primitivesurvivors.org Open in urlscan Pro
2606:4700:20::6818:e6b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://str.aminge.pw/determinate/bdwJ605mgmdAHngs6IssvulhJtOCGotyM3L1dn-GWGzXCqNGqRwbFyJXXUgHAQ_06a1j2SCMyGV1Dv9Y_49r...
Effective URL:
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Submission: On July 28 via api (July 28th 2019, 12:39:11 pm UTC) from BE

Summary HTTP 68 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 32 domains to perform 68 HTTP transactions. The main IP is 2606:4700:20::6818:e6b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is primitivesurvivors.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 6th 2019. Valid for: 6 months.

This is the only time primitivesurvivors.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.10.166.27 45.10.166.27	202723 (VAD-SRL-AS1) (VAD-SRL-AS1)
1 1	103.83.36.136 103.83.36.136	136171 (MEDHAHOST...) (MEDHAHOSTING-AS-AP Medha Hosting)
1 1	35.160.249.154 35.160.249.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.213.108.231 34.213.108.231	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
22	2606:4700:20:... 2606:4700:20::6818:e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:30:... 2606:4700:30::681c:155	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a03:2880:f01... 2a03:2880:f01c:80a1:face:b00c:0:d0c	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.17.220.81 52.17.220.81	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 5	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
14 16	54.228.194.155 54.228.194.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.157.249.39 35.157.249.39	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.29.223.223 52.29.223.223	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	52.28.51.203 52.28.51.203	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.57.146.56 52.57.146.56	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.80 185.33.223.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	34.95.92.78 34.95.92.78	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
68	26

1 45.10.166.27 (None, ) 1 redirects

ASN202723 (VAD-SRL-AS1, MD)
PTR: 45-10-166-27.tripperly.nl

str.aminge.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.83.36.136 (Asheville, United States) 1 redirects

ASN136171 (MEDHAHOSTING-AS-AP Medha Hosting, IN)
PTR: 3fak.btuk.stream

www.yilopeet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.160.249.154 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-160-249-154.us-west-2.compute.amazonaws.com

blu145.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.108.231 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-213-108-231.us-west-2.compute.amazonaws.com

outpostnine5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::6818:e6b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

primitivesurvivors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:155 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

globenation.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:80a1:face:b00c:0:d0c (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.220.81 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-220-81.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.228.194.155 (Dublin, Ireland) 14 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-194-155.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.249.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.223.223 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-223-223.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.51.203 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-51-203.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.146.56 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-146-56.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.80 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.92.78 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 78.92.95.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (Amsterdam, Netherlands) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.98 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	primitivesurvivors.org primitivesurvivors.org	978 KB
21	adroll.com 15 redirects s.adroll.com d.adroll.com	28 KB
7	facebook.com 1 redirects www.facebook.com staticxx.facebook.com web.facebook.com	2 KB
6	facebook.net connect.facebook.net	199 KB
5	twitter.com platform.twitter.com syndication.twitter.com	101 KB
3	doubleclick.net 3 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	openx.net 1 redirects us-u.openx.net	622 B
2	bidswitch.net 1 redirects x.bidswitch.net	914 B
2	3lift.com 1 redirects eb2.3lift.com	696 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	833 B
2	advertising.com 2 redirects pixel.advertising.com	722 B
2	yimg.com s.yimg.com	6 KB
2	globenation.net globenation.net	36 KB
1	rlcdn.com idsync.rlcdn.com	63 B
1	adnxs.com ib.adnxs.com	877 B
1	taboola.com trc.taboola.com	264 B
1	pubmatic.com simage2.pubmatic.com	862 B
1	outbrain.com sync.outbrain.com	390 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	ytimg.com s.ytimg.com	10 KB
1	addevent.com track.addevent.com
1	youtube.com www.youtube.com	1 KB
1	google.de www.google.de	110 B
1	google.com 1 redirects www.google.com	180 B
1	gstatic.com fonts.gstatic.com	25 KB
1	googleapis.com fonts.googleapis.com	2 KB
1	outpostnine5.com 1 redirects outpostnine5.com	761 B
1	blu145.com 1 redirects blu145.com	276 B
1	yilopeet.com 1 redirects www.yilopeet.com	324 B
1	aminge.pw 1 redirects str.aminge.pw	367 B
68	32

	Domain	Requested by
22	primitivesurvivors.org	primitivesurvivors.org
16	d.adroll.com	14 redirects s.adroll.com
6	connect.facebook.net	primitivesurvivors.org connect.facebook.net
5	s.adroll.com	1 redirects primitivesurvivors.org s.adroll.com
5	www.facebook.com	primitivesurvivors.org connect.facebook.net
4	platform.twitter.com	primitivesurvivors.org platform.twitter.com
3	www.google-analytics.com	1 redirects primitivesurvivors.org
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	s.yimg.com	primitivesurvivors.org s.yimg.com
2	globenation.net	primitivesurvivors.org
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	syndication.twitter.com	primitivesurvivors.org
1	s.ytimg.com	www.youtube.com
1	track.addevent.com	primitivesurvivors.org
1	www.youtube.com	primitivesurvivors.org
1	web.facebook.com	1 redirects
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	primitivesurvivors.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	fonts.gstatic.com	primitivesurvivors.org
1	fonts.googleapis.com	primitivesurvivors.org
1	outpostnine5.com	1 redirects
1	blu145.com	1 redirects
1	www.yilopeet.com	1 redirects
1	str.aminge.pw	1 redirects
68	37

This site contains no links.

Subject Issuer	Validity	Valid
ssl371273.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-06` - `2019-12-13`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-06-27` - `2019-08-11`	a month	crt.sh
*.google.com Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
www.google.de Google Internet Authority G3	`2019-07-02` - `2019-09-24`	3 months	crt.sh
addevent.com Amazon	`2019-04-11` - `2020-05-11`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-08` - `2019-11-04`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-25` - `2020-07-25`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Frame ID: 969CDAF4F513ED97FBA9709D0124D96D
Requests: 64 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: A027F76553CA114B7767866A0A801837
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0639d67d95b7680840758b6833f06d87.html?origin=https%3A%2F%2Fprimitivesurvivors.org
Frame ID: 14C8CDEA5B1FCD4E07B8B4A36C079637
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff305979d6820c2c%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey&_rdc=1&_rdr
Frame ID: 004B54C046DDA5745B291887D59530DD
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0639d67d95b7680840758b6833f06d87.en.html
Frame ID: C7EBD680C32184A65EE79C77F044EE26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://str.aminge.pw/determinate/bdwJ605mgmdAHngs6IssvulhJtOCGotyM3L1dn-GWGzXCqNGqRwbFyJXXUgHAQ_0... HTTP 302
http://www.yilopeet.com/cIQ3-zRwj2g_D2FFpoQteGfM1pozrHav1ZLDcMLTLcM2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZk... HTTP 302
http://blu145.com/?a=24&c=19&s1=160007&s2=502546182&s3=523200&cs=24-1 HTTP 302
http://outpostnine5.com/?a=24&c=19&s1=160007&s2=502546182&s3=523200&cs=24-1&ckmguid=463a4086-5af2-42... HTTP 302
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

68
Requests

97 %
HTTPS

43 %
IPv6

32
Domains

37
Subdomains

26
IPs

8
Countries

1401 kB
Transfer

2892 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://str.aminge.pw/determinate/bdwJ605mgmdAHngs6IssvulhJtOCGotyM3L1dn-GWGzXCqNGqRwbFyJXXUgHAQ_06a1j2SCMyGV1Dv9Y_49rQ7UxmXXQVK7JIZ1dUtfrpXSyQfXvkitvcFSL6LTuXpl6AjBxcnYbLNrxkOtzlud0A6Ac14mA8l2RUaz1RdQXXreCa4XumjMobC1nW6KAv0f2-OG HTTP 302
http://www.yilopeet.com/cIQ3-zRwj2g_D2FFpoQteGfM1pozrHav1ZLDcMLTLcM2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/523200/09318b96c7e927dde2fe28b280639c88/49903844/ HTTP 302
http://blu145.com/?a=24&c=19&s1=160007&s2=502546182&s3=523200&cs=24-1 HTTP 302
http://outpostnine5.com/?a=24&c=19&s1=160007&s2=502546182&s3=523200&cs=24-1&ckmguid=463a4086-5af2-4266-ba11-71b9237ee277 HTTP 302
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1074177670&t=pageview&_s=1&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1&ul=en-us&de=UTF-8&dt=Tactical%20LED%20Headlamp%20TL900&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=85906621&gjid=1032955377&cid=311075639.1564317535&tid=UA-64827807-7&_gid=297659785.1564317535&_r=1&z=2004602070 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_gid=297659785.1564317535&gjid=1032955377&_v=j77&z=2004602070 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_v=j77&z=2004602070 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_v=j77&z=2004602070&slf_rd=1&random=3706808451

Request Chain 40

https://web.facebook.com/v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff305979d6820c2c%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey HTTP 302
https://www.facebook.com/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff305979d6820c2c%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey&_rdc=1&_rdr

Request Chain 48

https://s.adroll.com/j/exp/GYKIC6XRBVAZFHHGCZVSTM/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 50

https://d.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN?adroll_fpc=206e7b86d2a8c028183cdb6342c98cbe-1564317537272&pv=982753314.6231637&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1 HTTP 302
https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js

Request Chain 53

https://d.adroll.com/cm/aol/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab04e0b6-b134-11e9-9747-06ae00c6cdd8 HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab04e0b6-b134-11e9-9747-06ae00c6cdd8&verify=true

Request Chain 54

https://d.adroll.com/cm/index/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expiration=1595853537 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expiration=1595853537&C=1

Request Chain 55

https://d.adroll.com/cm/n/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expires=365

Request Chain 56

https://d.adroll.com/cm/outbrain/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

Request Chain 57

https://d.adroll.com/cm/pubmatic/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 58

https://d.adroll.com/cm/taboola/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

Request Chain 59

https://d.adroll.com/cm/triplelift/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 60

https://d.adroll.com/fb/tr/?id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&adroll_fpc=206e7b86d2a8c028183cdb6342c98cbe-1564317537272 HTTP 302
https://www.facebook.com/tr/?id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&adroll_fpc=206e7b86d2a8c028183cdb6342c98cbe-1564317537272&cd[external_id]=f3NlwZn7L6r8vFtD9xSawQ

Request Chain 61

https://d.adroll.com/cm/b/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

Request Chain 62

https://d.adroll.com/cm/x/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

Request Chain 63

https://d.adroll.com/cm/l/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=7f7365c199fb2faafcbc5b43f7149ac1

Request Chain 64

https://d.adroll.com/cm/o/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=7f7365c199fb2faafcbc5b43f7149ac1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7f7365c199fb2faafcbc5b43f7149ac1

Request Chain 65

https://d.adroll.com/cm/g/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=f3NlwZn7L6r8vFtD9xSawQ&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=f3NlwZn7L6r8vFtD9xSawQ&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 7ps1 Show response
primitivesurvivors.org/tl900/11/
Redirect Chain

http://str.aminge.pw/determinate/bdwJ605mgmdAHngs6IssvulhJtOCGotyM3L1dn-GWGzXCqNGqRwbFyJXXUgHAQ_06a1j2SCMyGV1Dv9Y_49rQ7UxmXXQVK7JIZ1dUtfrpXSyQfXvkitvcFSL6LTuXpl6AjBxcnYbLNrxkOtzlud0A6Ac14mA8l2RUaz1...
http://www.yilopeet.com/cIQ3-zRwj2g_D2FFpoQteGfM1pozrHav1ZLDcMLTLcM2gJ30tFpuaNpjvprK6fLsJIGdHs3ZxWZkEYVZgrsC8g~~/523200/09318b96c7e927dde2fe28b280639c88/49903844/
http://blu145.com/?a=24&c=19&s1=160007&s2=502546182&s3=523200&cs=24-1
http://outpostnine5.com/?a=24&c=19&s1=160007&s2=502546182&s3=523200&cs=24-1&ckmguid=463a4086-5af2-4266-ba11-71b9237ee277
https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

52 KB
12 KB

590ms
520ms

Document
text/html

2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: dca9c8dad78915319584a0b6f8734523de68fde1408fbeb48591abd36bc49982

Request headers

:method: GET
:authority: primitivesurvivors.org
:scheme: https
:path: /tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Sun, 28 Jul 2019 12:38:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db7eb3d358a5a86d76aba5c67843e7f1b1564317531; expires=Mon, 27-Jul-20 12:38:51 GMT; path=/; domain=.primitivesurvivors.org; HttpOnly PHPSESSID=2332506d07e94dbc72d864fbf22be116; path=/
x-powered-by: PHP/5.6.22
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4fd6e998eaac2754-FRA
content-encoding: br

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Jul 2019 12:38:50 GMT
Location: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=Y6d5IYT0pW6fNtjXdvIm60KeIHwJxiWaKcQirNdTje8TUW4fZg3UXA==; domain=.outpostnine5.com; path=/; HttpOnly trk=3czdaySAdJafNtjXdvIm60KeIHwJxiWaKcQirNdTje8TUW4fZg3UXA==; domain=.outpostnine5.com; expires=Sun, 28-Jul-2024 05:38:50 GMT; path=/; HttpOnly c4=Y6d5IYT0pW6vNlZNDLkEoDqC8LVakx0fzy1m5h5WXiI=; domain=.outpostnine5.com; expires=Tue, 27-Aug-2019 12:38:50 GMT; path=/; HttpOnly
Content-Length: 255

GET
H2 200 kprofile.css
primitivesurvivors.org/tl900/11/resources/css/ 1 KB
503 B 2379ms
2378ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kprofile.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dba7688c6781687a0560056511cec478e3310f55f1ad2795c462771912746f9e

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2016 01:36:08 GMT
server: cloudflare
etag: W/"4203fc-498-52da7d6acf200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99c2c932754-FRA
expires: Sun, 28 Jul 2019 16:38:53 GMT

GET
H2 200 kform.css
primitivesurvivors.org/tl900/11/resources/css/ 7 KB
2 KB 3246ms
3246ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kform.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50fb038a77f7d6cd85aaa4923a370dc5122e9f2f17d0f61ad8370ee1d3e803a

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Mar 2016 19:02:46 GMT
server: cloudflare
etag: W/"4203fb-1c52-52dca9391c180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99c2c962754-FRA
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 kcart.css
primitivesurvivors.org/tl900/11/resources/css/ 2 KB
833 B 2376ms
2375ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/css/kcart.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a08eac26f4f8eb8cf4ff8de77487af119b1449bfa547ff86a46451e014b02320

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 10 Mar 2016 01:36:08 GMT
server: cloudflare
etag: W/"4203fa-867-52da7d6acf200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99c2c982754-FRA
expires: Sun, 28 Jul 2019 16:38:53 GMT

GET
H2 200 kvalidator.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 29 KB
7 KB 2382ms
2382ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/kvalidator.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46591debdbac746096895e17605faee023954bf033c18dfc7a349056e32d8c92

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 31 Oct 2018 11:29:13 GMT
server: cloudflare
etag: W/"3c9c7c-731a-579849c9d1710"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99c2c992754-FRA
expires: Sun, 28 Jul 2019 16:38:53 GMT

GET
H2 200 klander.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 34 KB
7 KB 2110ms
2109ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/klander.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb13b0ae34ab1f7dff4fcfc79187f338f85d6a7a61969f483a1c8084064a537

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Mar 2016 17:48:47 GMT
server: cloudflare
etag: W/"42040b-8700-52e92b565bdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99c2c9a2754-FRA
expires: Sun, 28 Jul 2019 16:38:53 GMT

GET
H2 200 kcart.js Show response
primitivesurvivors.org/tl900/11/resources/js/ 21 KB
5 KB 2380ms
2380ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/js/kcart.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f84f4427e998b11e18c08b994cb8f7d932b638feeb25645d6547f91eefed22

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:53 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Aug 2016 17:50:57 GMT
server: cloudflare
etag: W/"42040a-5272-539a72cc54240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99c2c9b2754-FRA
expires: Sun, 28 Jul 2019 16:38:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
16 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16120
x-xss-protection: 0
pragma: public
x-fb-debug: AKp24yHn5lMkTItD5id+YMSkc1OFzwqWa5lepgHNwcc5GfiN0ueoUJXP5Xg3DMFMoOVtyCuW2Cq2vN6Av+Gfmg==
x-fb-trip-id: 997090344
date: Sun, 28 Jul 2019 12:38:51 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 990036034350304 Show response
connect.facebook.net/signals/config/ 228 KB
61 KB 108ms
108ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/990036034350304?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

918e8922c572e0b966370c7521d3d3670810f0b124a1742586e3394fdc5ecfdd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: HXFSvp4kwJ9cGucijpY9ajGSxg14PjRQ2Os9pBOpRO4jtxTxiHBZDjjQFiBTROUjjO0lKplpeV1PTw2U771MHw==
x-fb-trip-id: 997090344
date: Sun, 28 Jul 2019 12:38:51 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lander.css
primitivesurvivors.org/assets/ 295 KB
48 KB 3283ms
3279ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/assets/lander.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8788a53e1f7c3d009811faac4bf6f61e5bf12bfcf713025818b81875cfd769ff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Feb 2016 08:34:36 GMT
server: cloudflare
etag: W/"3c0514-49c14-52b7a6bac1f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99cdd042754-FRA
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 font-awesome.css
primitivesurvivors.org/tl900/css/ 34 KB
7 KB 3267ms
3264ms Stylesheet
text/css 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/css/font-awesome.css
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e97ff9485834e2d01d61f33fe17566489e9c8e3aaea2fb8b29031a927de04d7

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 13 May 2016 14:08:45 GMT
server: cloudflare
etag: W/"4207b4-88a8-532b9d0161540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99cdd062754-FRA
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 43 KB
2 KB 21ms
18ms Stylesheet
text/css 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

6d57d2d342b40fbf41f907ff7f041cf8fc7cf842919c7a4bda785ce520a4dde5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 28 Jul 2019 12:38:51 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 28 Jul 2019 12:38:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 28 Jul 2019 12:38:51 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
primitivesurvivors.org/tl900/js/ 94 KB
32 KB 3320ms
3317ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/js/jquery-1.11.2.min.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 27 May 2015 04:53:52 GMT
server: cloudflare
etag: W/"4203ce-176bf-5170907873800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99ced092754-FRA
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 session.js Show response
primitivesurvivors.org/tl900/11/ 332 B
316 B 3263ms
3260ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/session.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca2a42ad46cb3c74ce4616f3b80b0ab47921e751de00abe4349dd56605c3168

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 22 Mar 2019 18:19:57 GMT
server: cloudflare
etag: W/"420422-14c-584b2e6f38f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99ced0c2754-FRA
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 cs.js Show response
primitivesurvivors.org/affiliateCustom/ 4 KB
1 KB 3287ms
3285ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/affiliateCustom/cs.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73d336858203d04f4d1e402e0cb8a450ed8b4b48a95c8c23b1f95fbdc06b9d28

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 07 Mar 2017 18:18:30 GMT
server: cloudflare
etag: W/"4a06cd-eb7-54a2809f8c980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e99ced0d2754-FRA
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 closemodal.png
primitivesurvivors.org/tl900/images/ 2 KB
2 KB 3268ms
3267ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/closemodal.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc6fc782c0d4686eb82136912f17a5de08ef8a8cb1e9da93c1f315eaa832db7f

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 04 Nov 2015 23:41:16 GMT
server: cloudflare
etag: "4204f8-972-523bf8be01f00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4fd6e99ced0f2754-FRA
content-length: 2418
expires: Sun, 28 Jul 2019 16:38:54 GMT

GET
H2 200 globenation-logo.png
primitivesurvivors.org/tl900/images/ 23 KB
23 KB 1041ms
1040ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/globenation-logo.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0bcc49581e06a4877102e5a6ea47f090d937af5efbe68ee42060578090be8b9

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Feb 2016 08:25:02 GMT
server: cloudflare
etag: "420507-5c68-52b7a49759380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4fd6e9b1591a2754-FRA
content-length: 23656
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H2 200 northwest-night-beam_h.jpg
primitivesurvivors.org/tl900/images/ 201 KB
202 KB 990ms
989ms Image
image/jpeg 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/northwest-night-beam_h.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b5bdc221f51188cd5c216018126d5685f5b8de0767b06f6b31ea2b68dcea7e

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Apr 2016 16:55:03 GMT
server: cloudflare
etag: "420ba6-3258c-53060a39507c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4fd6e9b1b96e2754-FRA
content-length: 206220
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H2 200 TL900Headlamp.png
primitivesurvivors.org/tl900/images/ 237 KB
237 KB 979ms
978ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/TL900Headlamp.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f35f35f38ed0da3018adc2ee9637b77e37ac57fa713456ef14c07e91e04da76a

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 21 Feb 2017 18:50:46 GMT
server: cloudflare
etag: "420520-3b321-5490edb968d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4fd6e9b1b96f2754-FRA
content-length: 242465
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H2 200 tltweet.jpg
primitivesurvivors.org/tl900/images/ 61 KB
62 KB 957ms
956ms Image
image/jpeg 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/tltweet.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82340800cd760a12a655d91f5f9a31aca3043df2de74eb8b724b937a8fe9664f

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Apr 2016 16:56:28 GMT
server: cloudflare
etag: "420ba8-f5ce-53060a8a60700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4fd6e9b1b9702754-FRA
content-length: 62926
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H/1.1 200
OK g700-tactical-flashlight-blinding-a-beer.jpg
globenation.net/wp-content/uploads/2015/11/ 20 KB
21 KB 759ms
733ms Image
image/jpeg 2606:4700:30::681c:155
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://globenation.net/wp-content/uploads/2015/11/g700-tactical-flashlight-blinding-a-beer.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:155 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9c042a373085a520d831dc9ad0239a3543f1be3f822680dcb2650ac4a06905

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Sun, 28 Jul 2019 12:38:55 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 13 Nov 2015 07:11:41 GMT
Server: cloudflare
ETag: "2e0b7f-507d-52466c56be540"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fd6e9b1dcf2dfbb-FRA
Content-Length: 20605
Expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H/1.1 200
OK flashlight-for-nightime.jpg
globenation.net/wp-content/uploads/2015/11/ 15 KB
15 KB 776ms
750ms Image
image/jpeg 2606:4700:30::681c:155
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://globenation.net/wp-content/uploads/2015/11/flashlight-for-nightime.jpg
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: , ,
Server: 2606:4700:30::681c:155 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516c7eb9a1b4a829f30052828d4e12000560c5114fa07b5dd823aaeb4793cccf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Sun, 28 Jul 2019 12:38:55 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Fri, 13 Nov 2015 07:11:43 GMT
Server: cloudflare
ETag: "2e0b7d-3ab8-52466c58a69c0"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4fd6e9b1db849814-FRA
Content-Length: 15032
Expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H2 200 tl900video.png
primitivesurvivors.org/tl900/images/ 107 KB
107 KB 983ms
982ms Image
image/png 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://primitivesurvivors.org/tl900/images/tl900video.png
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41169675c092f84afb7c56b104f6e631bef24ddb5446326847df58cf9a29ec62

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Apr 2016 16:56:44 GMT
server: cloudflare
etag: "420ba7-1aa4c-53060a99a2b00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4fd6e9b1b9712754-FRA
content-length: 109132
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H2 200 lander.js Show response
primitivesurvivors.org/assets/ 565 KB
156 KB 1037ms
1036ms Script
application/javascript 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/assets/lander.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a4c7a1148a8b64ac46e8ef4c3a0e5a343d4aa01a4c97400ca099b6fd0c5d4b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 02 Mar 2016 01:49:08 GMT
server: cloudflare
etag: W/"3c0940-8d301-52d07166fcd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e9b1490c2754-FRA
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
920 B 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.51

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: 8eSiYG1jTbxlQxLbxfIf//aAiv46SxqRJihlo6Z6nBhijw59JK9qrg2WZAWzBz3lFqocgp1OJtqmsRg9mW1FHA==
x-fb-trip-id: 997090344
date: Sun, 28 Jul 2019 12:38:54 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 Jun 2019 21:35:04 GMT
server: Golfe2
age: 6706
date: Sun, 28 Jul 2019 10:47:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17707
expires: Sun, 28 Jul 2019 12:47:08 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
5 KB 40ms
13ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 28 Jul 2019 12:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 805
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
content-length: 4934
x-amz-id-2: K/umzsRXB2JY4sGsEygnPcFWgbrZ3Irf+18km1RzS39PcLL6d4U4FyqQSAOY62LZBIZkS9ZfmyY=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 28 Aug 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 24 Jul 2019 11:33:24 GMT
server: ATS
etag: "f0737c96607a897bd5c4b86e364b3e28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-request-id: 95EAC971907F0832
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: O__PgtPqBm2npiKf3ZYV0ppfblQUYlnj
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d52e1a81a20876e2c4bbe823f7d56a2227684b7d3ab5cd75ed39df6fd11a5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AJusRRlt4daN8EINmWUt0g==
status: 200
date: Sun, 28 Jul 2019 12:38:55 GMT
vary: Accept-Encoding
content-length: 1779
x-fb-debug: ieNwHCz7ysdq20ZSGXzIoTDhQod2DCtPEBuwoWI8XobLMG7FIgra7ADSQ8G3DFTZbnWD7jnCtRLKZFj47ju5Tw==
x-fb-trip-id: 997090344
x-fb-content-md5: c3ece8741a5e7f08dd6dcdddcc073ecb
etag: "bcccd15777fc327fa6826fc278e00873"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Jul 2019 12:53:36 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8Gl-1PKw.woff2
fonts.gstatic.com/s/oswald/v24/ 25 KB
25 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v24/TK3iWkUHHAIjg752GT8Gl-1PKw.woff2

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open%20Sans:400,700|Oswald:400,700|Droid%20Sans:400,700|Roboto:400,700|Lato:400,700|PT%20Sans:400,700|Source%20Sans%20Pro:400,700|Noto%20Sans:400,700|PT%20Sans:400,700|Ubuntu:400,700|Bitter:400,700|PT%20Serif:400,700|Rokkitt:400,700|Droid%20Serif:400,700|Raleway:400,700|Inconsolata:400,700
Origin: https://primitivesurvivors.org

Response headers

date: Tue, 23 Jul 2019 04:02:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:40 GMT
server: sffe
age: 462962
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 25376
x-xss-protection: 0
expires: Wed, 22 Jul 2020 04:02:53 GMT

GET
H2 200 fontawesome-webfont.woff2
primitivesurvivors.org/tl900/fonts/ 65 KB
65 KB 1310ms
1310ms Font
application/octet-stream 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/css/font-awesome.css
Origin: https://primitivesurvivors.org

Response headers

date: Sun, 28 Jul 2019 12:38:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2016 22:45:38 GMT
server: cloudflare
etag: W/"4203c4-10440-52d7d393cc880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: public, max-age=14400
cf-ray: 4fd6e9b1c9892754-FRA
expires: Sun, 28 Jul 2019 16:38:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
93 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: a8907cef9f64bccd7d625c25537cadf6c4d4ba17f7c62e1e029edc706e1a654d

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Sun, 28 Jul 2019 12:38:55 GMT
Last-Modified: Wed, 24 Jul 2019 23:24:45 GMT
Server: ECS (fcn/41A0)
Etag: "1b95626cf7796551e445933f79466124"
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 95170

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1074177670&t=pageview&_s=1&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_gid=297659785.1564317535&gjid=1032955377&_v=j77&z=2004602070
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_v=j77&z=2004602070
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_v=j77&z=2004602070&slf_rd=1&random=3706808451

42 B
110 B

31ms
31ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_v=j77&z=2004602070&slf_rd=1&random=3706808451

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jul 2019 12:38:55 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jul 2019 12:38:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64827807-7&cid=311075639.1564317535&jid=85906621&_v=j77&z=2004602070&slf_rd=1&random=3706808451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990036034350304&ev=PageView&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1564317535044&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=30&fbp=fb.1.1564317535043.610010681&it=1564317531556&coo=false&rqm=GET

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 28 Jul 2019 12:38:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
59 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e5b6ea87d9e6e01d29253331121cae8b&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

dfdf307d6ad59eb3e4d281244d85e3777d9d85b8e711efbc36b4c9908f88c291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Wjf66WiSmN90CpsbhWhGVw==
status: 200
date: Sun, 28 Jul 2019 12:38:55 GMT
vary: Accept-Encoding
content-length: 60302
x-fb-debug: vIp/Wo2+1XrNEs3isWDYQ5QofawBMpo1eyCan3t4d8PBaWCLQ27/clOHT4Ir3R+CiocSgxOMk7uBvShjJWlC0g==
x-fb-trip-id: 2053358576
x-fb-content-md5: aee133264bc60469b25809cf4d12c2a7
etag: "6dfc66962d82f9507314e52a31bc78e2"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 27 Jul 2020 11:13:19 GMT

GET
H2 200 435582.json Show response
s.yimg.com/wi/config/ 2 B
481 B 152ms
128ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/435582.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org

Response headers

date: Sun, 28 Jul 2019 12:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 33043F4E35B6F5C9
x-amz-id-2: eq7kaTm2CmoTJgRhLiBCwWZyIRvdNretkbodDJT1Xwea7MtW8TXT1hKl04zugpLtriG+SOtq6uU=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame A027 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e5b6ea87d9e6e01d29253331121cae8b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
cookie: fr=01eJjWYTf2a8yZTnM..BdPZdf...1.0.BdPZdf.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 25 Jul 2020 15:20:43 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: jLfcVxznbnJU9uXtE+UtnvGRUvZgR4nQGME1n7dT03xaRQ9cio3NkhMylPaY9kKDHpphbe1o8CgbQV/tzEXBiA==
content-length: 11468
x-fb-trip-id: 997090344
date: Sun, 28 Jul 2019 12:38:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
201 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=990036034350304&ev=Microdata&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1564317535551&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22meta%3Adescription%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22meta%3Akeywords%22%3A%22Tactical%2C%20LED%2C%20Headlamp%2C%20TL900%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22..%2Fimages%2FTL900Headlamp.png%22%2C%22og%3Atitle%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22og%3Adescription%22%3A%22Tactical%20LED%20Headlamp%20TL900%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.51&r=stable&ec=1&o=30&fbp=fb.1.1564317535550.199390601&it=1564317531556&coo=false&es=automatic&rqm=GET

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 28 Jul 2019 12:38:55 GMT

GET
H2 200 __utm.gif
www.google-analytics.com/ 35 B
123 B 6ms
5ms Image
image/gif 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=5.4.2&utmac=UA-16505296-2&utmn=1&utmhn=primitivesurvivors.org&utmsr=1600x1200&utmul=en-us&utmr=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1&utmp=primitivesurvivors.org%2Ftl900%2F11%2F7ps1&utmcc=__utma%3D1.5030147409.1.1.1.1%3B&utme=8(vjsv)9(v4.11.4)

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 03:59:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3832769
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 24-1.php Show response
primitivesurvivors.org/affiliateCustom/ 1 KB
636 B 763ms
763ms XHR
text/html 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/affiliateCustom/24-1.php?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1&rand=1564317536.087
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/assets/lander.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: cec3eae9dd4755cfc98d4c7f0bc94c542f49fe1208d2abf1bffc414580c9cb32

Request headers

Accept: */*
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:56 GMT
content-encoding: br
server: cloudflare
x-powered-by: PHP/5.6.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 4fd6e9b89d5b2754-FRA

GET
H/1.1 200
OK widget_iframe.0639d67d95b7680840758b6833f06d87.html
platform.twitter.com/widgets/ Frame 14C8 0
0 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0639d67d95b7680840758b6833f06d87.html?origin=https%3A%2F%2Fprimitivesurvivors.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Jul 2019 12:38:56 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863"
Last-Modified: Wed, 24 Jul 2019 23:23:20 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DE)
X-Cache: HIT
Content-Length: 15194

GET
H/1.1 200
OK button.509719336ca39171c37a321231ccaf83.js Show response
platform.twitter.com/js/ 7 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.509719336ca39171c37a321231ccaf83.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/418F) /
Resource Hash: 748fd5acb7dc8340d5f4d220fc0e181b1a0caa8d532f398e727acbefbb427c7f

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Date: Sun, 28 Jul 2019 12:38:56 GMT
Last-Modified: Wed, 24 Jul 2019 23:23:11 GMT
Server: ECS (fcn/418F)
Etag: "b1ab34c2b2497b898d66dafcd50118ea"
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 6910

GET
H2

200

share_button.php
www.facebook.com/plugins/ Frame 004B
Redirect Chain

https://web.facebook.com/v2.6/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3D...
https://www.facebook.com/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimi...

0
0

124ms
123ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff305979d6820c2c%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e5b6ea87d9e6e01d29253331121cae8b&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff305979d6820c2c%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey&_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
accept-encoding: gzip, deflate, br
cookie: fr=0meCGOZCJHd2P3tGc..BdPZdf...1.0.BdPZdf.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 8eDM8WkiyumAEvMfWgWgs409t/4A0kPWu/Wz1Yma9KtkbVTom6GY5Z+/phdoHqrA3+7Sp+IMcQXUchOGWTjmLw==
date: Sun, 28 Jul 2019 12:38:56 GMT

Redirect headers

status: 302
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
location: https://www.facebook.com/plugins/share_button.php?app_id=760329977436489&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfea86a8e1a213c%26domain%3Dprimitivesurvivors.org%26origin%3Dhttps%253A%252F%252Fprimitivesurvivors.org%252Ff305979d6820c2c%26relation%3Dparent.parent&container_width=255&href=https%3A%2F%2Fprimitivesurvivors.us%2Ftl900%2F11&layout=button_count&locale=en_US&mobile_iframe=true&sdk=joey&_rdc=1&_rdr
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.facebook.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm https://*.facebook.com;
facebook-api-version: v2.10
x-fb-zr-redirect: 02|1564403936|FzBGAiEA9pCNP10jzyPw-QTi889u54z9x9ARiK1bCPIzpfb50eUCIQCQ8Orr2t9eOYXQoOM2WkKXpTU7PdgkhJZp8Fr012AKzA
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: pEDOgRmuHZvALeckCrit02kzl49+8HKFLvTK3bZ4Q/XTGiIKW6X4JveowCnDi3DlVn7vry6VMUoQRL+YTvis+g==
content-length: 0
date: Sun, 28 Jul 2019 12:38:56 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 43ms
23ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/assets/lander.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

d102474025e2a05cf0c0ef40436a8842a7ba53ea8a43530c6d5e206a93c4925c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:56 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 194ms
51ms Image
text/html 52.17.220.81
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=82760287-7120-40f1-1607-24aed9ab80db&url=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1&cache=1564317536129
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.220.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-17-220-81.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H/1.1 200
OK tweet_button.0639d67d95b7680840758b6833f06d87.en.html
platform.twitter.com/widgets/ Frame C7EB 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.0639d67d95b7680840758b6833f06d87.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B2) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 28 Jul 2019 12:38:56 GMT
Etag: "d36f6cd2265687c95c69daa3a560547a"
Last-Modified: Wed, 24 Jul 2019 23:23:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B2)
X-Cache: HIT
Content-Length: 33008

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflj5Qw1-/ 25 KB
10 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflj5Qw1-/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71c080e63d1e093ef43c99d304b325313f1dfe0c2520a947c700cc41c97b3a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Tue, 23 Jul 2019 23:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391954
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9741
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 23:41:33 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 31 Jul 2019 23:46:22 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
375 B 145ms
144ms Image
image/gif 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1564317536277%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22bbec9cd%3A1564009982483%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 120
pragma: no-cache
last-modified: Sun, 28 Jul 2019 12:38:56 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d22c04314800c1b38603179912b1e41d
x-transaction: 002ab81700816eab
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 async.php Show response
primitivesurvivors.org/tl900/11/resources/ 68 B
276 B 1117ms
1116ms XHR
text/html 2606:4700:20::6818:e6b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://primitivesurvivors.org/tl900/11/resources/async.php
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/resources/js/klander.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6818:e6b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.6.22
Resource Hash: fe4cf37b48af137a3eaa35215163aa3f5ba5af8d633f9d88691801d92455c20b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Origin: https://primitivesurvivors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 28 Jul 2019 12:38:57 GMT
content-encoding: br
server: cloudflare
x-powered-by: PHP/5.6.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 4fd6e9babe602754-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 34 KB
11 KB 119ms
39ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: primitivesurvivors.org
URL: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ed80f41acce7333e401f54e274c8f7e5a8845b386d7ea279d318601a5d861862

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: yXvQOb0G6aOcvTzaykExeLIBsrB_FY0K
Content-Encoding: gzip
x-amz-request-id: 00ACB791F2AEC0F4
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sun, 28 Jul 2019 12:38:56 GMT
Connection: keep-alive
Content-Length: 10583
x-amz-id-2: 3GNcpVxFxDhIZwz7mjfRxyA7+g4bPQqp2t2aCDdmy8rcPJh2YrnHTOfDCIs/o2NxSE9ENq2fIDc=
Last-Modified: Tue, 23 Jul 2019 13:11:59 GMT
Server: AmazonS3
ETag: "3f7d31da730b5a7122b8ea634ef0445b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/GYKIC6XRBVAZFHHGCZVSTM/index.js
https://s.adroll.com/j/exp/index.js

0
674 B

37ms
37ms

Script
application/json

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: eLgehhBocnh5Xisydnq79f0Uv93qhmlr
x-amz-request-id: 80E31077604AAE6C
x-amz-server-side-encryption: AES256
Date: Sun, 28 Jul 2019 12:38:56 GMT
Connection: keep-alive
Content-Length: 0
x-amz-id-2: +PrypxYzJlRWDTjJWAJBO1mZamoB/vS/6cjeHOlF5PcjKQuHonkJc8yw5OVmCXiHipoy+iEL2Hs=
Last-Modified: Sun, 09 Dec 2018 00:41:56 GMT
Server: AmazonS3
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Sun, 28 Jul 2019 12:38:56 GMT
Server: AkamaiGHost
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK GYKIC6XRBVAZFHHGCZVSTM Show response
d.adroll.com/consent/check/ 46 B
505 B 162ms
39ms Script
application/javascript 54.228.194.155
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/GYKIC6XRBVAZFHHGCZVSTM?_s=66fab602842d863c88b9139c62e918e5
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.194.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-194-155.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: 934342c9204f3c7cffaa0764d0b843f5c9ea5a5395c0c2fd0cac49b325a86df8

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 46

GET
H/1.1

200
OK

FAMX2Q6M6VHQDAOB75DEFM.js Show response
s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/
Redirect Chain

https://d.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN?adroll_fpc=206e7b86d2a8c028183cdb6342c98cbe-1564317537272&pv=982753314.6231637&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2...
https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js

12 KB
4 KB

253ms
252ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8117f153aa9b4058cee25a3c1ea6962640236dd589328b515b89547a1890b55a

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: WFS_mFwWmF5KW2WNXd59OWxtHRJ0_CGF
Content-Encoding: gzip
x-amz-request-id: 9A2749607A0A97C2
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sun, 28 Jul 2019 12:38:57 GMT
Connection: keep-alive
Content-Length: 3486
x-amz-id-2: uvyZwrbkg+9mZDKv8ZsvFq/MQ7P+209g8S7UDjEywZ1C1GSSAVmmVj5+3kVhSD8NYweXr+Al0O0=
Last-Modified: Sun, 28 Jul 2019 07:03:18 GMT
Server: AmazonS3
ETag: "90a261b61a130321baefc553cf6c0bb0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Sun, 28 Jul 2019 12:38:57 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.14.1
X-Rule: */tl900*
X-Segment-Eid: FAMX2Q6M6VHQDAOB75DEFM
Location: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: IDGHOAWM3RCVRD6E2YMDXN
X-Segment-Name: 548a42e1
X-Advertisable-Eid: GYKIC6XRBVAZFHHGCZVSTM
X-Conversion-Currency

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 38ms
37ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/GYKIC6XRBVAZFHHGCZVSTM/IDGHOAWM3RCVRD6E2YMDXN/FAMX2Q6M6VHQDAOB75DEFM.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

x-amz-version-id: 8G34JTsOM1EoJFxz8hLtQ3IMLv6sn7ul
Content-Encoding: gzip
x-amz-request-id: BE0E99127453E25F
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 600
Date: Sun, 28 Jul 2019 12:38:57 GMT
Connection: keep-alive
Content-Length: 2039
x-amz-id-2: 66qWRjqgWSwnH/rOpmWeSee4PeZVjNF5wjpYxn3Agpnp+n36hzfSAtbz+js9Gh8GMIme39+ptH8=
Last-Modified: Fri, 26 Jul 2019 23:18:46 GMT
Server: AmazonS3
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 1516295368673519 Show response
connect.facebook.net/signals/config/ 228 KB
61 KB 369ms
369ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1516295368673519?v=2.8.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

96dc0761374b4b366d0014a0876a45fdcba71d06fee1e63b499cabf6d2bd9693

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: py4ryWucJKNud4SjwWlAgfwJUZNtWgJf7kjTVbUA3/MwAZ0ao+Go+TNLuapleeiZ9NMI7Ou8E+XwCCs7mbhngw==
x-fb-trip-id: 997090344
date: Sun, 28 Jul 2019 12:38:57 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://pixel.advertising.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab04e0b6-b134-11e9-9747-06...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab04e0b6-b134-11e9-9747-06...

0
475 B

123ms
122ms

Image
text/plain

52.29.223.223
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab04e0b6-b134-11e9-9747-06ae00c6cdd8&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.223.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-223-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 204
date: Sun, 28 Jul 2019 12:38:58 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Sun, 28 Jul 2019 12:38:58 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPab04e0b6-b134-11e9-9747-06ae00c6cdd8&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expiration=1595853537
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expiration=1595853537&C=1

43 B
898 B

49ms
49ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expiration=1595853537&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 28 Jul 2019 12:38:57 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expiration=1595853537&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Sun, 28 Jul 2019 12:38:57 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expires=365

42 B
371 B

147ms
30ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: uebKZaPtwpjEmujvE3MmNQ
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

pixel
sync.outbrain.com/adroll/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://sync.outbrain.com/adroll/pixel?user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

0
390 B

212ms
142ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/adroll/pixel?user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:57 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-traceid: 57449c62af9adde7fb0de3061e9930f5
x-timer: S1564317538.797859,VS0,VE113
x-cache: MISS, MISS
status: 200
backend-ip: 157.52.75.48
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-mdw17348-MDW, cache-fra19160-FRA

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
862 B

83ms
18ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
X-lat: Pug22054:0:407
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

0
264 B

113ms
40ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:57 GMT
via: 1.1 varnish
server: nginx
x-timer: S1564317538.805472,VS0,VE12
x-served-by: cache-fra19160-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://eb2.3lift.com/xuid?mid=4714&xuid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&dongle=c85e&gdpr=1&cmp_cs=

37 B
336 B

29ms
28ms

Image
image/gif

52.28.51.203
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.51.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-51-203.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Sun, 28 Jul 2019 12:38:57 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Sun, 28 Jul 2019 12:38:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://d.adroll.com/fb/tr/?id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=1802842557448...
https://www.facebook.com/tr/?id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744...

44 B
147 B

7ms
7ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&adroll_fpc=206e7b86d2a8c028183cdb6342c98cbe-1564317537272&cd[external_id]=f3NlwZn7L6r8vFtD9xSawQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 28 Jul 2019 12:38:57 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://www.facebook.com/tr/?id=1516295368673519&ev=ViewContent&cd[content_type]=product&cd[content_ids]=adroll_dummy_product_&cd[application_id]=321379434608647&cd[product_catalog_id]=180284255744805&adroll_fpc=206e7b86d2a8c028183cdb6342c98cbe-1564317537272&cd[external_id]=f3NlwZn7L6r8vFtD9xSawQ
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 304

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://x.bidswitch.net/sync?dsp_id=44&user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

43 B
381 B

118ms
116ms

Image
image/gif

52.57.146.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.146.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-146-56.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 200
date: Sun, 28 Jul 2019 12:38:58 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sun, 28 Jul 2019 12:38:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://ib.adnxs.com/setuid?entity=172&code=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

43 B
877 B

1166ms
87ms

Image
image/gif

185.33.223.80
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:39:01 GMT
AN-X-Request-Uuid: c2fa9fec-49b0-4533-bdbc-b88edacdf6ca
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.212.171.78; 185.212.171.78; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/setuid?entity=172&code=N2Y3MzY1YzE5OWZiMmZhYWZjYmM1YjQzZjcxNDlhYzE
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://idsync.rlcdn.com/377928.gif?partner_uid=7f7365c199fb2faafcbc5b43f7149ac1

0
63 B

708ms
222ms

Image
text/plain

34.95.92.78
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=7f7365c199fb2faafcbc5b43f7149ac1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.92.78 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 78.92.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

status: 204
date: Sun, 28 Jul 2019 12:38:58 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:57 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=7f7365c199fb2faafcbc5b43f7149ac1
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM
https://us-u.openx.net/w/1.0/sd?id=537103138&val=7f7365c199fb2faafcbc5b43f7149ac1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7f7365c199fb2faafcbc5b43f7149ac1

43 B
256 B

19ms
18ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7f7365c199fb2faafcbc5b43f7149ac1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 Amsterdam, Netherlands, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.149.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jul 2019 12:38:59 GMT
server: OXGW/16.149.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Sun, 28 Jul 2019 12:38:59 GMT
server: OXGW/16.149.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7f7365c199fb2faafcbc5b43f7149ac1
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=GYKIC6XRBVAZFHHGCZVSTM&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=f3NlwZn7L6r8vFtD9xSawQ&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=f3NlwZn7L6r8vFtD9xSawQ&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
519 B

40ms
39ms

Image
image/gif

54.228.194.155
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.194.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-194-155.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Jul 2019 12:38:59 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.2.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Sun, 28 Jul 2019 12:38:59 GMT
server: HTTP server (unknown)
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1516295368673519&ev=PageView&dl=https%3A%2F%2Fprimitivesurvivors.org%2Ftl900%2F11%2F7ps1%3FaffId%3D065D4A35%26s4%3D%26s2%3D160007%26s5%3D%26s3%3D9569392%26s1%3D24%26pop%3Doff%26cs%3D24-1&rl=&if=false&ts=1564317538337&cd[segment_eid]=FAMX2Q6M6VHQDAOB75DEFM&sw=1600&sh=1200&v=2.8.51&r=stable&ec=0&o=29&fbp=fb.1.1564317538335.1904292047&it=1564317531556&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://primitivesurvivors.org/tl900/11/7ps1?affId=065D4A35&s4=&s2=160007&s5=&s3=9569392&s1=24&pop=off&cs=24-1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36

Response headers

date: Sun, 28 Jul 2019 12:38:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sun, 28 Jul 2019 12:38:58 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.primitivesurvivors.org/	1970-01-19 04:41:33	Name: _fbp Value: fb.1.1564317535550.199390601
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: pop Value: off
primitivesurvivors.org/tl900/11	1970-01-19 11:17:33	Name: addevent_track_cookie Value: 82760287-7120-40f1-1607-24aed9ab80db
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s3 Value: 9569392
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s1 Value: 24
.facebook.com/	1970-01-19 04:41:33	Name: fr Value: 0meCGOZCJHd2P3tGc..BdPZdf...1.0.BdPZdf.
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s4 Value:
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s2 Value: 160007
.primitivesurvivors.org/	1970-01-19 11:17:33	Name: __cfduid Value: db62db0564fec4c911b5bf09eddcc50bb1564317535
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: s5 Value:
primitivesurvivors.org/tl900/11	1970-01-19 02:32:40	Name: uniq-nodo-8397828 Value: x
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: cs Value: 24-1
primitivesurvivors.org/tl900/11	1969-12-31 23:59:59	Name: affId Value: 065D4A35

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 5) Message: Custom Snippets Loaded
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 32) Message: Pop Up Modal Disabled
console-api	log	URL: https://primitivesurvivors.org/affiliateCustom/cs.js(Line 104) Message: Custom Code Loaded #24-1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blu145.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
globenation.net
ib.adnxs.com
idsync.rlcdn.com
outpostnine5.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
primitivesurvivors.org
s.adroll.com
s.yimg.com
s.ytimg.com
simage2.pubmatic.com
staticxx.facebook.com
stats.g.doubleclick.net
str.aminge.pw
sync.outbrain.com
syndication.twitter.com
track.addevent.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
web.facebook.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.yilopeet.com
www.youtube.com
x.bidswitch.net
103.83.36.136
104.244.42.200
151.101.14.2
172.217.22.98
173.241.240.143
185.33.223.80
185.64.189.110
2.18.233.40
2.18.234.21
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6818:e6b
2606:4700:30::681c:155
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:814::200a
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:816::200e
2a00:1450:4001:81c::2004
2a00:1450:400c:c04::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f01c:80a1:face:b00c:0:d0c
2a03:2880:f11c:8183:face:b00c:0:25de
34.213.108.231
34.95.92.78
35.157.249.39
35.160.249.154
45.10.166.27
52.17.220.81
52.28.51.203
52.29.223.223
52.57.146.56
54.228.194.155
69.173.144.136
0e97ff9485834e2d01d61f33fe17566489e9c8e3aaea2fb8b29031a927de04d7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1bb13b0ae34ab1f7dff4fcfc79187f338f85d6a7a61969f483a1c8084064a537
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
41169675c092f84afb7c56b104f6e631bef24ddb5446326847df58cf9a29ec62
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46591debdbac746096895e17605faee023954bf033c18dfc7a349056e32d8c92
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516c7eb9a1b4a829f30052828d4e12000560c5114fa07b5dd823aaeb4793cccf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
66f84f4427e998b11e18c08b994cb8f7d932b638feeb25645d6547f91eefed22
6d57d2d342b40fbf41f907ff7f041cf8fc7cf842919c7a4bda785ce520a4dde5
71c080e63d1e093ef43c99d304b325313f1dfe0c2520a947c700cc41c97b3a04
73b5bdc221f51188cd5c216018126d5685f5b8de0767b06f6b31ea2b68dcea7e
73d336858203d04f4d1e402e0cb8a450ed8b4b48a95c8c23b1f95fbdc06b9d28
748fd5acb7dc8340d5f4d220fc0e181b1a0caa8d532f398e727acbefbb427c7f
8117f153aa9b4058cee25a3c1ea6962640236dd589328b515b89547a1890b55a
82340800cd760a12a655d91f5f9a31aca3043df2de74eb8b724b937a8fe9664f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8788a53e1f7c3d009811faac4bf6f61e5bf12bfcf713025818b81875cfd769ff
89a4c7a1148a8b64ac46e8ef4c3a0e5a343d4aa01a4c97400ca099b6fd0c5d4b
918e8922c572e0b966370c7521d3d3670810f0b124a1742586e3394fdc5ecfdd
934342c9204f3c7cffaa0764d0b843f5c9ea5a5395c0c2fd0cac49b325a86df8
96dc0761374b4b366d0014a0876a45fdcba71d06fee1e63b499cabf6d2bd9693
97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98
a08eac26f4f8eb8cf4ff8de77487af119b1449bfa547ff86a46451e014b02320
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a8907cef9f64bccd7d625c25537cadf6c4d4ba17f7c62e1e029edc706e1a654d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc6fc782c0d4686eb82136912f17a5de08ef8a8cb1e9da93c1f315eaa832db7f
ca9c042a373085a520d831dc9ad0239a3543f1be3f822680dcb2650ac4a06905
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cec3eae9dd4755cfc98d4c7f0bc94c542f49fe1208d2abf1bffc414580c9cb32
d102474025e2a05cf0c0ef40436a8842a7ba53ea8a43530c6d5e206a93c4925c
d50fb038a77f7d6cd85aaa4923a370dc5122e9f2f17d0f61ad8370ee1d3e803a
d52e1a81a20876e2c4bbe823f7d56a2227684b7d3ab5cd75ed39df6fd11a5f22
dba7688c6781687a0560056511cec478e3310f55f1ad2795c462771912746f9e
dca9c8dad78915319584a0b6f8734523de68fde1408fbeb48591abd36bc49982
dfdf307d6ad59eb3e4d281244d85e3777d9d85b8e711efbc36b4c9908f88c291
e0bcc49581e06a4877102e5a6ea47f090d937af5efbe68ee42060578090be8b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747521bc9729c30f06bda6471e77ad26ce0e05b104743e93fe14c8ef3b559a7
ed80f41acce7333e401f54e274c8f7e5a8845b386d7ea279d318601a5d861862
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f35f38ed0da3018adc2ee9637b77e37ac57fa713456ef14c07e91e04da76a
fca2a42ad46cb3c74ce4616f3b80b0ab47921e751de00abe4349dd56605c3168
fe4cf37b48af137a3eaa35215163aa3f5ba5af8d633f9d88691801d92455c20b
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

primitivesurvivors.org Open in urlscan Pro 2606:4700:20::6818:e6b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

97 %HTTPS

43 %IPv6

32 Domains

37 Subdomains

26 IPs

8 Countries

1401 kBTransfer

2892 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

primitivesurvivors.org Open in urlscan Pro
2606:4700:20::6818:e6b Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

97 %
HTTPS

43 %
IPv6

32
Domains

37
Subdomains

26
IPs

8
Countries

1401 kB
Transfer

2892 kB
Size

13
Cookies

68 HTTP transactions
0 data transactions