com
4	www.googletagmanager.com	minecraft.curseforge.com www.googletagmanager.com
3	pixel.tapad.com	3 redirects
3	secure.adnxs.com	3 redirects
3	us-u.openx.net	2 redirects bcp.crwdcntrl.net
3	u.clarity.ms	www.clarity.ms
3	fonts.gstatic.com	fonts.googleapis.com
3	ssl.google-analytics.com	1 redirects minecraft.curseforge.com
2	i.liadm.com	2 redirects
2	ps.eyeota.net	1 redirects bcp.crwdcntrl.net
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	pixel-sync.sitescout.com	2 redirects
2	cm.g.doubleclick.net	bcp.crwdcntrl.net
2	sync-tm.everesttech.net	2 redirects
2	dpm.demdex.net	2 redirects
2	idsync.rlcdn.com	2 redirects
2	c.clarity.ms	1 redirects
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	www.google-analytics.com	elerium-static.curseforge.com www.googletagmanager.com
2	www.clarity.ms	minecraft.curseforge.com www.clarity.ms
2	www.google.com	minecraft.curseforge.com
1	tags.bluekai.com	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	i6.liadm.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	c.bing.com	1 redirects
1	www.google.ca	minecraft.curseforge.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	minecraft.curseforge.com
1	www.gstatic.com	www.google.com
1	tags.crwdcntrl.net	minecraft.curseforge.com
1	elerium-static.curseforge.com	minecraft.curseforge.com
1	configs.forgecdn.net	minecraft.curseforge.com
1	apis.google.com	minecraft.curseforge.com
67	53

This site contains links to these domains. Also see Links.

Domain
www.curseforge.com
authors.curseforge.com
wminecraft.net
www.overwolf.com
curseforge.com
overwolf.github.io
support.curseforge.com
download.overwolf.com
ideas.overwolf.com
medium.com
brands.overwolf.com
core.curseforge.com
support.overwolf.com
alphas.overwolf.com
discord.gg
www.reddit.com
www.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-02` - `2024-07-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
curseforge.com Amazon RSA 2048 M02	`2023-06-12` - `2024-07-10`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-03-21` - `2023-09-21`	6 months	crt.sh
ml314.com GTS CA 1D4	`2023-08-05` - `2023-11-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Frame ID: 2B476A28878EB014E4A429A99AEC9052
Requests: 43 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Frame ID: 817B03E59D43C9C9EBA2CEE5C8048AFF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Link Warning - Minecraft CurseForge

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

67
Requests

72 %
HTTPS

0 %
IPv6

40
Domains

53
Subdomains

33
IPs

3
Countries

1234 kB
Transfer

4476 kB
Size

83
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://www.curseforge.com/minecraft/modpacks
Title: Projects

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/customization
Title: Customization

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-addons
Title: Addons

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/mc-mods
Title: Mods

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/texture-packs
Title: Texture Packs

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/minecraft/worlds
Title: Worlds

Search URL Search Domain Scan URL

URL: https://authors.curseforge.com/store
Title: Reward Store

Search URL Search Domain Scan URL

URL: https://authors.curseforge.com/dashboard
Title: Dashboard

Search URL Search Domain Scan URL

URL: https://wminecraft.net/download-kuda-shaders-mod/
Title: here

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/creators/build-an-app/
Title: Build an App

Search URL Search Domain Scan URL

URL: https://curseforge.com/
Title: Publish a mod

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/why-overwolf/
Title: Why Overwolf

Search URL Search Domain Scan URL

URL: https://overwolf.github.io/docs/start/getting-started
Title: App documentation

Search URL Search Domain Scan URL

URL: https://support.curseforge.com/en/support/solutions/folders/9000194118
Title: Mod documentation

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/creators/creators-services/
Title: Creator services

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/fund/home
Title: Apply for funding

Search URL Search Domain Scan URL

URL: https://www.curseforge.com/
Title: Discover Mods

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/appstore
Title: Discover Apps

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/our-commitment/
Title: Gameplay First

Search URL Search Domain Scan URL

URL: https://download.overwolf.com/install/Download?Channel=web_dl_btn
Title: Download Overwolf

Search URL Search Domain Scan URL

URL: https://ideas.overwolf.com/
Title: Suggest a feature

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/about-overwolf/
Title: About us

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/our-story/
Title: Our story

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/jobs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://medium.com/overwolf
Title: Blog

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/brand-guidelines/
Title: Brand Guidelines

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/partners
Title: Partners

Search URL Search Domain Scan URL

URL: https://brands.overwolf.com/
Title: Advertisers

Search URL Search Domain Scan URL

URL: https://www.overwolf.com/influencers
Title: Influencers

Search URL Search Domain Scan URL

URL: https://core.curseforge.com/
Title: Game Developers

Search URL Search Domain Scan URL

URL: http://support.overwolf.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/supported-games/
Title: Supported Games

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/legal/terms/
Title: Terms of service

Search URL Search Domain Scan URL

URL: http://www.overwolf.com/legal/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://alphas.overwolf.com/
Title: Overwolf Alphas

Search URL Search Domain Scan URL

URL: https://support.overwolf.com/en/support/solutions/articles/9000203492-licenses-we-use
Title: Licenses

Search URL Search Domain Scan URL

URL: https://discord.gg/YwHjmfe

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Overwolf/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Overwolf/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/overwolf.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/TheOverwolf

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://sb.scorecardresearch.com/cs/20631572/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 30

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1888433188&utmhn=minecraft.curseforge.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Link%20Warning%20-%20Minecraft%20CurseForge&utmhid=1953844356&utmr=-&utmp=%2Flinkout%3FremoteUrl%3Dhttps%2525253a%2525252f%2525252fwminecraft.net%2525252fdownload-kuda-shaders-mod%2525252f&utmht=1691421186114&utmac=UA-389142-3&utmcc=__utma%3D94490894.1973964973.1691421186.1691421186.1691421186.1%3B%2B__utmz%3D94490894.1691421186.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=375498295&utmredir=1&utmu=qBAAACAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-389142-3&cid=1973964973.1691421186&jid=375498295&_v=5.7.2&z=1888433188

Request Chain 32

https://sb.scorecardresearch.com/b?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1691421186189&ns_c=UTF-8&c7=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&c8=Link%20Warning%20-%20Minecraft%20CurseForge&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1691421186189&ns_c=UTF-8&c7=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&c8=Link%20Warning%20-%20Minecraft%20CurseForge&c9=

Request Chain 39

https://bcp.crwdcntrl.net/5/c=3613/rand=362987271/pv=y/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr

Request Chain 40

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE408157C0E04196B642618253E50DA7&RedC=c.clarity.ms&MXFR=3962A75F09326F9C1A3AB4390D326171 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE408157C0E04196B642618253E50DA7&MUID=0FB0975E0AB16C2722C984380B1B6DEA

Request Chain 41

https://aorta.clickagy.com/pixel.gif?ch=120&cm=fc98e8628f84d1b54df6b82aa66887a2 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:8c4e63defe2e0dc3adfb9e526ff30621 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJbTGRIuCioIARD1lgkaImM6OGM0ZTYzZGVmZTJlMGRjM2FkZmI5ZTUyNmZmMzA2MjEQABoNCIOUxKYGEgUI6AcQAEIASgA HTTP 307
https://aorta.clickagy.com/pixel.gif?ch=114&cm=bec4048b813643810b0c6bfde721f73a9c8439244b754b3d73f5e657dca2be3525abae5358c0e7bc HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:8c4e63defe2e0dc3adfb9e526ff30621&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D HTTP 302
https://d.agkn.com/pixel/10751/?che=1691421187343&ip=153.92.40.72&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D214830604601010035574 HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=214830604601010035574 HTTP 302
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8c4e63defe2e0dc3adfb9e526ff30621&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:8c4e63defe2e0dc3adfb9e526ff30621&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=75122705077130554331226828212540528821 HTTP 302
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=4&cm=e2c86e6f-f59e-4c08-9978-560365dcfef3&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:8c4e63defe2e0dc3adfb9e526ff30621

Request Chain 43

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZNEKAgAAAtAgGwA4 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZNEKAgAAAtAgGwA4/gdpr=0&_test=ZNEKAgAAAtAgGwA4

Request Chain 45

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b/gdpr=0/gdpr_consent=

Request Chain 47

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=0788efd5-8ce2-43da-a607-03433ea34082-64d10a02-4341/gdpr=0

Request Chain 48

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=fc98e8628f84d1b54df6b82aa66887a2 HTTP 307
https://cm.mgid.com/m?c=fc98e8628f84d1b54df6b82aa66887a2&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 51

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/fc98e8628f84d1b54df6b82aa66887a2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7562481707299865499/gdpr=0

Request Chain 52

https://ps.eyeota.net/match?bid=51mdg9u&uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0 HTTP 302
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0

Request Chain 53

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=857037910 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D857037910 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4827361252686534792/gdpr=0/rand=857037910

Request Chain 54

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=fc98e8628f84d1b54df6b82aa66887a2 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=fc98e8628f84d1b54df6b82aa66887a2

Request Chain 55

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=fc98e8628f84d1b54df6b82aa66887a2&custom=&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=fc98e8628f84d1b54df6b82aa66887a2&custom=&tag_format=img&tag_action=sync&final=true&reqid=e9cd2010-3534-11ee-b225-8faea3ea2036&timestamp=2023-08-07T15%3A13%3A07.217Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4827361252686534792&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=e9d55d70-3534-11ee-b7da-dba5b7e2b9c2?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=fc98e8628f84d1b54df6b82aa66887a2&tag_format=img&tag_action=sync&cb=861003849 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=e9d55d70-3534-11ee-b7da-dba5b7e2b9c2&cb=1691421187586&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1691421187586 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=ea8c687c-c26a-4335-8b05-6b056b5d8bbf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1691421187586

Request Chain 56

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-eda441ca-6c9f-537b-43ea-0737b04bc7e1$ip$153.92.40.72&gdpr=0&gdpr_consent=

Request Chain 57

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6b134eae98a33ea667bdc736e54d9378

Request Chain 58

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch= HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=714c2352-321b-41bc-b924-f47be3a0cef7%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D714c2352-321b-41bc-b924-f47be3a0cef7%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c9f6d86-7e84-459d-9739-9ed72c1eb57b&ttd_puid=714c2352-321b-41bc-b924-f47be3a0cef7%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D714c2352-321b-41bc-b924-f47be3a0cef7%2C HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=714c2352-321b-41bc-b924-f47be3a0cef7

Request Chain 59

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2 HTTP 303
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2&_li_chk=true&previous_uuid=4e02003e5e39404a99d688c500cd90d9 HTTP 303
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2

Request Chain 61

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kheHd99E2py6kiTIvX7bAoJ5NG4n0U5iSjY-~A&gdpr=0

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request linkout Show response
minecraft.curseforge.com/ 24 KB
10 KB 142ms
81ms Document
text/html 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cc35321c37b066a165b4a99dd82eb15756b90540a234fc67ef448a88bb2def0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7f3076295d1b36be-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 07 Aug 2023 15:13:05 GMT
server: cloudflare
strict-transport-security: max-age=15768000
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN SAMEORIGIN
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 compiled.css
minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Blocks/css/ 31 KB
6 KB 37ms
34ms Stylesheet
text/css 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Blocks/css/compiled.css

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dfde27c429ab934f07188477f53ebc4782f381eaba97e7320315d735ed4433e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 1501
alt-svc: h3=":443"; ma=86400
content-length: 5800
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 07 Aug 2023 14:16:10 GMT
server: cloudflare
etag: W/"071b8b639c9d91:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f307629ee2336be-YYZ
expires: Mon, 07 Aug 2023 19:13:05 GMT

GET
H2 200 compiled.css
minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/ 1 MB
143 KB 86ms
83ms Stylesheet
text/css 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ab50d58e480aff42d695dc6902841297208121cb5f2dca4fc08e7ebb54930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
cf-cache-status: HIT
age: 1501
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 07 Aug 2023 14:16:58 GMT
server: cloudflare
etag: W/"0a954d339c9d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 7f307629ee2436be-YYZ
expires: Mon, 07 Aug 2023 19:13:05 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
900 B 143ms
56ms Script
text/javascript 142.250.80.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.68 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f4.1e100.net

Software

GSE /

Resource Hash

23f7261b13b5e1bddfc36cf444a673c9048d6fa50e0a1a59fd194824c5363b5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580
x-xss-protection: 1; mode=block
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 57 KB
22 KB 135ms
54ms Script
text/javascript 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

sffe /

Resource Hash

470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Aug 2023 15:13:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22286
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "0b554ade65733cb8"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
76 KB 187ms
89ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3N8RVEG29S

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

de8f5f70ebfea9f43decc3f25cf1d3da6120b975d1da5fb04c106c3ff3149bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 15:13:06 GMT

GET
H2 200 ow.min.js Show response
configs.forgecdn.net/ 21 KB
21 KB 142ms
45ms Script
application/x-javascript 52.85.151.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://configs.forgecdn.net/ow.min.js
Requested by: Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.151.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-151-8.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 054ef57790c1506bcb5ecc4f16f897e0ff1cdfdef695d2d6e3e9d76c6897b377

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: yCXxkkQZwFTbGTHkUG_pEEFo6BUh7_VC
date: Mon, 07 Aug 2023 02:05:51 GMT
via: 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront)
last-modified: Thu, 22 Jun 2023 15:15:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 47235
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Thu, 22 Jun 2023 14:45:05 GMT
etag: "c4ba4285cce95fc0c4afd41c17f73e39"
content-type: application/x-javascript
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 21521
x-amz-cf-id: 3RCBQIaFAY787PKSnFBj8COIjVzvUzuh4qkv4fI_1KUx4TcMheLvyQ==

GET
H2 200 jquery-migration Show response
minecraft.curseforge.com/js/ 105 KB
37 KB 76ms
74ms Script
text/javascript 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/js/jquery-migration?v=GjyiFSP641QXo5QcmpaUW1L8laD5rKWzPP0n7lEpHPo1

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdeac806a882905df5b64d3ef2592b09a740e272cd006e735c23e74aa7868adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 1553453
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 17 Jul 2023 16:41:34 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=29726909
cf-ray: 7f307629ee2536be-YYZ
expires: Tue, 16 Jul 2024 16:41:34 GMT

GET
H2 200 jquery Show response
minecraft.curseforge.com/js/ 515 KB
147 KB 50ms
48ms Script
text/javascript 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/js/jquery?v=-l4Om55ehZs1gYrKtDvYMCO02R2CD_KZGhdbRy2UTxw1

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783dff648c360cefbe2c8bb9931bad4aba6ed13381424f1e3a0ade80c6556198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 1559631
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 17 Jul 2023 16:41:34 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=29726909
cf-ray: 7f307629ee2636be-YYZ
expires: Tue, 16 Jul 2024 16:41:34 GMT

GET
H2 200 cobalt Show response
minecraft.curseforge.com/js/ 402 KB
106 KB 38ms
36ms Script
text/javascript 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/js/cobalt?v=6jYBwDuKJogccYdURuqrnHftT32m265OtHGmCW8-cGk1

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee7fb772737aab516328e8ef0418ddb8db1bc6b6a354d570e1d63a30e7bcc9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 1559631
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 17 Jul 2023 16:41:34 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=29726909
cf-ray: 7f307629ee2836be-YYZ
expires: Tue, 16 Jul 2024 16:41:34 GMT

GET
H2 200 Elerium Show response
elerium-static.curseforge.com/js/ 547 KB
105 KB 200ms
46ms Script
text/javascript 52.85.151.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://elerium-static.curseforge.com/js/Elerium

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.151.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-151-89.iad89.r.cloudfront.net

Software

Microsoft-IIS/10.0 /

Resource Hash

e9097165d7f9ad30dced49b51c7bf2e8349506f7f2c8ad75d9587898ec419eaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 13:46:29 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
via: 1.1 98e30e5953336545df428a8f5923a288.cloudfront.net (CloudFront)
x-aspnet-version: 4.0.30319
x-amz-cf-pop: IAD89-C3
age: 5196
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 07 Aug 2023 13:46:29 GMT
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=14400
x-amz-cf-id: Hg6t_doWpxkLKykv7gyRefQvEtNJSvYQNJOxtL3e11beomrqMRK8zQ==
expires: Tue, 06 Aug 2024 13:46:29 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/3613/ 40 KB
12 KB 149ms
47ms Script
application/json 18.160.46.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/3613/cc.js?ns=_cc3613
Requested by: Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-100.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41d3e2161cdd8172074b7c0c706576210159b4c00c317c9bc749545c6cc9a76a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 11:25:18 GMT
content-encoding: gzip
via: 1.1 9ac471895811a7ff78c729bcc099e068.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 20:26:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 13667
etag: W/"655cb254af6e46c06d576861b972ca45"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=86400
x-amz-cf-id: xCnFkzwu53N44VccIr6T18V1-Cs-Wyc5D4xIMzqeVfHn19Uy3PIlHg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
41 KB 77ms
55ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMP4WSG

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

734e17ced780e28ba495b3722fbe2fabff01c9135d47f59fec9538342b13e3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 41690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 140ms
57ms Stylesheet
text/css 142.250.81.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.234 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f10.1e100.net

Software

ESF /

Resource Hash

ef59349e0e0bc8f1fafbf9e6f3f945b2fc645ec541289484ab9994ab58938125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 14:46:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
774 B 149ms
66ms Stylesheet
text/css 142.250.81.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.234 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f10.1e100.net

Software

ESF /

Resource Hash

67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 15:10:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
802 B 160ms
78ms Stylesheet
text/css 142.250.81.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.234 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f10.1e100.net

Software

ESF /

Resource Hash

8b999f212af18f1107e796fecd776ecf59476198a4c625acf88df6228f9dac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 13:30:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
818 B 161ms
79ms Stylesheet
text/css 142.250.81.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,300

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.234 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f10.1e100.net

Software

ESF /

Resource Hash

124f165a1243b48bd2ac21cebd8852c818c5deb7692fbfb5c80f5d5b72625da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 07 Aug 2023 15:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 14:21:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Aug 2023 15:13:05 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/20631572/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

56ms
50ms

Script
application/javascript

18.154.227.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Protocol: H2
Server: 18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-100.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 06:48:39 GMT
content-encoding: gzip
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 09:10:12 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5
age: 30267
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: FxVdgyx9tV2zSOs7mpgi6rWbv0MZHH4UlrFJhQQ73EmzQifRNk-6jw==

Redirect headers

date: Mon, 07 Aug 2023 15:13:06 GMT
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: hcbot6lVD0jKA1D8_5Jf68iVueGrbgf4OMuEpY9d3z8_XU9arC-NBQ==

GET
H2 200 cgrg4uplxs Show response
www.clarity.ms/tag/ 695 B
1 KB 235ms
85ms Script
application/x-javascript 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/cgrg4uplxs
Requested by: Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a98fb101826acb526a028d9c7489c331b2e9dd2460751d5b5152f1099d9bfc4f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
date: Mon, 07 Aug 2023 15:13:06 GMT
x-azure-ref: 0AgrRZAAAAABsuqhQlZTRTYabOW5sshhSQ0gxQUEyMDIwNjAxMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 695
expires: -1

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 119ms
35ms Script
text/javascript 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Aug 2023 14:57:05 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 961
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 07 Aug 2023 16:57:05 GMT

GET
H3 200 logo.svg
minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/images/ 10 KB
3 KB 59ms
58ms Image
image/svg+xml 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/images/logo.svg

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e8fbf9d45a995ace6943891ffff72685bc25b0511fddf3b32e4c1852bfffff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 07 Aug 2023 15:13:06 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 13:40:08 GMT
server: cloudflare
etag: W/"0ec74687c98d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7f30762c586b54a9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 07 Aug 2023 19:13:06 GMT

GET
H3 200 generic-header-background.jpg
minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/images/ 40 KB
40 KB 62ms
61ms Image
image/jpeg 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/images/generic-header-background.jpg

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d24464a745ed176557384c3ba1c39e25c78ccdeca9f290ecc0b8fb3ec93243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
cf-polished: origSize=44593
alt-svc: h3=":443"; ma=86400
content-length: 40496
x-ua-compatible: IE=edge,chrome=1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 06 Jun 2023 13:40:08 GMT
server: cloudflare
etag: "0ec74687c98d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f30762c586d54a9-YYZ
expires: Mon, 07 Aug 2023 19:13:06 GMT

GET
H3 200 generic-header-logo.png
minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/images/ 4 KB
5 KB 106ms
105ms Image
image/png 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/images/generic-header-logo.png

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411fc56fe0c64df6d18d206f839b6be64a7094c2faac0a766c10e2369932c317

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
cf-polished: origSize=6551
alt-svc: h3=":443"; ma=86400
content-length: 4555
x-ua-compatible: IE=edge,chrome=1
cf-bgj: imgq:100,h2pri
last-modified: Tue, 06 Jun 2023 13:40:08 GMT
server: cloudflare
etag: "0ec74687c98d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7f30762c586e54a9-YYZ
expires: Mon, 07 Aug 2023 19:13:06 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 114ms
34ms Font
font/woff2 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.195 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

sffe /

Resource Hash

5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraft.curseforge.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 16:28:49 GMT
x-content-type-options: nosniff
age: 168257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 16:28:49 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v30/ 14 KB
14 KB 140ms
60ms Font
font/woff2 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.195 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

sffe /

Resource Hash

8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraft.curseforge.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 00:03:55 GMT
x-content-type-options: nosniff
age: 313751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14100
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 00:03:55 GMT

GET
H3 200 CurseForgeUI.woff
minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Elerium/fonts/CurseForgeUI/ 6 KB
4 KB 105ms
104ms Font
font/x-woff 104.19.147.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Elerium/fonts/CurseForgeUI/CurseForgeUI.woff?eo69io

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.147.132 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be64f3da3845ab9a1babccf0d01a3befa9036d39998ff6450db40eeffde41732

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://minecraft.curseforge.com/Content/2-0-8619-25683/Skins/Minecraft/css/compiled.css
Origin: https://minecraft.curseforge.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ua-compatible: IE=edge,chrome=1
date: Mon, 07 Aug 2023 15:13:06 GMT
strict-transport-security: max-age=15768000
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 13:40:08 GMT
server: cloudflare
etag: W/"0ec74687c98d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/x-woff
cache-control: public, max-age=14400
cf-ray: 7f30762c587354a9-YYZ
alt-svc: h3=":443"; ma=86400
expires: Mon, 07 Aug 2023 19:13:06 GMT

GET
H2 200 o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
fonts.gstatic.com/s/notosans/v30/ 13 KB
13 KB 107ms
51ms Font
font/woff2 142.250.176.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v30/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.195 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f3.1e100.net

Software

sffe /

Resource Hash

aecb63436ff8e28ed766a7eb40e804e09893d2264fb5b5ca86fd660c21bab67f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://minecraft.curseforge.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 00:19:28 GMT
x-content-type-options: nosniff
age: 312818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13040
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:02:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 00:19:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
38ms Script
text/javascript 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: elerium-static.curseforge.com
URL: https://elerium-static.curseforge.com/js/Elerium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Aug 2023 14:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1931
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 07 Aug 2023 16:40:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ 434 KB
175 KB 121ms
37ms Script
text/javascript 142.251.40.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.227 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f3.1e100.net

Software

sffe /

Resource Hash

e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.curseforge.com/
Origin: https://minecraft.curseforge.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 17:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178086
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Aug 2024 17:15:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
87 KB 68ms
64ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N8BTN266HQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMP4WSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f73d0fc9a652700368fec755ee63e51fcbe0220a6a249a25440ab21b1df601dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 15:13:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
70 KB 60ms
55ms Script
application/javascript 142.250.176.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-807668235&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PMP4WSG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.200 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

62e59e3049d388e9e9324de69d6ad1d1394460a6cfe94e880fb2533602f52c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72006
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 07 Aug 2023 15:13:06 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1888433188&utmhn=minecraft.curseforge.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&u...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-389142-3&cid=1973964973.1691421186&jid=375498295&_v=5.7.2&z=1888433188

35 B
337 B

157ms
49ms

Image
image/gif

142.251.16.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-389142-3&cid=1973964973.1691421186&jid=375498295&_v=5.7.2&z=1888433188

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Server

142.251.16.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 07 Aug 2023 15:13:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-389142-3&cid=1973964973.1691421186&jid=375498295&_v=5.7.2&z=1888433188
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
110 B 71ms
70ms Image
image/gif 142.250.65.200
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=1486088305&utmhn=minecraft.curseforge.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Link%20Warning%20-%20Minecraft%20CurseForge&utmhid=1953844356&utmr=-&utmp=%2Flinkout%3FremoteUrl%3Dhttps%2525253a%2525252f%2525252fwminecraft.net%2525252fdownload-kuda-shaders-mod%2525252f&utmht=1691421186121&utmac=UA-389142-8&utmcc=__utma%3D94490894.1973964973.1691421186.1691421186.1691421186.1%3B%2B__utmz%3D94490894.1691421186.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=286331120&utmredir=1&utmmt=1&utmu=qBAgACAAAAAAAAAAAAAAAAAE~

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f8.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1691421186189&ns_c=UTF-8&c7=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%2525...
https://sb.scorecardresearch.com/b2?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1691421186189&ns_c=UTF-8&c7=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%252...

0
225 B

40ms
40ms

Image
text/plain

18.154.227.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1691421186189&ns_c=UTF-8&c7=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&c8=Link%20Warning%20-%20Minecraft%20CurseForge&c9=
Requested by: Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f
Protocol: H2
Server: 18.154.227.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-100.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: Tk53K9jtghnF5OtS0lfcTtbiEuVEgGIfgNyz6rrOKRInGb3WdvvApg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 07 Aug 2023 15:13:06 GMT
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=20631572&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1691421186189&ns_c=UTF-8&c7=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&c8=Link%20Warning%20-%20Minecraft%20CurseForge&c9=
content-length: 0
x-amz-cf-id: fAhr5f0jlDlyHpouBza4umXHmpY587WCOUqZHIJJIa7mBvDf7_T7DQ==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
20 KB 44ms
43ms Script
application/javascript 13.107.226.40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/cgrg4uplxs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.226.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 15:13:06 GMT
content-encoding: br
last-modified: Thu, 03 Aug 2023 18:09:07 GMT
x-azure-ref-originshield: 0vZvQZAAAAACd/i5FDCO7Tp7uxfjamH86RE0yQUExMDkxMjA3MDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DB944CBA967FA5"
x-azure-ref: 0AgrRZAAAAAA6JIgm1gIFSbdlvTd2tatXQ0gxQUEyMDIwNjAxMDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9d6fca58-a01e-0070-3dff-c8972c000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 56ms
55ms Ping
text/plain 142.250.65.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-N8BTN266HQ&gtm=45je3820&_p=1953844356&cid=608509438.1691421186&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691421186&sct=1&seg=0&dl=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&dt=Link%20Warning%20-%20Minecraft%20CurseForge&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N8BTN266HQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.65.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraft.curseforge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/807668235/ 3 KB
2 KB 143ms
65ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/807668235/?random=1691421186286&cv=11&fst=1691421186286&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&hn=www.googleadservices.com&frm=0&tiba=Link%20Warning%20-%20Minecraft%20CurseForge&auid=842339636.1691421186&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-807668235&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

0e515e66163c0d23cc0297221a024715c29ad42b8ea4fe2055382d9c3d8c380b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1384
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/807668235/ 42 B
327 B 60ms
58ms Image
image/gif 142.250.80.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/807668235/?random=1691421186286&cv=11&fst=1691420400000&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&frm=0&tiba=Link%20Warning%20-%20Minecraft%20CurseForge&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3529022934&rmt_tld=0&ipr=y

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.68 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/807668235/ 42 B
455 B 177ms
55ms Image
image/gif 142.251.32.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/807668235/?random=1691421186286&cv=11&fst=1691420400000&bg=ffffff&guid=ON&async=1&gtm=45be3820&u_w=1600&u_h=1200&url=https%3A%2F%2Fminecraft.curseforge.com%2Flinkout%3FremoteUrl%3Dhttps%25253a%25252f%25252fwminecraft.net%25252fdownload-kuda-shaders-mod%25252f&frm=0&tiba=Link%20Warning%20-%20Minecraft%20CurseForge&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3529022934&rmt_tld=1&ipr=y

Requested by

Host: minecraft.curseforge.com
URL: https://minecraft.curseforge.com/linkout?remoteUrl=https%253a%252f%252fwminecraft.net%252fdownload-kuda-shaders-mod%252f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.99 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
304 B 163ms
47ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://minecraft.curseforge.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://minecraft.curseforge.com
Date: Mon, 07 Aug 2023 15:13:06 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/ Frame 817B
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3613/rand=362987271/pv=y/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr

3 KB
4 KB

67ms
66ms

Document
text/html

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/3613/cc.js?ns=_cc3613
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5b50a87c5ea0beda291ab774ee06bccabf00e45f598c394c1ee13d2b5ab0ba6c

Request headers

Referer: https://minecraft.curseforge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 3508
content-type: text/html;charset=utf-8
date: Mon, 07 Aug 2023 15:13:06 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.15.125

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 07 Aug 2023 15:13:06 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.41.0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE408157C0E04196B642618253E50DA7&RedC=c.clarity.ms&MXFR=3962A75F09326F9C1A3AB4390D326171
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE408157C0E04196B642618253E50DA7&MUID=0FB0975E0AB16C2722C984380B1B6DEA

42 B
442 B

41ms
39ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE408157C0E04196B642618253E50DA7&MUID=0FB0975E0AB16C2722C984380B1B6DEA
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://minecraft.curseforge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
server: Microsoft-IIS/10.0
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E36088AF0C1E47D2933C0385B3F72621 Ref B: YTO01EDGE0512 Ref C: 2023-08-07T15:13:06Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE408157C0E04196B642618253E50DA7&MUID=0FB0975E0AB16C2722C984380B1B6DEA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 817B
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=fc98e8628f84d1b54df6b82aa66887a2
https://idsync.rlcdn.com/420246.gif?partner_uid=c:8c4e63defe2e0dc3adfb9e526ff30621
https://idsync.rlcdn.com/1000.gif?memo=CJbTGRIuCioIARD1lgkaImM6OGM0ZTYzZGVmZTJlMGRjM2FkZmI5ZTUyNmZmMzA2MjEQABoNCIOUxKYGEgUI6AcQAEIASgA
https://aorta.clickagy.com/pixel.gif?ch=114&cm=bec4048b813643810b0c6bfde721f73a9c8439244b754b3d73f5e657dca2be3525abae5358c0e7bc
https://aa.agkn.com/adscores/g.pixel?sid=9212289188&_puid=c:8c4e63defe2e0dc3adfb9e526ff30621&_redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D
https://d.agkn.com/pixel/10751/?che=1691421187343&ip=153.92.40.72&l1=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D128%26cm%3D214830604601010035574
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=128&cm=214830604601010035574
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:8c4e63defe2e0dc3adfb9e526ff30621&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:8c4e63defe2e0dc3adfb9e526ff30621&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_U...
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=124&cm=75122705077130554331226828212540528821
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.n...
https://aorta.clickagy.com/pixel.gif?ch=4&cm=e2c86e6f-f59e-4c08-9978-560365dcfef3&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:8c4e63defe2e0dc3adfb9e526ff30621

43 B
61 B

33ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:8c4e63defe2e0dc3adfb9e526ff30621
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 07 Aug 2023 15:13:07 GMT
server: Aorta/20230710.8b4beed47
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
location: https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:8c4e63defe2e0dc3adfb9e526ff30621
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 2a8932ea5194
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 817B 0
543 B 235ms
56ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:fc98e8628f84d1b54df6b82aa66887a2
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 15:13:06 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2

200

gdpr=0&_test=ZNEKAgAAAtAgGwA4
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZNEKAgAAAtAgGwA4/ Frame 817B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZNEKAgAAAtAgGwA4
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZNEKAgAAAtAgGwA4/gdpr=0&_test=ZNEKAgAAAtAgGwA4

49 B
265 B

46ms
43ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZNEKAgAAAtAgGwA4/gdpr=0&_test=ZNEKAgAAAtAgGwA4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.34.202
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-yyz4532-YYZ
pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1691421187.017721,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZNEKAgAAAtAgGwA4/gdpr=0&_test=ZNEKAgAAAtAgGwA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 817B 170 B
409 B 133ms
50ms Image
image/png 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ZmM5OGU4NjI4Zjg0ZDFiNTRkZjZiODJhYTY2ODg3YTI&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b/gdpr=0/ Frame 817B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b/gdpr=0/gdpr_consent=

49 B
265 B

48ms
47ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.47.190
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b/gdpr=0/gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 249

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 817B 170 B
232 B 133ms
51ms Image
image/png 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZmM5OGU4NjI4Zjg0ZDFiNTRkZjZiODJhYTY2ODg3YTI&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=0788efd5-8ce2-43da-a607-03433ea34082-64d10a02-4341/ Frame 817B
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=0788efd5-8ce2-43da-a607-03433ea34082-64d10a02-4341/gdpr=0

49 B
265 B

46ms
45ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=0788efd5-8ce2-43da-a607-03433ea34082-64d10a02-4341/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.38.234
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=0788efd5-8ce2-43da-a607-03433ea34082-64d10a02-4341/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

m
cm.mgid.com/ Frame 817B
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=fc98e8628f84d1b54df6b82aa66887a2
https://cm.mgid.com/m?c=fc98e8628f84d1b54df6b82aa66887a2&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
237 B

71ms
66ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=fc98e8628f84d1b54df6b82aa66887a2&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7f30763309cc36d0-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=fc98e8628f84d1b54df6b82aa66887a2&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7f307632895a36d0-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2 200 utsync.ashx
ml314.com/ Frame 817B 43 B
404 B 123ms
50ms Image
image/gif 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: 0,Tue, 08 Aug 2023 11:13:06 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 817B 0
674 B 165ms
39ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 87d839cc3e00ba41df3f5dd9eab06282
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7562481707299865499/ Frame 817B
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/fc98e8628f84d1b54df6b82aa66887a2/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7562481707299865499/gdpr=0

49 B
263 B

43ms
42ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7562481707299865499/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.7.19
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7562481707299865499/gdpr=0
pragma: no-cache
date: Mon, 07 Aug 2023 15:13:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 817B
Redirect Chain

https://ps.eyeota.net/match?bid=51mdg9u&uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0

70 B
440 B

46ms
45ms

Image
image/gif

34.197.192.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: HTTP/1.1
Server: 34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-192-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 07 Aug 2023 15:13:07 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=51mdg9u&uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0
Date: Mon, 07 Aug 2023 15:13:07 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

rand=857037910
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4827361252686534792/gdpr=0/ Frame 817B
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=857037910
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D857037910
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4827361252686534792/gdpr=0/rand=857037910

49 B
263 B

43ms
42ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4827361252686534792/gdpr=0/rand=857037910
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.4
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
an-x-request-uuid: 05869500-9c68-4665-9b4e-5193877d1c32
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4827361252686534792/gdpr=0/rand=857037910
x-proxy-origin: 153.92.40.72; 153.92.40.72; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 817B
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=fc98e8628f84d1b54df6b82aa66887a2
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=fc98e8628f84d1b54df6b82aa66887a2

120 B
983 B

377ms
83ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=fc98e8628f84d1b54df6b82aa66887a2
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: HTTP/1.1
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Aug 2023 15:13:06 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS13
Content-Length: 120
Expires: -1

Redirect headers

Date: Mon, 07 Aug 2023 15:13:07 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=fc98e8628f84d1b54df6b82aa66887a2
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: NY14
Content-Length: 217

GET
H2

204

/
partner.mediawallahscript.com/ Frame 817B
Redirect Chain

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=fc98e8628f84d1b54df6b82aa66887a2&custom=&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=fc98e8628f84d1b54df6b82aa66887a2&custom=&tag_format=img&tag_action=sync&final=true&reqid=e9cd2010-3534-11ee-b225-8faea3ea2...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4827361252686534792&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=e9d55d70-3534-11ee-b7da-dba5b7e2b9c2?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=fc98e8628f84d1b54df6b82aa66887a2&tag_format=img&tag_action=sync&cb=861003849
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=8c9f6d86-7e84-459d-9739-9ed72c1eb57b&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=e9d55d70-3534-11ee-b7da-dba5b7e2b9c2&cb=1691421187586&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=ea8c687c-c26a-4335-8b05-6b056b5d8bbf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1691421187586

0
411 B

50ms
50ms

Image
text/plain

52.204.157.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=ea8c687c-c26a-4335-8b05-6b056b5d8bbf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1691421187586
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 52.204.157.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-157-89.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Mon, 07 Aug 2023 15:13:07 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx/1.22.0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=ea8c687c-c26a-4335-8b05-6b056b5d8bbf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1691421187586
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 0
expires: Mon, 07 Aug 2023 15:13:06 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 817B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-eda441ca-6c9f-537b-43ea-0737b04bc7e1$ip$153.92.40.72&gdpr=0&gdpr_consent=

49 B
263 B

44ms
44ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-eda441ca-6c9f-537b-43ea-0737b04bc7e1$ip$153.92.40.72&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.37.2
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-eda441ca-6c9f-537b-43ea-0737b04bc7e1$ip$153.92.40.72&gdpr=0&gdpr_consent=
Date: Mon, 07 Aug 2023 15:13:07 GMT
Connection: keep-alive
Content-Length: 166
Content-Type: text/html; charset=utf-8

GET
H2

200

tpid=6b134eae98a33ea667bdc736e54d9378
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 817B
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6b134eae98a33ea667bdc736e54d9378

49 B
265 B

43ms
42ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6b134eae98a33ea667bdc736e54d9378
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.13.124
content-length: 49
expires: 0

Redirect headers

date: Mon, 07 Aug 2023 15:13:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s2b-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6b134eae98a33ea667bdc736e54d9378
access-control-allow-origin: *
cache-control: no-store
cf-ray: 7f307633ca2239f2-YYZ
expires: 0

GET
H2

200

tpid=714c2352-321b-41bc-b924-f47be3a0cef7
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 817B
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=714c2352-321b-41bc-b924-f47be3a0cef7%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8c9f6d86-7e84-459d-9739-9ed72c1eb57b&ttd_puid=714c2352-321b-41bc-b924-f47be3a0cef7%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=714c2352-321b-41bc-b924-f47be3a0cef7

49 B
265 B

43ms
42ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=714c2352-321b-41bc-b924-f47be3a0cef7
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.43.135
content-length: 49
expires: 0

Redirect headers

date: Mon, 07 Aug 2023 15:13:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=714c2352-321b-41bc-b924-f47be3a0cef7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

41715
i6.liadm.com/s/ Frame 817B
Redirect Chain

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2
https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2&_li_chk=true&previous_uuid=4e02003e5e39404a99d688c500cd90d9
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2

43 B
274 B

174ms
40ms

Image
image/gif

34.237.227.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr

Protocol

HTTP/1.1

Server

34.237.227.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-237-227-78.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 15:13:07 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=fc98e8628f84d1b54df6b82aa66887a2
Date: Mon, 07 Aug 2023 15:13:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 817B 0
338 B 121ms
39ms Image
text/plain 107.22.84.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=fc98e8628f84d1b54df6b82aa66887a2
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.84.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-84-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: beacon-n011-ash-prod.krxd.net
date: Mon, 07 Aug 2023 15:13:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1691421187
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 817B
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kheHd99E2py6kiTIvX7bAoJ5NG4n0U5iSjY-~A&gdpr=0

49 B
264 B

45ms
45ms

Image
image/gif

54.160.214.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kheHd99E2py6kiTIvX7bAoJ5NG4n0U5iSjY-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Server: 54.160.214.90 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-214-90.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Aug 2023 15:13:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.46.18
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-kheHd99E2py6kiTIvX7bAoJ5NG4n0U5iSjY-~A&gdpr=0
date: Mon, 07 Aug 2023 15:13:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 817B 42 B
549 B 197ms
47ms Image
image/gif 3.143.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=fc98e8628f84d1b54df6b82aa66887a2&gdpr=0

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.143.121.78 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-143-121-78.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 15:13:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHsACWTRCgMAAAAIA9GvAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 5907
tags.bluekai.com/site/ Frame 817B 62 B
454 B 227ms
115ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=b7b61a45cb544877279cd0443447c391
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=3613/rand=362987271/pv=y/rt=ifr
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 07 Aug 2023 15:13:07 GMT
content-length: 62
content-type: image/gif

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
304 B 45ms
45ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://minecraft.curseforge.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://minecraft.curseforge.com
Date: Mon, 07 Aug 2023 15:13:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
304 B 48ms
47ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://minecraft.curseforge.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://minecraft.curseforge.com
Date: Mon, 07 Aug 2023 15:13:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 14:33:33	Name: _li_ss Value: CgsKCQj_____BxDmFQ
minecraft.curseforge.com/	1970-01-20 14:00:25	Name: AWSALB Value: r8VUv+sQgQz2DGux7LXWBffUesedljP+SA2VzMMrWrPt9NOGVNaVj9tNLwqtJaI/aV3EnqKyW7KdFxCpbyu8/0sAnmNTrDGHPcDEvPuy5Ac+20xQwaZiFM7lg873
minecraft.curseforge.com/	1970-01-20 14:00:25	Name: AWSALBCORS Value: r8VUv+sQgQz2DGux7LXWBffUesedljP+SA2VzMMrWrPt9NOGVNaVj9tNLwqtJaI/aV3EnqKyW7KdFxCpbyu8/0sAnmNTrDGHPcDEvPuy5Ac+20xQwaZiFM7lg873
.curseforge.com/	1970-01-20 23:26:21	Name: Unique_ID_v2 Value: 19a581140f9142a08d05e7af8e47559a
.curseforge.com/	1970-01-20 13:50:22	Name: __cf_bm Value: .NCVvW1pLwP7e4o84STNv7FcNP5I_Ik0haA4.duHvkg-1691421185-0-AXIu6ThWGJ37cah2x9VnR2JHihRrcUt1P7bW8BrtzO7jLvggwxUOX+6T3/kTKc21TqEWXSPxRb6lElRNbM1yQ+O3fV6DM8yxPEpIGo+0Xasb
minecraft.curseforge.com/	1970-01-20 22:28:45	Name: ResponsiveSwitch.DesktopMode Value: 1
.curseforge.com/	1970-01-20 23:26:21	Name: __utma Value: 94490894.1973964973.1691421186.1691421186.1691421186.1
.curseforge.com/	1969-12-31 23:59:59	Name: __utmc Value: 94490894
.curseforge.com/	1970-01-20 18:13:09	Name: __utmz Value: 94490894.1691421186.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.curseforge.com/	1970-01-20 13:50:21	Name: __utmt Value: 1
.curseforge.com/	1970-01-20 13:50:21	Name: __utmt_b Value: 1
.curseforge.com/	1970-01-20 13:50:22	Name: __utmb Value: 94490894.2.10.1691421186
www.clarity.ms/	1970-01-20 22:35:57	Name: CLID Value: ded4cc0dd9f649158bb6093d928c6efd.20230807.20240806
.scorecardresearch.com/	1970-01-20 23:26:21	Name: UID Value: 130fa5f5f079d961dc2b7a41691421186
.curseforge.com/	1970-01-20 23:26:21	Name: _ga_N8BTN266HQ Value: GS1.1.1691421186.1.0.1691421186.0.0.0
.curseforge.com/	1970-01-20 15:59:57	Name: _gcl_au Value: 1.1.842339636.1691421186
.curseforge.com/	1970-01-20 23:26:21	Name: _ga Value: GA1.2.608509438.1691421186
.curseforge.com/	1970-01-20 13:51:47	Name: _gid Value: GA1.2.226472156.1691421186
.curseforge.com/	1970-01-20 22:35:57	Name: _clck Value: 1x1snmr\|2\|fdy\|0\|1314
.doubleclick.net/	1970-01-20 13:50:22	Name: test_cookie Value: CheckForPermission
.curseforge.com/	1970-01-20 13:51:47	Name: _clsk Value: zpn3xi\|1691421186647\|1\|1\|u.clarity.ms/collect
.crwdcntrl.net/	1970-01-20 20:19:08	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:19:08	Name: _cc_id Value: fc98e8628f84d1b54df6b82aa66887a2
.crwdcntrl.net/	1970-01-20 20:19:09	Name: _cc_cc Value: "ACZ4XmNQSEu2tEi1MDOySLMwSTFMMjVJSTNLsjBKTDQzs7AwTzRiAIKUi1xMIBoCeHate8rNOFeG4T8jI8OTFx91Yexni%2BewwNjL%2FxTCmOeOHmKGsX9snAJXsnvfZQGY%2BIeG%2B3D2YSRjps2eaQhTM%2FmEOoz5bgnCJgD0djmX"
.crwdcntrl.net/	1970-01-20 20:19:09	Name: _cc_aud Value: "ABR4XmNgYGBIucjFBKQgAMjimgFmTs4CEgAt9gLj"
.bing.com/	1970-01-20 23:11:57	Name: MUID Value: 0FB0975E0AB16C2722C984380B1B6DEA
.c.bing.com/	1970-01-20 14:00:25	Name: MR Value: 0
.c.bing.com/	1970-01-20 23:11:57	Name: SRM_B Value: 0FB0975E0AB16C2722C984380B1B6DEA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 23:11:57	Name: MUID Value: 0FB0975E0AB16C2722C984380B1B6DEA
.c.clarity.ms/	1970-01-20 14:00:25	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 13:50:21	Name: ANONCHK Value: 0
.everesttech.net/	1970-01-20 22:35:57	Name: everest_g_v2 Value: g_surferid~ZNEKAgAAAtAgGwA4
.ml314.com/	1970-01-20 22:37:23	Name: pi Value: 3637637257865723992
.sitescout.com/	1970-01-20 22:35:57	Name: ssi Value: 0788efd5-8ce2-43da-a607-03433ea34082#1691421186998
.mgid.com/	1970-01-20 22:35:57	Name: muidn Value: n776BKecp3d8
.mgid.com/	1970-01-20 13:50:22	Name: __cf_bm Value: STgybW.Ozm3uCOS.lMWQ.5Q7H04PROTadAxHZmkXBco-1691421187-0-Aezt6IV00w2SOFWdp/5oJCtIbl0MZOUzT5Sq9cdQGrYZEPbJmW+Stclhr7ZRGJwq4dZ1ZtOGBSEanwmXqOyOa9s=
.sitescout.com/	1970-01-20 14:33:33	Name: _ssuma Value: eyI3IjoxNjkxNDIxMTg3MDM5fQ
.rubiconproject.com/	1970-01-20 22:35:57	Name: khaos Value: LL10I4MD-1X-3G84
.rubiconproject.com/	1970-01-20 22:35:57	Name: audit Value: 1\|ZXDy7SKJr2oMRqfT/aaHLLwdYjZZP1fnUO8n606K1W3RN4kmwKKxP/Onq1lbnXRxtt7lWp4jdidBK03vAHceENBQIIuieds9cq7RROHQC2szy+mj7HCTam3VhUm4Ul6zd/0i0KvcfMUiaVvgAYHO4c2O8qCVR0N4qoxmw57vRqc=
.adsrvr.org/	1970-01-20 22:37:23	Name: TDID Value: 8c9f6d86-7e84-459d-9739-9ed72c1eb57b
cm.mgid.com/	1970-01-20 14:33:33	Name: mg_sync Value: {}
.c.cintnetworks.com/	1970-01-20 13:50:24	Name: TiPMix Value: 77.36620547623627
.c.cintnetworks.com/	1970-01-20 13:50:24	Name: x-ms-routing-name Value: self
.rlcdn.com/	1970-01-20 22:35:57	Name: rlas3 Value: 1AKJfmeqN/8/GtPtxj6Y7K6qjdFfYVMctVIWXQ/09JQ=
.adnxs.com/	1970-01-20 15:59:57	Name: uuid2 Value: 4827361252686534792
.rlcdn.com/	1970-01-20 15:16:45	Name: pxrc Value: CIOUxKYGEgUI6AcQABIGCP/qARAA
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0vcaujncmydknhqearsh3njm
.truoptik.com/	1970-01-20 22:35:57	Name: to_master_s Value: 6b134eae98a33ea667bdc736e54d9378
.truoptik.com/	1970-01-20 22:35:57	Name: to_version_s Value: b2
.eyeota.net/	1970-01-20 22:37:23	Name: mako_uid Value: 189d08f1c83-67fc0000010a4ae7
.eyeota.net/	1970-01-20 13:50:21	Name: SERVERID Value: 19175~DM
.tapad.com/	1970-01-20 15:16:45	Name: TapAd_TS Value: 1691421187237
.tapad.com/	1970-01-20 15:16:45	Name: TapAd_DID Value: 714c2352-321b-41bc-b924-f47be3a0cef7
.turn.com/	1970-01-20 18:09:33	Name: uid Value: 7562481707299865499
sync.srv.stackadapt.com/	1970-01-20 22:35:57	Name: sa-user-id Value: s%3A0-eda441ca-6c9f-537b-43ea-0737b04bc7e1.c5xp6KdKqrKrdmpmeHe0TitcHm5W5WJkQn1d4h94U0E
.srv.stackadapt.com/	1970-01-20 22:35:57	Name: sa-user-id Value: s%3A0-eda441ca-6c9f-537b-43ea-0737b04bc7e1.c5xp6KdKqrKrdmpmeHe0TitcHm5W5WJkQn1d4h94U0E
sync.srv.stackadapt.com/	1970-01-20 22:35:57	Name: sa-user-id-v2 Value: s%3A7aRBymyfU3tD6gc3sEvH4ZlcKEg.LhqvRaioIpgiTnfGHlUp%2BRhnP77BbM9h2KPXLq8YcRI
.srv.stackadapt.com/	1970-01-20 22:35:57	Name: sa-user-id-v2 Value: s%3A7aRBymyfU3tD6gc3sEvH4ZlcKEg.LhqvRaioIpgiTnfGHlUp%2BRhnP77BbM9h2KPXLq8YcRI
sync.srv.stackadapt.com/	1970-01-20 22:35:57	Name: sa-user-id-v3 Value: s%3AAQAKIJ4CH9fhoyxE2VMZAL4a-gPpMlLEHFJjf9lstVXtgCYXEHwYBCCDlMSmBjABOgShleyOQgSKW7GZ.4N52S5YK%2BGlkXtwiYFLt6jaGLJNfK%2FoDPgpyrdE8YUk
.srv.stackadapt.com/	1970-01-20 22:35:57	Name: sa-user-id-v3 Value: s%3AAQAKIJ4CH9fhoyxE2VMZAL4a-gPpMlLEHFJjf9lstVXtgCYXEHwYBCCDlMSmBjABOgShleyOQgSKW7GZ.4N52S5YK%2BGlkXtwiYFLt6jaGLJNfK%2FoDPgpyrdE8YUk
.mediawallahscript.com/	1970-01-20 23:26:21	Name: mCookie Value: e9d55d70-3534-11ee-b7da-dba5b7e2b9c2
.mediawallahscript.com/	1970-01-20 23:26:21	Name: mUserCookie Value: %7B%7D
.agkn.com/	1970-01-20 22:35:57	Name: ab Value: 0001%3AEmf5vVOfkL2m7F7rFL3i%2BM0woPvSDJZd
.krxd.net/	1970-01-20 18:09:33	Name: _kuid_ Value: PuJnbZGa
.liadm.com/	1970-01-20 23:26:21	Name: lidid Value: 4e02003e-5e39-404a-99d6-88c500cd90d9
.yahoo.com/	1970-01-20 22:36:18	Name: A3 Value: d=AQABBAMK0WQCEOCWYXfJh6NHRf9RLQnal-kFEgEBAQFb0mTaZCXaxyMA_eMAAA&S=AQAAAuZ5sXR_J8Lgp5_NrpL-PvM
.tapad.com/	1970-01-20 15:16:45	Name: TapAd_3WAY_SYNCS Value: 1!5271
.sharethis.com/	1970-01-20 22:37:23	Name: __stid Value: ZHsACWTRCgMAAAAIA9GvAw==
.sharethis.com/	1970-01-20 22:37:23	Name: __stidv Value: 2
.agkn.com/	1970-01-20 22:35:57	Name: u Value: C\|0AAAAAAAALGPGgwAAAAAA
.bluekai.com/	1970-01-20 18:15:18	Name: bku Value: Whz9991v6VxuY9Qp
.bluekai.com/	1970-01-20 18:15:18	Name: bkpa Value: KJy9BQeJd02pSUHknpD81ezdqsk+SUx21YjojeNiBt/t1VW6BVBiBEx6mezl1Mz8RtxyBexpBexlRp181x19+LXmby==
.adsrvr.org/	1970-01-20 22:37:23	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiKqYPm2tiLPBAFGAEgASgCMgsIuNnElPHYizwQBTgBWgd2eHNydjNpYAI.
.analytics.yahoo.com/	1970-01-20 22:35:57	Name: IDSYNC Value: 19bk~2d7r
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ufa5svknqaynkuqm3julfyxg
.ib.mookie1.com/	1970-01-20 22:37:23	Name: ibkukiuno Value: s=45fa22f7-6dfb-4f61-a13e-ea8f8ce02d42&h=&v=0&l=-8585101856979518289&op=&hl=0&vlu=0&tcs=1&dcc=-8585101856979518289
.ib.mookie1.com/	1970-01-20 22:37:23	Name: ibkukinet Value: 2572953672=-8585101856979518289
.mediawallahscript.com/	1970-01-20 13:51:47	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_08_2023 Value: %7B%227bYSR%22%3A1%7D
.rqtrk.eu/	1970-01-20 14:00:25	Name: browser_id Value: 1:ea8c687c-c26a-4335-8b05-6b056b5d8bbf
.demdex.net/	1970-01-20 18:09:33	Name: demdex Value: 75122705077130554331226828212540528821
.dpm.demdex.net/	1970-01-20 18:09:33	Name: dpm Value: 75122705077130554331226828212540528821
.openx.net/	1970-01-20 22:35:57	Name: i Value: 2eea65d3-0e63-4fb1-b53b-05aae5c9c33f\|1691421187

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aorta.clickagy.com
apis.google.com
bcp.crwdcntrl.net
beacon.krxd.net
c.bing.com
c.cintnetworks.com
c.clarity.ms
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
configs.forgecdn.net
d.agkn.com
d.turn.com
dmp.truoptik.com
dpm.demdex.net
elerium-static.curseforge.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.mookie1.com
idsync.rlcdn.com
match.adsrvr.org
minecraft.curseforge.com
ml314.com
partner.mediawallahscript.com
pixel-sync.sitescout.com
pixel.tapad.com
ps.eyeota.net
sb.scorecardresearch.com
secure.adnxs.com
ssl.google-analytics.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.sharethis.com
sync.srv.stackadapt.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
u.clarity.ms
ups.analytics.yahoo.com
us-u.openx.net
ws.rqtrk.eu
www.clarity.ms
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.215.204
104.19.135.78
104.19.147.132
107.22.84.226
13.107.21.200
13.107.226.40
13.249.39.128
142.250.176.195
142.250.176.200
142.250.65.194
142.250.65.200
142.250.65.206
142.250.72.110
142.250.80.68
142.250.81.234
142.251.16.156
142.251.32.99
142.251.40.226
142.251.40.227
15.235.42.103
151.101.66.49
173.223.57.84
174.129.232.136
18.154.227.100
18.160.46.100
18.173.219.43
20.110.205.119
207.198.113.89
3.143.121.78
3.220.58.27
34.111.113.62
34.111.234.236
34.197.192.192
34.200.65.202
34.237.227.78
35.190.60.146
35.244.159.8
35.71.131.137
4.227.249.197
40.71.11.141
50.116.194.23
52.204.157.89
52.4.147.81
52.85.151.8
52.85.151.89
54.147.190.158
54.160.214.90
64.58.232.177
68.67.178.10
69.169.86.38
76.13.32.147
8.43.72.97
054ef57790c1506bcb5ecc4f16f897e0ff1cdfdef695d2d6e3e9d76c6897b377
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc35321c37b066a165b4a99dd82eb15756b90540a234fc67ef448a88bb2def0
0e515e66163c0d23cc0297221a024715c29ad42b8ea4fe2055382d9c3d8c380b
124f165a1243b48bd2ac21cebd8852c818c5deb7692fbfb5c80f5d5b72625da9
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
23f7261b13b5e1bddfc36cf444a673c9048d6fa50e0a1a59fd194824c5363b5d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
411fc56fe0c64df6d18d206f839b6be64a7094c2faac0a766c10e2369932c317
41d24464a745ed176557384c3ba1c39e25c78ccdeca9f290ecc0b8fb3ec93243
41d3e2161cdd8172074b7c0c706576210159b4c00c317c9bc749545c6cc9a76a
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5b50a87c5ea0beda291ab774ee06bccabf00e45f598c394c1ee13d2b5ab0ba6c
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
62e59e3049d388e9e9324de69d6ad1d1394460a6cfe94e880fb2533602f52c49
67eb879fb1645c73ccbaac598e815fd3901eb5114228021d686b8b5e470edbbd
734e17ced780e28ba495b3722fbe2fabff01c9135d47f59fec9538342b13e3a4
783dff648c360cefbe2c8bb9931bad4aba6ed13381424f1e3a0ade80c6556198
7dfde27c429ab934f07188477f53ebc4782f381eaba97e7320315d735ed4433e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8b999f212af18f1107e796fecd776ecf59476198a4c625acf88df6228f9dac1e
8c2a54278c4cb87438f4a1c73242d727fc3eea82dc59abb393dd3937b17ce1d7
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3ab50d58e480aff42d695dc6902841297208121cb5f2dca4fc08e7ebb54930b
a98fb101826acb526a028d9c7489c331b2e9dd2460751d5b5152f1099d9bfc4f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aecb63436ff8e28ed766a7eb40e804e09893d2264fb5b5ca86fd660c21bab67f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bdeac806a882905df5b64d3ef2592b09a740e272cd006e735c23e74aa7868adc
be64f3da3845ab9a1babccf0d01a3befa9036d39998ff6450db40eeffde41732
c7e8fbf9d45a995ace6943891ffff72685bc25b0511fddf3b32e4c1852bfffff
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8f5f70ebfea9f43decc3f25cf1d3da6120b975d1da5fb04c106c3ff3149bd4
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9097165d7f9ad30dced49b51c7bf2e8349506f7f2c8ad75d9587898ec419eaa
ee7fb772737aab516328e8ef0418ddb8db1bc6b6a354d570e1d63a30e7bcc9bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef59349e0e0bc8f1fafbf9e6f3f945b2fc645ec541289484ab9994ab58938125
f73d0fc9a652700368fec755ee63e51fcbe0220a6a249a25440ab21b1df601dc

minecraft.curseforge.com Open in urlscan Pro 104.19.147.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

72 %HTTPS

0 %IPv6

40 Domains

53 Subdomains

33 IPs

3 Countries

1234 kBTransfer

4476 kBSize

83 Cookies

41 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

minecraft.curseforge.com Open in urlscan Pro
104.19.147.132 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

72 %
HTTPS

0 %
IPv6

40
Domains

53
Subdomains

33
IPs

3
Countries

1234 kB
Transfer

4476 kB
Size

83
Cookies

67 HTTP transactions
0 data transactions