daffodil-ruddy-run.glitch.me Open in urlscan Pro
52.3.60.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://daffodil-ruddy-run.glitch.me/
Submission: On February 03 via manual (February 3rd 2021, 1:57:18 am UTC) from US

Summary HTTP 305 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 110 IPs in 9 countries across 101 domains to perform 305 HTTP transactions. The main IP is 52.3.60.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is daffodil-ruddy-run.glitch.me.

This is the only time daffodil-ruddy-run.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.3.60.128 52.3.60.128	14618 (AMAZON-AES) (AMAZON-AES)
3	213.196.2.1 213.196.2.1	7979 (SERVERS-COM) (SERVERS-COM)
1 2	2606:4700:303... 2606:4700:3034::ac43:bbbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:8916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.68.161.17 51.68.161.17	16276 (OVH) (OVH)
1	51.68.161.20 51.68.161.20	16276 (OVH) (OVH)
3	139.45.196.201 139.45.196.201	9002 (RETN-AS) (RETN-AS)
8	139.45.196.200 139.45.196.200	9002 (RETN-AS) (RETN-AS)
1	139.45.197.253 139.45.197.253	9002 (RETN-AS) (RETN-AS)
1	2600:9000:21f... 2600:9000:21f3:f400:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
1	151.101.113.52 151.101.113.52	54113 (FASTLY) (FASTLY)
1	151.101.112.124 151.101.112.124	54113 (FASTLY) (FASTLY)
6	199.232.196.124 199.232.196.124	54113 (FASTLY) (FASTLY)
2	13.224.192.34 13.224.192.34	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:e00:1d:bf0d:abc0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.224.195.33 13.224.195.33	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:d1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.123 139.45.195.123	9002 (RETN-AS) (RETN-AS)
1	2606:2800:233... 2606:2800:233:af6:eab:2108:1892:6d8	15133 (EDGECAST) (EDGECAST)
3 8	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1	37.59.184.172 37.59.184.172	16276 (OVH) (OVH)
3	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2)
1	213.32.61.35 213.32.61.35	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:1041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.68.123 35.190.68.123	15169 (GOOGLE) (GOOGLE)
3	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
9	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	213.32.115.25 213.32.115.25	16276 (OVH) (OVH)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	148.251.13.139 148.251.13.139	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:21f... 2600:9000:21f3:1400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	50.18.199.66 50.18.199.66	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	143.204.93.61 143.204.93.61	16509 (AMAZON-02) (AMAZON-02)
2 11	79.125.73.87 79.125.73.87	16509 (AMAZON-02) (AMAZON-02)
11	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::200d	15169 (GOOGLE) (GOOGLE)
1	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 3	2606:4700:20:... 2606:4700:20::ac43:4a21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:8512	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.106 139.45.195.106	9002 (RETN-AS) (RETN-AS)
4	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.46.132.238 52.46.132.238	16509 (AMAZON-02) (AMAZON-02)
1	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
2	178.128.255.150 178.128.255.150	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.19.130.80 104.19.130.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	94.31.29.128 94.31.29.128	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
2	38.132.109.186 38.132.109.186	9009 (M247) (M247)
2	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	13.224.194.107 13.224.194.107	16509 (AMAZON-02) (AMAZON-02)
1	216.21.13.11 216.21.13.11	53334 (TUT-AS) (TUT-AS)
1	216.59.56.9 216.59.56.9	53334 (TUT-AS) (TUT-AS)
1	192.0.77.38 192.0.77.38	2635 (AUTOMATTIC) (AUTOMATTIC)
3	104.18.131.145 104.18.131.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
4 5	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	67.202.110.23 67.202.110.23	32748 (STEADFAST) (STEADFAST)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.157.234.72 35.157.234.72	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.239.147 52.28.239.147	16509 (AMAZON-02) (AMAZON-02)
4 4	35.156.143.112 35.156.143.112	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6	2606:4700:20:... 2606:4700:20::681a:a9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.131.80 104.19.131.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 19	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 22	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	54.163.245.232 54.163.245.232	14618 (AMAZON-AES) (AMAZON-AES)
1	54.171.42.232 54.171.42.232	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:516... 2a0c:5c81:5160::2	55081 (24SHELLS) (24SHELLS)
1	104.21.20.75 104.21.20.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	78.140.188.188 78.140.188.188	35415 (WEBZILLA) (WEBZILLA)
1	139.45.196.129 139.45.196.129	9002 (RETN-AS) (RETN-AS)
4	54.194.111.195 54.194.111.195	16509 (AMAZON-02) (AMAZON-02)
2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
5	139.45.195.91 139.45.195.91	9002 (RETN-AS) (RETN-AS)
5	139.45.195.167 139.45.195.167	9002 (RETN-AS) (RETN-AS)
1	139.45.197.61 139.45.197.61	9002 (RETN-AS) (RETN-AS)
1	34.96.106.9 34.96.106.9	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:56b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.190.74.92 35.190.74.92	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
5	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1 2	52.45.216.60 52.45.216.60	14618 (AMAZON-AES) (AMAZON-AES)
3	34.107.222.173 34.107.222.173	15169 (GOOGLE) (GOOGLE)
2	139.45.197.9 139.45.197.9	9002 (RETN-AS) (RETN-AS)
305	110

1 52.3.60.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-60-128.compute-1.amazonaws.com

daffodil-ruddy-run.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.196.2.1 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.bcloudhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:bbbc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.popmyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popmyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8916 (United States)

ASN13335 (CLOUDFLARENET, US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.161.17 (France)

ASN16276 (OVH, FR)
PTR: ip17.ip-51-68-161.eu

onegalact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.161.20 (France)

ASN16276 (OVH, FR)
PTR: ip20.ip-51-68-161.eu

waxtamnit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.201 (Ascension Island)

ASN9002 (RETN-AS, GB)

kumteerg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 139.45.196.200 (Ascension Island)

ASN9002 (RETN-AS, GB)

choupsee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.253 (Ascension Island)

ASN9002 (RETN-AS, GB)

choogeet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f400:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.52 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.theverge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.124 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.vox-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.196.124 (United States)

ASN54113 (FASTLY, US)

cdn.concert.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
concertads-configs.vox-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.192.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e00:1d:bf0d:abc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2sbzwmcg5amr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.33 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-33.fra2.r.cloudfront.net

djv99sxoqpv11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d1a (United States)

ASN13335 (CLOUDFLARENET, US)

coinpayu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.123 (Ascension Island)

ASN9002 (RETN-AS, GB)

stawhoph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:af6:eab:2108:1892:6d8 (United States)

ASN15133 (EDGECAST, US)

s.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.192.101.24 (Dallas, United States) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p405661.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p93920.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.59.184.172 (France)

ASN16276 (OVH, FR)
PTR: ip172.ip-37-59-184.eu

duetgypsyantis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.32.61.35 (France)

ASN16276 (OVH, FR)
PTR: ip35.ip-213-32-61.eu

seaboblit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1041 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.68.123 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 123.68.190.35.bc.googleusercontent.com

www.maxonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.32.115.25 (France)

ASN16276 (OVH, FR)
PTR: ip25.ip-213-32-115.eu

thetarhaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.13.139 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.139.13.251.148.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.21.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.18.199.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-199-66.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.narrativ.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 79.125.73.87 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.215.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

emagazing.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a21 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8512 (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.106 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.132.238 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

rcm-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.128.255.150 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-11.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.130.80 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p405661.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p93920.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)

frdqkhe5m6w2.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

frdqkhe5m6w2.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nwxv1igqbfpq.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)

frdqkhe5m6w2.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nwxv1igqbfpq.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-107.fra2.r.cloudfront.net

yiatelychur.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.11 (United States)

ASN53334 (TUT-AS, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.56.9 (United States)

ASN53334 (TUT-AS, US)

displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.38 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.131.145 (United States)

ASN13335 (CLOUDFLARENET, US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.241 (Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.110.23 (Chicago, United States)

ASN32748 (STEADFAST, US)

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.234.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.239.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.143.112 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:a9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.131.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.135.78 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.163.245.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.bam-x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5160::2 (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.20.75 (United States)

ASN13335 (CLOUDFLARENET, US)

ssp.zryydi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.188.188 (Netherlands)

ASN35415 (WEBZILLA, NL)

api.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.129 (Ascension Island)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.111.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.91 (Ascension Island)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.167 (Ascension Island)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.61 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.9 (United States)

ASN15169 (GOOGLE, US)

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:56b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ads.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.74.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)

www.tradeadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.149.54 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Ascension Island)

ASN15169 (GOOGLE, US)

d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (United States)

ASN15169 (GOOGLE, US)

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.216.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.222.173 (United States)

ASN15169 (GOOGLE, US)

d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.9 (Ascension Island)

ASN9002 (RETN-AS, GB)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	yandex.ru 2 redirects mc.yandex.ru	69 KB
21	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re frdqkhe5m6w2.l4.adsco.re frdqkhe5m6w2.n4.adsco.re frdqkhe5m6w2.s4.adsco.re nwxv1igqbfpq.l4.adsco.re Failed nwxv1igqbfpq.n4.adsco.re nwxv1igqbfpq.s4.adsco.re	35 KB
19	mgid.com 4 redirects jsc.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com c.mgid.com	313 KB
15	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	952 KB
12	pubmine.com 2 redirects s.pubmine.com c0.pubmine.com	59 KB
11	emagazing.fun emagazing.fun	4 KB
10	mycdn.co p405661.mycdn.co p93920.mycdn.co	162 KB
10	shorte.st 2 redirects cdn.shorte.st api.shorte.st ads.shorte.st	49 KB
8	adskeeper.com jsc.adskeeper.com servicer.adskeeper.com cm.adskeeper.com s-img.adskeeper.com c.adskeeper.com	105 KB
8	choupsee.com choupsee.com	87 KB
7	permutive.com cdn.permutive.com api.permutive.com	102 KB
7	google.com accounts.google.com www.google.com	36 KB
6	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com	5 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	311 KB
5	toglooman.com toglooman.com	124 KB
5	inpagepush.com inpagepush.com	32 KB
5	criteo.com 2 redirects gum.criteo.com mug.criteo.com	3 KB
5	revcontent.com assets.revcontent.com trends.revcontent.com	86 KB
5	infopicked.com infopicked.com	42 KB
5	concert.io cdn.concert.io	294 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com	3 KB
4	pubmatic.com ads.pubmatic.com	168 KB
4	seedtag.com config.seedtag.com s.seedtag.com	139 KB
4	googlesyndication.com pagead2.googlesyndication.com	179 KB
4	amazon-adsystem.com 2 redirects c.amazon-adsystem.com rcm-na.amazon-adsystem.com	34 KB
3	permutive.app d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app	559 B
3	tradeadexchange.com www.tradeadexchange.com	16 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
3	a-ads.com ad.a-ads.com
3	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	55 KB
3	bidvertiser.com bdv.bidvertiser.com	9 KB
3	clksite.com 3 redirects p405661.clksite.com p93920.clksite.com clksite.com	739 B
3	moatads.com z.moatads.com mb.moatads.com px.moatads.com	71 KB
3	googletagservices.com www.googletagservices.com	58 KB
3	kumteerg.com kumteerg.com	67 KB
3	onegalact.com onegalact.com	1 KB
3	bcloudhost.com www.bcloudhost.com
2	onstunkyr.com onstunkyr.com	964 B
2	rkdms.com 1 redirects mid.rkdms.com	872 B
2	wowreality.info o.wowreality.info	414 B
2	rlcdn.com api.rlcdn.com	276 B
2	bam-x.com api.bam-x.com	825 B
2	gstatic.com fonts.gstatic.com	31 KB
2	advertising.com 2 redirects pixel.advertising.com	723 B
2	3lift.com 2 redirects eb2.3lift.com	899 B
2	rubiconproject.com eus.rubiconproject.com ads.rubiconproject.com	89 KB
2	33across.com ssc-cms.33across.com	72 B
2	emxdgt.com 2 redirects cs.emxdgt.com	557 B
2	adskeeper.co.uk jsc.adskeeper.co.uk cdn.adskeeper.co.uk	69 KB
2	freychang.fun freychang.fun	1 KB
2	displayvertising.com www.displayvertising.com displayvertising.com	10 KB
2	popads.net c1.popads.net serve.popads.net	10 KB
2	cloudflare.com cdnjs.cloudflare.com	4 KB
2	cloudfront.net d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net	206 KB
2	vox-cdn.com cdn.vox-cdn.com concertads-configs.vox-cdn.com	47 KB
2	exosrv.com a.exosrv.com syndication.exosrv.com	39 KB
2	mellowads.com mellowads.com	32 KB
2	popmyads.com 1 redirects cdn.popmyads.com popmyads.com	31 KB
1	casalemedia.com as-sec.casalemedia.com	325 B
1	prmutv.co d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co	296 B
1	indexww.com js-sec.indexww.com	14 KB
1	lalaping.com static.lalaping.com	33 KB
1	onmarshtompor.com onmarshtompor.com
1	bedrapiona.com bedrapiona.com	2 KB
1	zryydi.com ssp.zryydi.com
1	adtelligent.com s.adtelligent.com
1	iclickcdn.com iclickcdn.com	23 KB
1	mookie1.com odr.mookie1.com	324 B
1	teads.tv sync.teads.tv
1	media.net contextual.media.net
1	sonobi.com 1 redirects sync.go.sonobi.com	851 B
1	yiatelychur.top yiatelychur.top	501 B
1	buysellads.net cdn4.buysellads.net	25 KB
1	carbonads.net srv.carbonads.net	934 B
1	buysellads.com srv.buysellads.com	725 B
1	assoc-amazon.com ws-na.assoc-amazon.com
1	rtmark.net my.rtmark.net	785 B
1	facebook.com www.facebook.com
1	narrativ.com static.narrativ.com	42 KB
1	ipfind.co ipfind.co	590 B
1	consensu.org quantcast.mgr.consensu.org
1	thetarhaw.com thetarhaw.com	1 KB
1	maxonclick.com www.maxonclick.com	71 B
1	googleapis.com ajax.googleapis.com	34 KB
1	seaboblit.com seaboblit.com	1 KB
1	servedby-buysellads.com m.servedby-buysellads.com	16 KB
1	carbonads.com cdn.carbonads.com	6 KB
1	duetgypsyantis.com duetgypsyantis.com	1 KB
1	aolcdn.com s.aolcdn.com	10 KB
1	stawhoph.com stawhoph.com
1	coinpayu.com coinpayu.com	149 KB
1	theverge.com www.theverge.com	120 KB
1	thisiswaldo.com cdn.thisiswaldo.com	81 KB
1	choogeet.net choogeet.net	38 KB
1	waxtamnit.com waxtamnit.com	1 KB
1	glitch.me daffodil-ruddy-run.glitch.me	137 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	openx.net Failed u.openx.net Failed
0	webglstats.com Failed cdn.webglstats.com Failed
305	101

	Domain	Requested by
22	mc.yandex.ru	2 redirects daffodil-ruddy-run.glitch.me mc.yandex.ru
12	s-img.mgid.com	daffodil-ruddy-run.glitch.me
11	emagazing.fun	d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net
11	s.pubmine.com	2 redirects daffodil-ruddy-run.glitch.me c0.pubmine.com
9	served-by.pixfuture.com	daffodil-ruddy-run.glitch.me served-by.pixfuture.com
8	choupsee.com	daffodil-ruddy-run.glitch.me choupsee.com
6	api.shorte.st	cdn.shorte.st
6	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com daffodil-ruddy-run.glitch.me
5	api.permutive.com	cdn.permutive.com
5	www.google.com	daffodil-ruddy-run.glitch.me
5	toglooman.com	iclickcdn.com toglooman.com
5	inpagepush.com	iclickcdn.com inpagepush.com
5	ib.adnxs.com	4 redirects cdn.permutive.com
5	p93920.mycdn.co	p93920.clksite.com p93920.mycdn.co clksite.com daffodil-ruddy-run.glitch.me
5	p405661.mycdn.co	p405661.clksite.com p93920.mycdn.co daffodil-ruddy-run.glitch.me p405661.mycdn.co
5	securepubads.g.doubleclick.net	1 redirects daffodil-ruddy-run.glitch.me www.googletagservices.com
5	infopicked.com	daffodil-ruddy-run.glitch.me p93920.mycdn.co
5	cdn.concert.io	daffodil-ruddy-run.glitch.me cdn.concert.io
4	c.mgid.com	4 redirects
4	trends.revcontent.com	assets.revcontent.com daffodil-ruddy-run.glitch.me
4	x.bidswitch.net	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	ads.pubmatic.com	c0.pubmine.com daffodil-ruddy-run.glitch.me
4	adsco.re	c.adsco.re
4	4.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
4	6.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
4	c.adsco.re	c1.popads.net www.displayvertising.com c.adsco.re
4	pagead2.googlesyndication.com	daffodil-ruddy-run.glitch.me pagead2.googlesyndication.com
3	d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app	cdn.permutive.com
3	www.tradeadexchange.com	cdn.shorte.st www.tradeadexchange.com
3	www.google-analytics.com	daffodil-ruddy-run.glitch.me www.google-analytics.com
3	gum.criteo.com	2 redirects assets.revcontent.com
3	s-img.adskeeper.com	daffodil-ruddy-run.glitch.me
3	config.seedtag.com	daffodil-ruddy-run.glitch.me config.seedtag.com
3	cdn.shorte.st	1 redirects daffodil-ruddy-run.glitch.me cdn.shorte.st
3	ad.a-ads.com	daffodil-ruddy-run.glitch.me
3	bdv.bidvertiser.com	daffodil-ruddy-run.glitch.me bdv.bidvertiser.com
3	www.googletagservices.com	daffodil-ruddy-run.glitch.me
3	kumteerg.com	daffodil-ruddy-run.glitch.me kumteerg.com
3	onegalact.com	daffodil-ruddy-run.glitch.me
3	www.bcloudhost.com	daffodil-ruddy-run.glitch.me
2	onstunkyr.com	daffodil-ruddy-run.glitch.me
2	mid.rkdms.com	1 redirects daffodil-ruddy-run.glitch.me
2	cdn.permutive.com	cdn.concert.io cdn.permutive.com
2	o.wowreality.info	static.lalaping.com
2	api.rlcdn.com	ads.pubmatic.com js-sec.indexww.com
2	api.bam-x.com	static.narrativ.com daffodil-ruddy-run.glitch.me
2	mug.criteo.com	daffodil-ruddy-run.glitch.me
2	cm.adskeeper.com	jsc.adskeeper.com
2	log.outbrainimg.com	widgets.outbrain.com
2	fonts.gstatic.com	daffodil-ruddy-run.glitch.me
2	pixel.advertising.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ssc-cms.33across.com	c0.pubmine.com daffodil-ruddy-run.glitch.me
2	cs.emxdgt.com	2 redirects
2	rcm-na.amazon-adsystem.com	2 redirects
2	freychang.fun	d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net
2	accounts.google.com	daffodil-ruddy-run.glitch.me
2	widgets.outbrain.com	daffodil-ruddy-run.glitch.me widgets.outbrain.com
2	cdnjs.cloudflare.com	daffodil-ruddy-run.glitch.me
2	c.amazon-adsystem.com	daffodil-ruddy-run.glitch.me c.amazon-adsystem.com
2	mellowads.com	daffodil-ruddy-run.glitch.me mellowads.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co	cdn.permutive.com
1	ads.rubiconproject.com	cdn.concert.io
1	js-sec.indexww.com	cdn.concert.io
1	servicer.mgid.com	jsc.mgid.com
1	cdn.mgid.com	daffodil-ruddy-run.glitch.me
1	ads.shorte.st	1 redirects
1	static.lalaping.com	toglooman.com
1	s.seedtag.com	config.seedtag.com
1	onmarshtompor.com	iclickcdn.com
1	concertads-configs.vox-cdn.com	cdn.concert.io
1	bedrapiona.com	iclickcdn.com
1	ssp.zryydi.com	cdn.shorte.st
1	s.adtelligent.com	cdn.thisiswaldo.com
1	px.moatads.com	daffodil-ruddy-run.glitch.me
1	mb.moatads.com	z.moatads.com
1	iclickcdn.com	daffodil-ruddy-run.glitch.me
1	jsc.mgid.com	daffodil-ruddy-run.glitch.me
1	c.adskeeper.com	daffodil-ruddy-run.glitch.me
1	cdn.adskeeper.co.uk	daffodil-ruddy-run.glitch.me
1	servicer.adskeeper.com	jsc.adskeeper.com
1	odr.mookie1.com	daffodil-ruddy-run.glitch.me
1	sync.teads.tv	c0.pubmine.com
1	contextual.media.net	c0.pubmine.com
1	eus.rubiconproject.com	c0.pubmine.com
1	acdn.adnxs.com	c0.pubmine.com
1	sync.go.sonobi.com	1 redirects
1	widget-pixels.outbrain.com	daffodil-ruddy-run.glitch.me
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	clksite.com	1 redirects
1	c0.pubmine.com	daffodil-ruddy-run.glitch.me
1	displayvertising.com	www.displayvertising.com
1	serve.popads.net	c1.popads.net
1	yiatelychur.top	daffodil-ruddy-run.glitch.me
1	cdn4.buysellads.net	daffodil-ruddy-run.glitch.me
1	nwxv1igqbfpq.s4.adsco.re	c.adsco.re
1	nwxv1igqbfpq.n4.adsco.re	c.adsco.re
1	frdqkhe5m6w2.s4.adsco.re	c.adsco.re
1	frdqkhe5m6w2.n4.adsco.re	c.adsco.re
1	frdqkhe5m6w2.l4.adsco.re	c.adsco.re
1	srv.carbonads.net	cdn.carbonads.com
1	jsc.adskeeper.co.uk	daffodil-ruddy-run.glitch.me
1	srv.buysellads.com	m.servedby-buysellads.com
1	ws-na.assoc-amazon.com	daffodil-ruddy-run.glitch.me
1	my.rtmark.net	daffodil-ruddy-run.glitch.me
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	syndication.exosrv.com	a.exosrv.com
1	www.facebook.com	daffodil-ruddy-run.glitch.me
1	static.narrativ.com	daffodil-ruddy-run.glitch.me
1	www.displayvertising.com	daffodil-ruddy-run.glitch.me
1	c1.popads.net	daffodil-ruddy-run.glitch.me
1	ipfind.co	cdn.thisiswaldo.com
1	quantcast.mgr.consensu.org	cdn.thisiswaldo.com
1	assets.revcontent.com	daffodil-ruddy-run.glitch.me
1	thetarhaw.com	daffodil-ruddy-run.glitch.me
1	www.maxonclick.com	daffodil-ruddy-run.glitch.me
1	jsc.adskeeper.com	daffodil-ruddy-run.glitch.me
1	ajax.googleapis.com	daffodil-ruddy-run.glitch.me
1	p93920.clksite.com	1 redirects
1	seaboblit.com	daffodil-ruddy-run.glitch.me
1	m.servedby-buysellads.com	daffodil-ruddy-run.glitch.me
1	cdn.carbonads.com	daffodil-ruddy-run.glitch.me
1	duetgypsyantis.com	daffodil-ruddy-run.glitch.me
1	p405661.clksite.com	1 redirects
1	s.aolcdn.com	daffodil-ruddy-run.glitch.me
1	stawhoph.com	daffodil-ruddy-run.glitch.me
1	coinpayu.com	daffodil-ruddy-run.glitch.me
1	djv99sxoqpv11.cloudfront.net	daffodil-ruddy-run.glitch.me
1	d2sbzwmcg5amr3.cloudfront.net	daffodil-ruddy-run.glitch.me
1	z.moatads.com	daffodil-ruddy-run.glitch.me
1	cdn.vox-cdn.com	daffodil-ruddy-run.glitch.me
1	www.theverge.com	daffodil-ruddy-run.glitch.me
1	a.exosrv.com	daffodil-ruddy-run.glitch.me
1	cdn.thisiswaldo.com	daffodil-ruddy-run.glitch.me
1	choogeet.net	daffodil-ruddy-run.glitch.me
1	waxtamnit.com	daffodil-ruddy-run.glitch.me
1	popmyads.com	daffodil-ruddy-run.glitch.me
1	cdn.popmyads.com	1 redirects
1	daffodil-ruddy-run.glitch.me
0	match.adsrvr.org Failed	ads.pubmatic.com js-sec.indexww.com
0	u.openx.net Failed	c0.pubmine.com
0	nwxv1igqbfpq.l4.adsco.re Failed	c.adsco.re
0	cdn.webglstats.com Failed	daffodil-ruddy-run.glitch.me
305	145

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.coinpayu.com
srv.carbonads.net
carbonads.net
widgets.adskeeper.com
www.adskeeper.com
www.intango.com
widgets.mgid.com
brainberries.co
shorte.st

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
kumteerg.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
choupsee.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
choogeet.net R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-07` - `2021-08-01`	a year	crt.sh
*.voxmedia.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.concert.io Go Daddy Secure Certificate Authority - G2	`2020-02-20` - `2022-04-20`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.infopicked.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
maxonclick.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-22` - `2022-01-22`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
assets.revcontent.com R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
1503693843.rsc.cdn77.org R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
static.narrativ.com Amazon	`2020-05-28` - `2021-06-28`	a year	crt.sh
emagazing.fun Amazon	`2020-11-16` - `2021-12-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
ws-na.assoc-amazon.com Amazon	`2020-04-10` - `2021-03-16`	a year	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
*.l4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
*.n4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
*.s4.adsco.re R3	`2021-01-19` - `2021-04-19`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-10` - `2021-04-09`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
s.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-10-27`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-11-19` - `2021-02-17`	3 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-10-22`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
api.narrativ.com Amazon	`2020-05-28` - `2021-06-28`	a year	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
s.adtelligent.com R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
*.shorte.st Sectigo RSA Domain Validation Secure Server CA	`2019-10-18` - `2020-12-16`	a year	crt.sh
bedrapiona.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
inpagepush.com R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
toglooman.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.prmutv.co R3	`2020-12-09` - `2021-03-09`	3 months	crt.sh
api.permutive.com R3	`2020-12-23` - `2021-03-23`	3 months	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh
tradeadexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-16` - `2022-07-01`	2 years	crt.sh
*.partner.permutive.app R3	`2021-01-28` - `2021-04-28`	3 months	crt.sh
onstunkyr.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh

This page contains 43 frames:

Primary Page: http://daffodil-ruddy-run.glitch.me/
Frame ID: FFF2A80E50AD989E98D6DEDCE405B448
Requests: 231 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90
Frame ID: 8CCF6872593BDD4798E7E1F5E58B354C
Requests: 1 HTTP requests in this frame

Frame: http://emagazing.fun/ZURlY0IEJgYOfQR5B0U3FyhYRnAjYVclJlc3Bxk1CCcCViMINlZNIQkrEAckFysLF2wLIRFGcCMMMDQqEB0fJjsnMyQlBgwRJyAuUQ48UjIHETQ1cSQsVS4aHAIzIQFUAycLMTwHPRAuMhIWVQQcETYgLlEFARQTNQAzOTExIxYtFwg8PzADLxIoUhQEFjA2KiczMwYUDCc2ITojHCgUciIHDQApJhIoLBoMNyciJVwVASUtChINWioxEh03BTEzLycTFSIvMiEBBx0xKy4vETEDMSMiJCU/IAElMgAACSI7MRIdNxoMDis7BCsOASUyABECJg0yEkgMeicMDS0aIwo0KhACBycIG1UHAjYJNxw3AgkjHSY5KT8gMzEQDxMgOgsyFzAlAw4dISYpVCcwUnJRBRIXBSR2IDMBEgYEMykjCDAyBxwFJxQPPQA3LRomES86KT8hMTIUAhMjUgwndictGiMKJi4DURQgNSpVEwwLFSQpPyQaMxE9KQQwYg8QLQs0WAkMEhMWFSgvMFRWGw
Frame ID: CD40B6AC076177CEF3A324CA6742D3FF
Requests: 1 HTTP requests in this frame

Frame: http://emagazing.fun/MWFIcnJQAysfTVBcKlQHQw11V0B3RHo0FgMSKggFXAIvRxNcE3tcEV0OPRYUQw4mBlxfBDxXQHcnGhgoaAIPFR5mNRElJEsrLiI3ADAuBUdeMHkKFWkiOxQwWzgEIgp4Ki4fK34uCjMzVCY7AypIIBk+M14sLQUWFFMKOjNaDh0lJGYlGxokazQOPTgAKH4mJEkGGRsVVyB7BiB9BicwPHcgfjQjcBcNMUJjNxsGKHgJIzc5XQVxIxsEGw81Gmc2JisXfzMNPj4ABjs6CkIUDUABSDUQIzV8M3wROwARcSMeVhMeCAZnNiYoKHpQHhMWWlRxIx5ZUgoVX1UjEDAZdQIeJBNVDSsdM3AwIiMmATIJC0tyBx07B1IWHgQqXRU/N0BBIBkxQ1QtCkI3aBYZECRnEXolGHQDDCU/dAAKETx7N3hBJWRQeDAYQjgPGx5TMR4kE3AgfQAqXQknMx9dIB9AFXAAHiQTVQodRzRWCngqQQAiBBw/dwN5RxBSIwkGJmBHIgEdXxF1FRBTWRgkOkknBkEoBgc
Frame ID: B39B321E52FAA3CEB984B86FAFFD906B
Requests: 1 HTTP requests in this frame

Frame: http://emagazing.fun/SW9YTHgoDTshRyhSOmoNOwNlaUoPSmoKHHscOjYPJAw/eRkkHWtiGyUALSgeOwA2OFYnCixpSg8DDgs2ICEiDUsNLiAePDAuEw4fJiYBCjoYLgkKAQo9HhUgID09BhUbPBkmPRsuNR08HDwCHzl6JgALPgQhAhktBjk0eAIRBAofICMLPRkADz0VDT4vLiAVEAgDYS0gMFsTCBQ9PTsaPSIuMHkTGwMZBD8NBBsNLnwKEQ0PGzcgGhYAOjsKOQ1fFgoUAww7Gj4aODQJSxsDGQQgMAsfGTktJjsaPhotPw00HAMCIzoRXh8ZOS09Eg41BjozLwAIPnUgHRsnHh4yCCYcFUh4PRkeLiQ6aDwbHiwZAzwhJhsKSBM+Gn0PcCwZLysIAgkJOng9OgNIOScaHTl6LCAOIRE7HgstASoRFkh4PB8dKiU6aQkiCwIOCy0ICxwCKRwrChoUMToLHTsIXRYCLRgqDwUufUkyPxcnH2UIKys5Cj9NHThqCB16
Frame ID: 6A745A6DDC50CDDA0E4ED238FC70AE0F
Requests: 1 HTTP requests in this frame

Frame: http://emagazing.fun/cnc5RGITFVopXRNKW2IXABsEYVA0UgsCBkAEWz4VHxRecQMfBQpqAR4YTCAEABhXMEwcEk1hUDQOXAAKOyUIEQAkDmAsAxUPawgqAgNoBSRKEVQCBycdSistBRB/DwUVFXojEUs/bSNQJzYAdgEFD3oIKgIcYSgzAjxtDiQ6Hgk0LBkicyYLKw9+IzRKLmoBKyQOd3IvFUJ6DTYnDX4oUhU7VwksJS9sNS0VPWsOIQFHYRUNPRRXMCs6L0l3BCAhYw8bRkB9AgFFOwoGLhcaCHU4IDFuFCE7QmEVEkY8UxUAOi9Jdy0VBF0hDBEDYRUSRhNUEQwxLxQzOysxfCAHHBQJBycVHHAtKxYgUAkXOyEJDyYcPVQQGihAWhwgOTR+BREiJkESKDU9VwsaQ0FdPgkgIkB1CyhHUSIuISYcdiA0D38wBiUiWxEmHRh2BlIWEl4CFiEPY3ADJTFzByoGB2B0CRYSVycPNSENNCwmD10HBUcOYy9aJRIKAhg2JmxiCAEYVzRfEDh3NlEHLVQKCjVG
Frame ID: D5D2C83088E530C593D6E2A97AFC6008
Requests: 1 HTTP requests in this frame

Frame: http://emagazing.fun/SVdvWmooNQw3VShqDXwfOztSf1gPcl0cDiMhVmMZMTgeKhx4ZkE5BiYiCzwYJjkbdAQsI0poLB0YKDIlLQI1OCgwFjs/Pz4VJDECMRReY1MbZFc/KyNnDhEvIQEgHz8zA14tJhgWH39YDx87KikPL1s5JAsRWBk/fT4pGQIvATg9OwIRGwwMeBoBAis5LT4NKAQQLB8PLGYcHiEbJAcJDRwwKDAJLB88YyMCZgwJIDE8Hg0/eG8iaSceACguIi0/LhwmMQ4ZDAI+Py0zXi0AGCI7LRYIGCMIEgUML3hvPQkeExRdLiItOww4C3kzXQsveG89AgkAGVx3UwsQPmsoKGcLaD0bMEpoKA4EIQouGiAKFloxGQkeJDMUXmMNGzkuPj0nYgsWPAg0JiIGIxQGLhgbZDUPKxoCPgMdOQ4kCCslAhg+BBwfPhMpMA4nETwcGQ5qCQgWKS4NGwAIFz0RYig7K3wNDmoOewQYMQUPEz0IPhEgFTkdPTE2HzA+HwdrEG89HDUEOWoZah8+YypvJg4iG207
Frame ID: C7C9A7F64FAB479AB7B824E48617F40A
Requests: 1 HTTP requests in this frame

Frame: http://emagazing.fun/QndDeFMjFSAVbCNKIV4mMBt+XWEEUnE+NygBekEgOhgyCCVzRm0bPy0CJx4hLRk3Vj0nA2ZKFRYUBSIhGC8KLBwTIgcsAhNScT4Xcx8FKWEELhUTGRUnAR8YCjYBChI1HCU5FBskAC0aCRQBQDUEHHIWBxMcFzA5BCASADAnORUiBhQ1BgEQFB8ELjoPPBQ6ayQ7AjEZCh8FAgQROQsgPhg4FUgZGzg0FxQFD3cREQAuIi4EFwcSPREDJzQtAQQPOwIEFCIlPQcUOBVIGiQ9Fk0LExArAgQUIQcpEi4WFitiBBFzTQsTHwYVFDUcGzopDz0HECAHFHJVOCglczY7ECEZPQUVJSEsASkuCh8KCCFzMQUWGyc7GwZPAjkVJjQZHyQDMhELZhMcATkCBiIHPityEw5IZho5BhA/ECEVGwEFEyEuPzowGUhmGiYkNWAGJhI5FBo5GTFjJjMaLQUVJQUhORQQZRIgLRkzRTsuGjNIKi5HOQ
Frame ID: C1565A3EB6562F302E4D1784F88157DB
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111
Frame ID: 1AF12EB8C2F755D627CA4A3C808D5196
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Frame ID: 5E96F4CA0116A7A0866EEAAC77B2B920
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Frame ID: B788A73D4AE2F21AF02E80B75F0643BA
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1120283?size=120x90
Frame ID: F4EC1E80EAFE474CEBA7937FCE52647D
Requests: 1 HTTP requests in this frame

Frame: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=55931277440535&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=55931277440535&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Frame ID: D6C80C90A1D54B0B1842ACC4C450E6BC
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: 68724F7EBD5757CA0218C4AD8BDE6541
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: E65BDEF07D25A2C598C1825938E4B199
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false
Frame ID: 2AA4DE0E28E12CA84F1AE0895E1D9C0A
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 5A0B0F43BF82AC846B97830805FF0130
Requests: 1 HTTP requests in this frame

Frame: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=3542x300x250x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=3542x300x250x700x_ADSLOT1&flag=true
Frame ID: 93ED09B057D801E43C791F804FB8CF94
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 75D79046EC8260A674FF7ED721DBD62C
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=13&external_user_id=b862886f-65ed-4739-a0bf-53b49aa825c5&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: E3D57E8012E8BF633509D262567F6609
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: D33A4B0B0670FB4E62CABA1DA379F4DB
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/ul_cb/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1
Frame ID: 719C6A3FF8F2C9676CA97277126BA66E
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/ul_cb/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-
Frame ID: 298AD787126D832F7C2EAB7F0E1AC238
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Frame ID: 4A18BEDD81B4CD7596AC3654FF283927
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5902AAA7C31F44F831D61DC8C325627B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Frame ID: 0D7F58C2A51F724959E3815DAAA84A36
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B613049EE3A6D8A817726E36CB8E5ABD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Frame ID: B0500501354EE552627C676A4B2F6DD2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BD71F8222B0C450EE4685F36E0358FF3
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe
Frame ID: FE7EC6CCC08A04876E2A4E10DE5B64FC
Requests: 1 HTTP requests in this frame

Frame: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Frame ID: 1DF2834E50E64C25ED6138D240F0F966
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 87DA8E2A9038B76D21D79310AEB80B60
Requests: 11 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1612317406083306285938
Frame ID: 3677BDD5A39B6E66BE71EB6A0BC3B1B7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 47B39D5DF28309EFD64C9A863B887DFC
Requests: 11 HTTP requests in this frame

Frame: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 1CB6C2BAE5F6D7477DA37BD0502DCE4B
Requests: 2 HTTP requests in this frame

Frame: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 5A8AED92D6EBE89C8D8BC23FFEDD69E0
Requests: 2 HTTP requests in this frame

Frame: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=121131
Frame ID: 8BDB4188180199DCC10CD2A6DA05373A
Requests: 5 HTTP requests in this frame

Frame: https://api.bam-x.com/api/v0/session.html
Frame ID: 44222C804AFE775B0E147888BD4E8260
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: 0147AD80C0700CEA2BA689CAFA7453A8
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: F8362DDC97491AF6CBE849095B2D2763
Requests: 1 HTTP requests in this frame

Frame: http://onmarshtompor.com/fac.php
Frame ID: 07AFAE850B23598051DEE4099CA4DAA4
Requests: 1 HTTP requests in this frame

Frame: http://www.tradeadexchange.com/a/display.php?r=1329377
Frame ID: DD5DCC2637A233B2E2905F854534E555
Requests: 1 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88
Frame ID: 1666700BEFC6F616690107D40BC4B810
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

305
Requests

64 %
HTTPS

26 %
IPv6

101
Domains

145
Subdomains

110
IPs

9
Countries

4985 kB
Transfer

12826 kB
Size

0
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://www.coinpayu.com/?r=tteggeufgy

Search URL Search Domain Scan URL

URL: https://srv.carbonads.net/ads/click/x/GTND42JJCV7DE277CKSLYKQNC67D6K7YC67D5Z3JCYYI6K77CWAI5K7KC67IC27WCABI553NCABDEK3JCWYIE53WHEYIKKQLCKYIVK3ECTNCYBZ52K?segment=placement:dsawrewreafera;

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=dsawrewreafera&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1056221

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7679855/i/57390646/2/pp/1/1?h=lzYMwwKSNY8ifYNLq6BDDGiuaoG6aBT0kzNZf6yWebh3fvVUDZbeLSFduZ-dACiA&rid=12072908-65c3-11eb-a6e4-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7806760/i/57390646/2/pp/2/1?h=hes20aDHA1TdYyUwFD4zA1aESMULTBtu8bdkZFL7hvF17xR5NuYDjyo9BEpElQTo&rid=12072908-65c3-11eb-a6e4-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/5094911/i/57390646/2/pp/3/1?h=OYLfUJXQuf4z_PMdE5AGgqbo-Q1LxDsJO5rVFE4RjYWa7v77gAf3mF34AJUiTbDG&rid=12072908-65c3-11eb-a6e4-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=daffodil-ruddy-run.glitch.me&utm_medium=referral&utm_campaign=widgets&utm_content=147802

Search URL Search Domain Scan URL

URL: https://brainberries.co/travel/17-astonishingly-beautiful-cave-churches-around-the-world/

Search URL Search Domain Scan URL

URL: https://brainberries.co/culturearts/10-hyper-realistic-3d-street-art-by-odeith/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/top-9-most-bizarre-places-to-get-married/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/8-superfoods-that-can-help-you-with-hair-loss/

Search URL Search Domain Scan URL

URL: https://shorte.st/?utm_source=daffodil-ruddy-run.glitch.me&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cdn.popmyads.com/pma.js HTTP 301
https://popmyads.com/x/pma

Request Chain 24

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom HTTP 301
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

Request Chain 31

http://p93920.clksite.com/adServe/banners?tid=93920_153711_0 HTTP 301
https://infopicked.com/adServe/banners?tid=93920_153711_0

Request Chain 46

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 72

http://cdn.shorte.st/link-converter.min.js HTTP 301
https://cdn.shorte.st/link-converter.min.js

Request Chain 82

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 301
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

Request Chain 117

http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 HTTP 301
https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5

Request Chain 129

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=13&external_user_id=b862886f-65ed-4739-a0bf-53b49aa825c5&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 131

https://cs.emxdgt.com/um?ssp=pbs&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D16%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%24UID HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D16%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%24EMXUID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D16%2526ssp_data%253D287fe991-806c-4157-a35c-094314e5962f%2526rid%253D784230874304%2526us_privacy%253D%2526gdpr%253D0%2526gdpr_consent%253D%2526external_user_id%253D%2524EMXUID HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=4075567622729266895&redirect=https://s.pubmine.com/match?bidder_id=16&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=$EMXUID HTTP 302
https://s.pubmine.com/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1 HTTP 302
https://s.pubmine.com/ul_cb/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1

Request Chain 132

https://ups.analytics.yahoo.com/ups/58366/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58366/occ?verify=true HTTP 302
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA- HTTP 302
https://s.pubmine.com/ul_cb/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-

Request Chain 141

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://s.pubmine.com/match?bidder_id=12&external_user_id=17903821785207866523&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 142

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D10%2526external_user_id%253D%2524UID%2526ssp_data%253D287fe991-806c-4157-a35c-094314e5962f%2526rid%253D784230874304%2526us_privacy%253D%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://s.pubmine.com/match?bidder_id=10&external_user_id=2752708575326948989&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=

Request Chain 143

https://pixel.advertising.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=&apid=UP11bdc753-65c3-11eb-bef2-025cf823f9be HTTP 302
https://ups.analytics.yahoo.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=&apid=UP11bdc753-65c3-11eb-bef2-025cf823f9be&verify=true HTTP 302
https://s.pubmine.com/match?bidder_id=7&external_user_id=UP11bdc753-65c3-11eb-bef2-025cf823f9be&gdpr=0&gdpr_consent=

Request Chain 144

https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=287fe991-806c-4157-a35c-094314e5962f&user_id=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=wordpress&ssp_data=287fe991-806c-4157-a35c-094314e5962f&user_id=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp=wordpress&gdpr=0&gdpr_consent=

Request Chain 145

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 175

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=48v9bXxJOGhBejA4OWpsclE3TWxhTHFQSzRoaGNYQkFjYnlkOGhVRCtaS2NNOHBmMWo3OWhvUTZ0OHpiMFJFN0ZBcUlxTktOM3dEK2IyOWFBaHdxUkhTSElhNURzSUZYcDdXdTYvRjVxdThqcmJQaFhBdUQzUDJMTXEwK05rbXdhOWdpdjdEK20xVjNqWkNHTVZ0dHVVSzR5SEN3YW1aSnhreGtZQW4rTWN6dzVmZWZaZFlnWVZGQXhya3kyU09yR0hUbVA2KzR5SDJqRGd5cFJlM2pSNTZRSWtudXlvRHdEM3JDTGRlVzR3VGpKQ1ErdE9PVU82a3UzcEYydXNmRzhPVjkzfA&cppv=2

Request Chain 177

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=fyLtvHw4Y0hvd3ZBQWZGdGIvc3FUOVI2Q2srdnQ5SElyODVQUzNPT21YRldXREhvUksvRndoWXRCeGJLOWYrcGVPWVZTVjlkQVJOUWxxcFB6UzZ1aHVIRWpveW1YcElVTnVVV3RoMUFIZHRGMFNueUoxeDBEZWdoMm82MkNFbmhQaFlTM2cxRUNHTk4zc1NnTlZXU1ZtWTZhQlI5OStMalBQRXlEY28yNUpldUNMZUQ2Q2VwWDFCRnVTUDdSdE1tY2hkQlZyaitHcjN1VHNxZndodzVwYUI0a0lmZ1lRNTUrZytVb0pFZmNXTHEwMlN0Z1cxVnJMSXlFbGVoTGpKWThSZ1BrfA&cppv=2

Request Chain 204

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A1505%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025648%3Aet%3A1612317408%3Ac%3A1%3Arn%3A768251138%3Arqn%3A1%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612317402117%3Awv%3A2%3Ads%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5675%2C52%2C%2C%2C%2C6235%3Adsn%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5363%2C52%2C%2C%2C%2C6235%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612317409%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020 HTTP 302
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A1505%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025648%3Aet%3A1612317408%3Ac%3A1%3Arn%3A768251138%3Arqn%3A1%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612317402117%3Awv%3A2%3Ads%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5675%2C52%2C%2C%2C%2C6235%3Adsn%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5363%2C52%2C%2C%2C%2C6235%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612317409%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Request Chain 224

http://trends.revcontent.com/event/generic HTTP 307
https://trends.revcontent.com/event/generic

Request Chain 239

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 242

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=11&cp.enc_url=&cp.type=overlay&cp.asid=037d5b445267f394e2e343ff39cd271eeaf0c08a HTTP 302
http://www.tradeadexchange.com/a/display.php?r=1329377

Request Chain 271

http://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=VOX HTTP 301
https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=VOX

Request Chain 284

https://c.mgid.com/c?pv=2&v=0|0|0|XGKJNvi_M7v-i2pnM-YjjwT7XHJs__11Zk9DqnaCEGuVMc_jfrwPt1ToFbDyCqpt&cid=218581&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5295256bcCHcp2ph2021020220h&psid=1_3850575&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgwNTIzOTEvMzI4eDMyOC8yMjZ4MHg3NjB4NzYwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpBdE1UQXZNVEF4T1RJMEx6QmtZakE1WVRBeU1UQmpZV0poTlRjMFltVXhPRGRtTVdGaU9URm1PV0l4TG1wd1pXYy53ZWJwP3Y9MTYxMjMxNzQxNy02aVdGblduaHZPOWt6ZkpzVzR2cU1ES0JrNm1RN1ZuaDBPSmw2SWIzbTg4 HTTP 301
https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88

Request Chain 294

https://c.mgid.com/c?pv=2&v=0|0|0|XGKJNvi_M7v-i2pnM-YjjwT7XHJs__11Zk9DqnaCEGuVMc_jfrwPt1ToFbDyCqpt&cid=218581&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5295256bcCHcp2ph2021020220h&psid=1_3850575&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgwNTIzOTEvMzI4eDMyOC8yMjZ4MHg3NjB4NzYwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpBdE1UQXZNVEF4T1RJMEx6QmtZakE1WVRBeU1UQmpZV0poTlRjMFltVXhPRGRtTVdGaU9URm1PV0l4TG1wd1pXYy53ZWJwP3Y9MTYxMjMxNzQxNy02aVdGblduaHZPOWt6ZkpzVzR2cU1ES0JrNm1RN1ZuaDBPSmw2SWIzbTg4 HTTP 301
https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88

Request Chain 298

https://c.mgid.com/c?pv=2&v=0|0|0|6tpn6_yocLf-V4-_GYyQII6d_j_K2EFfQcEOYlDpm_lAMOgQ2sYHv9Tc-_doPMWt&cid=756446&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5920476bcCHcp2ph2021020220h&psid=1_3850575&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgwNTIzOTMvMzI4eDMyOC8yOHgweDUxMHg1MTAvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakF0TVRBdk1UQXhPVEkwTHpVeE9UVmlOR0UwWmpnMU5tSTNaRGN6TkdVeFpUZzBNR1kyTnpJNU5EZGlMbXB3WldjLndlYnA_dj0xNjEyMzE3NDIyLW02MTBEVVBHbGxxZ3JiQkxNTVBneUYtOXJtUTY1bW9VNjBnWHFXaXg3OGc= HTTP 301
https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9rmQ65moU60gXqWix78g

Request Chain 299

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A125%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025703%3Aet%3A1612317424%3Ac%3A1%3Arn%3A499978351%3Arqn%3A2%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612317402117%3Awv%3A2%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612317424&force-urlencoded=1 HTTP 302
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A125%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025703%3Aet%3A1612317424%3Ac%3A1%3Arn%3A499978351%3Arqn%3A2%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612317402117%3Awv%3A2%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612317424&force-urlencoded=1

Request Chain 304

https://c.mgid.com/c?pv=2&v=0|0|0|6tpn6_yocLf-V4-_GYyQII6d_j_K2EFfQcEOYlDpm_lAMOgQ2sYHv9Tc-_doPMWt&cid=756446&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5920476bcCHcp2ph2021020220h&psid=1_3850575&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzgwNTIzOTMvMzI4eDMyOC8yOHgweDUxMHg1MTAvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakF0TVRBdk1UQXhPVEkwTHpVeE9UVmlOR0UwWmpnMU5tSTNaRGN6TkdVeFpUZzBNR1kyTnpJNU5EZGlMbXB3WldjLndlYnA_dj0xNjEyMzE3NDIyLW02MTBEVVBHbGxxZ3JiQkxNTVBneUYtOXJtUTY1bW9VNjBnWHFXaXg3OGc= HTTP 301
https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9rmQ65moU60gXqWix78g

305 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
daffodil-ruddy-run.glitch.me/ 136 KB
137 KB 457ms
428ms Document
text/html 52.3.60.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 52.3.60.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-60-128.compute-1.amazonaws.com
Software: /
Resource Hash: b0af03258eaf0b179f53ff86c2bc6106b037f7cdc84b286dac05b4ace2892e45

Request headers

Host: daffodil-ruddy-run.glitch.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139716
Connection: keep-alive
vary: Origin
accept-ranges: bytes
last-modified: Wed, 03 Feb 2021 01:52:42 GMT
cache-control: max-age=0
etag: W/"221c4-17765977a10"

GET
H/1.1 500
Internal Server Error invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 104ms
80ms Script
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H2

200

pma Show response
popmyads.com/x/
Redirect Chain

https://cdn.popmyads.com/pma.js
https://popmyads.com/x/pma

83 KB
30 KB

106ms
99ms

Script
text/html

2606:4700:3034::ac43:bbbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popmyads.com/x/pma
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kgQjAfOjMxbgtLgVRwzAPks%2FXzVS%2B9N0e4IBSs1wCPejkgJSWz7RW2dm8U%2BrF9HU%2FSQwahoA3k7Ves8Yi9swyT30o1Kp1UvjD3qZT%2BfBAmraYBimPn%2BJ6UU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 61b88977ce8b1772-FRA
cf-request-id: 0807343ed9000017723403e000000001

Redirect headers

date: Wed, 03 Feb 2021 01:56:42 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 630
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5vSG3WWdImXdSbuw4qAkkriIJZ2%2FYqidnaD0F%2FWomUBnyKJD8TodV3zn0%2BZVWpN5%2BzXur5zlGqAoS70GP3uy2HJfmD4hR%2Bk4TRDEdEYA8aVYSJQ%2FhCk4aLTHclbm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://popmyads.com/x/pma
cache-control: max-age=14400
cf-ray: 61b889779e651772-FRA
cf-request-id: 0807343ec5000017722a0e3000000001

GET
H/1.1 200
OK pop.js Show response
mellowads.com/ 423 B
926 B 257ms
251ms Script
application/javascript 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c03993e77bf55e58d17b139ad9310d775ab94a34ca1ca6f399695634efb2fa13

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-AspNet-Version: 4.0.30319
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
CF-RAY: 61b889777acbdff7-FRA
cf-request-id: 0807343eaf0000dff777b5f000000001
Expires: -1

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 66ms
31ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:42 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21431 Show response
waxtamnit.com/fGZK1mdRMO3Lzx3/ 0
1 KB 99ms
29ms Script
text/html 51.68.161.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://waxtamnit.com/fGZK1mdRMO3Lzx3/21431
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.20 , France, ASN16276 (OVH, FR),
Reverse DNS: ip20.ip-51-68-161.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21432 Show response
onegalact.com/pFFQARKPePsD/ 0
1 KB 76ms
44ms Script
application/javascript 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/pFFQARKPePsD/21432
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:42 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK tag.min.js Show response
kumteerg.com/pfe/current/ 42 KB
12 KB 123ms
37ms Script
application/javascript 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK tag.min.js Show response
choupsee.com/pfe/current/ 42 KB
12 KB 114ms
37ms Script
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK micro.tag.min.js Show response
choogeet.net/pfe/current/ 129 KB
38 KB 139ms
58ms Script
application/javascript 139.45.197.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=3461354
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.253 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:34 GMT
Server: nginx
ETag: W/"5fd22426-20534"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 8636.js Show response
cdn.thisiswaldo.com/static/js/ 269 KB
81 KB 19ms
7ms Script
application/javascript 2600:9000:21f3:f400:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.thisiswaldo.com/static/js/8636.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2600:9000:21f3:f400:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

25e802f6117b985e48f2a01af99b212a41e5bc64e16b2f1c4987cee1f7a5a66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 01 Feb 2021 07:50:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 151564
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 01 Feb 2021 07:12:13 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4356c-5ba4112b5fda4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: 9UrdfC5CRjCopGT5ruqqKfaSrTfXkcjkpmsvS16d7Dv6ErEBLWWGZw==

GET
H2 200 popunder1000.js Show response
a.exosrv.com/ 88 KB
38 KB 52ms
12ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exosrv.com/popunder1000.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: 7d62917a2e70a0614f552316bba25bd7f5cfffb99617dbbcd62e9fd084dbba8f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:42 GMT
content-encoding: gzip
last-modified: Wed, 03 Feb 2021 00:56:52 GMT
server: ECS (amb/6BBC)
age: 3590
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 39115
expires: Wed, 03 Feb 2021 04:56:42 GMT

GET
H2 200 chorus.css
www.theverge.com/style/community/372/35c556c4304fa485a9eb732131b9623c/ 664 KB
120 KB 78ms
25ms Stylesheet
text/css 151.101.113.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.theverge.com/style/community/372/35c556c4304fa485a9eb732131b9623c/chorus.css

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.52 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c33b32e9cad2570f73a60f88cf86b130b671f3671e7cea7ca4f05c37765005a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556952; preload
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 354254
x-cache: HIT
content-length: 122448
x-xss-protection: 1; mode=block
x-request-id: 98580bcc4623da327b70ea0137c15ebed7a9e692
x-served-by: cache-hhn4040-HHN
x-runtime: 0.174907
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-timer: S1612317403.954762,VS0,VE1
x-frame-options: SAMEORIGIN
date: Wed, 03 Feb 2021 01:56:42 GMT
x-download-options: noopen
vary: Accept-Encoding, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region, Origin, X-Forwarded-Proto, Cookie, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
content-type: text/css; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31556952, public, must-revalidate
etag: W/"c33b32e9cad2570f73a60f88cf86b130"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 concert_ads-f1797ae0ff80e696d213.js Show response
cdn.vox-cdn.com/packs/js/ 98 KB
40 KB 91ms
24ms Script
application/javascript 151.101.112.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.vox-cdn.com/packs/js/concert_ads-f1797ae0ff80e696d213.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.124 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a8603a88a0a1048e4163e6fa1b509bc7120def4437dba0af60102a7c4992f045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding, X-Valid-Scroll-User, X-Chorus-Unison-Testing, X-Chorus-Require-Privacy-Consent, X-Chorus-Restrict-In-Privacy-Consent-Region
age: 1079174
x-cache: MISS, HIT
x-cache-hits: 0, 15050
content-encoding: gzip
content-length: 40477
x-served-by: cache-hhn4023-HHN, cache-hhn4066-HHN
last-modified: Thu, 21 Jan 2021 14:08:58 GMT
server: nginx
x-timer: S1612317403.127596,VS0,VE0
etag: W/"60098afa-188ee"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
expires: Fri, 21 Jan 2022 14:10:29 GMT

GET
H2 200 concert_ads.js Show response
cdn.concert.io/lib/concert-ads/v2-latest/ 933 KB
277 KB 114ms
44ms Script
text/javascript 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 492cfc9eedaae641333838e935ec3b300fc20f0528120c63a99699f6b181687c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
age: 98479
via: 1.1 varnish
x-cache: HIT
x-amz-meta-surrogate-control: public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key: concert-delivery-system
content-length: 282765
x-amz-id-2: 2z9US/4odcXW3Iy5/HXaIyFWDKjKDnCpKNx3Xrxk83X6HD6t/HnmWvyAPjuKWwc+04Q6tGhirxo=
x-served-by: cache-hhn4071-HHN
last-modified: Mon, 01 Feb 2021 22:35:24 GMT
server: AmazonS3
x-timer: S1612317403.134778,VS0,VE0
etag: "43978cdf733bd166e7a252a04831eace"
x-amz-request-id: 2SCK0NESFHDJ9W5M
access-control-allow-origin: *
cache-control: public, max-age=60
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
x-cache-hits: 14

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 101ms
45ms Script
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: m.Wx5c17akL0ZDdjRDCoIM1PRpKlJoJG
content-encoding: gzip
server: Server
age: 561
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Wed, 03 Feb 2021 01:47:22 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MN_EwjwwQK_FQkinSxPExSP-mluiiavyigS2KdUvZ2Ctd2FObVPoJg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55079a25ae573f90cd94a4911ef0cd5031d07c9a21281b1e2d843b5fb42b1171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "772 / 249 of 1000 / last-modified: 1612307399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 19173
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:56:43 GMT

GET
H2 200 concert-concierge.2.8.0.min.js Show response
cdn.concert.io/lib/ 49 KB
16 KB 28ms
26ms Script
text/javascript 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/lib/concert-concierge.2.8.0.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68aa9818e0d0f8c60c5fc7e2b7921aa1a48a52e72e7da4caae29de34d030a6bf

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
age: 2162226
via: 1.1 varnish
x-cache: HIT
x-amz-meta-surrogate-control: public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key: concert-delivery-system
content-length: 16156
x-amz-id-2: ZBpOx9syRWl+YYEkdwG7tyrNOalVv38VX6RCLkYHpyieNLAwv6Q3IRds5XYCsd9XwyceFuCe+C4=
x-served-by: cache-hhn4071-HHN
last-modified: Fri, 15 May 2020 15:14:13 GMT
server: AmazonS3
x-timer: S1612317403.134755,VS0,VE0
etag: "d685c8f98156cbe695d939f995676060"
x-amz-request-id: 5H3TEJ4Y5Z6KDH3P
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
x-cache-hits: 41197

GET
H2 200 moatheader.js Show response
z.moatads.com/voxprebidheader841653991752/ 200 KB
71 KB 105ms
37ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aecd3ee6431ca5007c38d315e2260f8db435ce04225c9602591ff6bf5c865699

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 19:45:14 GMT
server: AmazonS3
x-amz-request-id: 72CB07934C5230AD
etag: "58d234beee3491a5a9f47e6bdf996359"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=14582
accept-ranges: bytes
content-length: 71847
x-amz-id-2: vmJLXjR/YgNgtLc5ZCOUGLxAr20GJdd2ZXMlV4nIc2c3XUa9YD0lHMQwdEAEnzjWWHuB5kQe4Oo=

GET
H/1.1 200
OK / Show response
d2sbzwmcg5amr3.cloudfront.net/ 429 KB
140 KB 179ms
167ms Script
text/plain 2600:9000:20eb:e00:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2600:9000:20eb:e00:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4d126fc09151907b8438933f36324c27e6d7e3d99188809b844ef0d1400820d3

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 142763
Via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: YyNfDCTI_97_r5AD25TCeNKynDQwbAyMT7I6pcfEKxidu1Mjs9dzbA==

GET
H/1.1 200
OK / Show response
djv99sxoqpv11.cloudfront.net/ 199 KB
66 KB 202ms
178ms Script
text/plain 13.224.195.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.224.195.33 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-33.fra2.r.cloudfront.net
Software: /
Resource Hash: 109a84490727f3a268b6467c6e8b7d76066e3eaf23c9dbbd833227a0d25447b1

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 67000
Via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
X-Amz-Cf-Id: krOwtVS3SgKLEnH-8DCLa37EJqqbk4p0ouzz0lt8mPiP0rNUSE-vGg==

GET
H2 200 468X60.gif
coinpayu.com/static/advertiser_banner/ 148 KB
149 KB 40ms
19ms Image
image/gif 2606:4700:20::681a:d1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coinpayu.com/static/advertiser_banner/468X60.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1794961
cf-polished: status=not_needed
content-length: 151259
cf-request-id: 080734402f0000dfe32421b000000001
last-modified: Wed, 13 Jan 2021 14:00:56 GMT
server: cloudflare
etag: "5ffefd18-24edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R1oF5ecoNFLpxvRkdBn3YKEVYxd023vB7YlTdVb%2F6eMUg%2BpJGt%2BCczkGDoM2fVDHqC1hWVF34SYW3QyWyJI1%2BJ%2BDlvxi9xAtdRbYaHBO%2BpggBwzWxMnZGEY%3D"}],"max_age":604800}
content-type: image/gif
expires: Fri, 12 Feb 2021 07:20:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 61b88979ec7bdfe3-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc69d10fb34b45d5325071130fa0fb2b1a7062160a8f5a34753e5bb90459218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47617
x-xss-protection: 0
server: cafe
etag: 7166616678842563878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 01:56:43 GMT

GET
H/1.1 200
OK afu.php Show response
stawhoph.com/ 0
0 76ms
53ms Script
text/html 139.45.195.123
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://stawhoph.com/afu.php?zoneid=3807985
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 139.45.195.123 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK adswrappermsni.js Show response
s.aolcdn.com/ads/ 28 KB
10 KB 15ms
8ms Script
application/javascript 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://s.aolcdn.com/ads/adswrappermsni.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 95fddf78880041d45ca14979cd85bc1bc6e1ab896fef029842a369946352c060

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Age: 21747
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-request-id: E6D6E5A9BC5A9F54
x-amz-id-2: s7y3hR6BIkyPooE1g97sM4oAG7EexOfi3BeX7wV3agfXfs+IXTQjNUQoyNKQ3Nge11/zi4LAORI=
x-amz-expiration: expiry-date="Mon, 26 May 5881631 00:00:00 GMT", rule-id="oath-standard-lifecycle"
Last-Modified: Sat, 14 Nov 2020 18:47:44 GMT
Server: ECAcc (frc/8E9E)
Etag: "94a8deeb78dcb94b81f2523ae1c9eb8b+gzip"
Vary: Accept-Encoding
x-amz-version-id: MpewYvXMv0mhQTNMLIwn9x2UhMWBqUKN
Cache-Control: public,max-age=86400
Content-Length: 9673
Content-Type: application/javascript

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

35 KB
13 KB

436ms
146ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 5b11aa147cc0eeaaff5b626102c817e865cdd45f527edcdb5e442b8846d7815b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK 16229 Show response
duetgypsyantis.com/txrerrgoIMFbsRz8/ 0
1 KB 107ms
36ms Script
text/html 37.59.184.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://duetgypsyantis.com/txrerrgoIMFbsRz8/16229

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

37.59.184.172 , France, ASN16276 (OVH, FR),

Reverse DNS

ip172.ip-37-59-184.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK BidVertiser.dbm Show response
bdv.bidvertiser.com/ 9 KB
9 KB 372ms
348ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-store
Connection: close
Content-Length: 9014
Content-Type: text/javascript

GET
H2 200 dataTables.bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/ 4 KB
2 KB 68ms
49ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/dataTables.bootstrap.min.css

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1582229
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 757
cf-request-id: 0807343f6f0000c281b99b2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-10c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cePRUQbfxIIZtY7V2y6C7bNtO%2FhEfLBFT9QBDpPgJmiEpfjZDFuHBBlCf0iXNNbNyksZoE28GSA8FAjqiJin8ISD1iMwlb4cUAjWMOBFQiD%2BG9%2BwUU8f33RPFT1oyqc9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61b88978bb72c281-FRA
expires: Mon, 24 Jan 2022 01:56:42 GMT

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 15 KB
6 KB 310ms
291ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1165669e2a76f3ab389a6b08d3aff86bc05cc880b763811a0268e1da4b145e2f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 15:56:04 GMT
Server: NetDNA-cache/2.2
ETag: W/"3de6-5b9f7ecc9a906"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 61 KB
16 KB 69ms
45ms Script
application/javascript 108.161.189.78
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://m.servedby-buysellads.com/monetization.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: b2ec90d9f615e6cf0243ddd6b87e717fae333772847642694beb3e708f2cf889

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jan 2021 16:13:02 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 278E6D8BFFCA9FCF
ETag: W/"63463f714e5303e30c3d68d0d0e0639a"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: 7Hqfl9nRvF08DMcyNjkTGTcg4b3uSyYFn2Zf2KkIak2aiiwdZKEi65zwc9NDkYdDchOnMd/XuE0=
Expires: Thu, 04 Feb 2021 01:56:43 GMT

GET
H/1.1 200
OK 21435 Show response
seaboblit.com/1clkn/ 0
1 KB 83ms
48ms Script
application/javascript 213.32.61.35
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://seaboblit.com/1clkn/21435
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.32.61.35 , France, ASN16276 (OVH, FR),
Reverse DNS: ip35.ip-213-32-61.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p93920.clksite.com/adServe/banners?tid=93920_153711_0
https://infopicked.com/adServe/banners?tid=93920_153711_0

36 KB
13 KB

1454ms
1153ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=93920_153711_0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: ce64cd3dbb42ab4bee5f40f611aa1903b3b65479611c6b40438b6c8631f84bbc

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=93920_153711_0
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 15:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125332
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Feb 2022 15:07:50 GMT

GET
H2 200 pastebin.com.1056221.js Show response
jsc.adskeeper.com/p/a/ 226 KB
67 KB 455ms
434ms Script
text/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea01dcf1d5269b14a6d81bf472944dfdc1c5f5df2bf0714ee4c4d0a95708e16

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 30EB2F4BF63738F1
content-length: 67701
x-amz-id-2: ZPiW70x8ilF1/FbE15JT2T3+7zX9adKGd/GnS2K4bpI0FFodjtR+xndgW+C8tQ6+CZa1ea8is0M=
last-modified: Tue, 19 Jan 2021 12:52:39 GMT
server: cloudflare
etag: "52ab8865f328cdc46ef6cd3d6fc32767"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-request-id: 08073440500000d6e1d425d000000001
accept-ranges: bytes
cf-ray: 61b8897a1905d6e1-FRA
expires: Wed, 03 Feb 2021 05:56:43 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc69d10fb34b45d5325071130fa0fb2b1a7062160a8f5a34753e5bb90459218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 7166616678842563878
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47617
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:43 GMT

GET
H2 204 display.php Show response
www.maxonclick.com/a/ 0
71 B 222ms
133ms Script
text/plain 35.190.68.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.maxonclick.com/a/display.php?r=1142855
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.68.123 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 123.68.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Feb 2021 01:56:43 GMT
via: 1.1 google
server: openresty
alt-svc: clear

GET stat.js
cdn.webglstats.com/ 0
0

GET
H/1.1 200
OK outbrain.js Show response
widgets.outbrain.com/ 164 KB
55 KB 62ms
43ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/outbrain.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ca755b17ffb086fbfd92cb35a42bd8aec3b6b13b6f5e77e286b845d867057596

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Edge-Cache-Tag: widget-cheetah
Cookie: CheetahStaging=true
Connection: keep-alive
X-TraceId: 19d733edbd10faaa3a1332098e54a8cc
Content-Length: 55463
Last-Modified: Tue, 02 Feb 2021 14:20:46 GMT
ETag: W/"28fc0-4Vjqsivmvdd4QDjVTxpJCKuqQfI"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: false
Timing-Allow-Origin: *, *
Expires: Wed, 03 Feb 2021 05:56:43 GMT

GET
H/1.1 200
OK headerbid_sticky_refresh.js Show response
served-by.pixfuture.com/www/delivery/ 2 KB
2 KB 236ms
217ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_sticky_refresh.js?v31
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 43e106423124c8c69f1ac878e1878c72963587027aa365aa13f4a43168ac7262

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Last-Modified: Mon, 26 Oct 2020 19:24:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f972288-775"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1909

GET
H/1.1 200
OK 21952 Show response
thetarhaw.com/ttXiMZNGJ9Dd6muR/ 0
1 KB 112ms
41ms Script
text/html 213.32.115.25
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://thetarhaw.com/ttXiMZNGJ9Dd6muR/21952

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

213.32.115.25 , France, ASN16276 (OVH, FR),

Reverse DNS

ip25.ip-213-32-115.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 599ms
116ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Last-Modified: Wed, 13 Jan 2021 17:57:03 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fff346f-d42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3394
Expires: Fri, 05 Feb 2021 01:56:43 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 310 KB
85 KB 329ms
28ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c84aa474bbd822365c8ae488ee766a0cf2fc78a66471a441b33479d5d472431

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 22:15:34 GMT
server: AmazonS3
x-amz-request-id: 009D2828A7463C7A
etag: "8bd471da94f9b908553fdb9b02063382"
x-hw: 1612317403.cds148.fr8.hn,1612317403.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 86295
x-amz-id-2: F27lFvAvVGMiCc2Jf5DJZewVatTGoobZsGgctUMDm/qp+ONllprO89GT6cSFZWQwl0hw97v0qFQ=

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 8CCF 0
0 86ms
67ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK wrez Show response
mellowads.com/js/ 81 KB
32 KB 250ms
250ms Script
text/javascript 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1
Requested by: Host: mellowads.com
URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Protocol: HTTP/1.1
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Wed, 03 Feb 2021 01:56:38 GMT
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: User-Agent
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61b8897b5e45dff7-FRA
cf-request-id: 08073441120000dff71b251000000001
Expires: Thu, 03 Feb 2022 01:56:38 GMT

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 29ms
29ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/ 0
0 133ms
118ms Script
text/html 2600:9000:21f3:1400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 03 Feb 2021 01:43:43 GMT
via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 1541
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/html
cache-control: public, max-age=7200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: i4MZTGInoGgZ_fGMpqYYxTFMbRZifOwJlW_GNnvsvFRk5zqtUQ1NWw==

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

56 KB
19 KB

256ms
34ms

Script
text/javascript

172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

6fca035798ff90712212512ea68ab3affe0f2ca845309d4e1d1e8b1f4483af32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "772 / 323 of 1000 / last-modified: 1612307399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:56:43 GMT

Redirect headers

Date: Wed, 03 Feb 2021 01:34:18 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1345
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 02:04:18 GMT

GET
H/1.1 200
OK me Show response
ipfind.co/ 360 B
590 B 425ms
399ms XHR
application/json 50.18.199.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Server: 50.18.199.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-199-66.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 258531131d81a1ab0e0a73dc45044046701a122fcacdceae0944894016be3d38

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 238

GET
H/1.1 200
OK pop.js Show response
c1.popads.net/ 31 KB
10 KB 66ms
28ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: http://c1.popads.net/pop.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::1 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
X-77-NZT-Ray: oeuIheiqtr4=
Transfer-Encoding: chunked
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
alt-svc: quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
X-77-NZT: AcO1ryydUxrvGwkAAA==
Last-Modified: Sun, 22 Nov 2020 20:51:03 GMT
Server: CDN77-Turbo
ETag: W/"5fbacf37-7a55"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-Age: 2331
Expires: Wed, 03 Feb 2021 05:17:52 GMT

GET
H2 200 cloudinary-jquery-file-upload.min.js Show response
www.displayvertising.com/ 31 KB
9 KB 111ms
32ms Script
application/x-javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.displayvertising.com/cloudinary-jquery-file-upload.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f3f4ba39ee45ee7a20e0d163cf87fdb5200de2cf712a1d3dbf9a67b8b1488c27

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1ry++J6vv7MECAA==
date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-77-nzt-ray: gYlEA6DHGWs=
x-77-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-77-pop: frankfurtDE
x-cache: HIT
x-age: 180716
alt-svc: quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
expires: Sun, 07 Feb 2021 23:44:47 GMT

GET
H/1.1 200
OK verge.js Show response
static.narrativ.com/tags/ 151 KB
42 KB 1125ms
33ms Script
application/javascript 143.204.93.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.narrativ.com/tags/verge.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86f068facf5730dd7d8e5764aabdec8981cce9e9ae9a581b0d69e0461ee9248b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:11:01 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 02 Feb 2021 17:10:15 GMT
Server: AmazonS3
Age: 2772
ETag: W/"5369be3ab8b1ef95a942f9b9e7e054b8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Esw_Oj6T7B5rZXdY8d19q1aJD6iPq1aw2Zhsr12ra0vxbKgAfKEyYQ==

GET
H/1.1 200
OK conf Show response
s.pubmine.com/ 3 KB
4 KB 1100ms
77ms Script
text/javascript 79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s.pubmine.com/conf?rid=784230874304&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&vp=1600x1200&cb=callback__kkos5icg_1
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 581f5527801cbaf1f8f4f9e372164ed2f0ae37edee6ed6fcb1bbd33bac050e18

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=utf-8
Content-Length: 3292
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 utx Show response
emagazing.fun/ 0
423 B 171ms
120ms XHR
text/plain 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emagazing.fun/utx?cb=A8mBTv0vV5b4&top=daffodil-ruddy-run.glitch.me&tid=822524
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:43 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: N0_OHj_pyatBF0IOE7a_Ok28ZtCoaVi2nzoiDmV9FnivUfECyPVn7g==

GET
H/1.1 200
OK IAElMgAACSI7MRIdNxoMDis7BCsOASUyABECJg0yEkgMeicMDS0aIwo0KhACBycIG1UHAjYJNxw3AgkjHSY5KT8gMzEQDxMgOgsyFzAlAw4dISYpVCcwUnJRBRIXBSR2IDMBEgYEMykjCDAyBxwFJxQPPQA3LRomES86KT8hMTIUAhMjUgwndictGiMKJi4DURQgN...
emagazing.fun/ZURlY0IEJgYOfQR5B0U3FyhYRnAjYVclJlc3Bxk1CCcCViMINlZNIQkrEAckFysLF2wLIRFGcCMMMDQqEB0fJjsnMyQlBgwRJyAuUQ48UjIHETQ1cSQsVS4aHAIzIQFUAycLMTwHPRAuMhIWVQQcETYgLlEFARQTNQAzOTExIxYtFwg8PzADLxI... Frame CD40 0
0 143ms
126ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://emagazing.fun/ZURlY0IEJgYOfQR5B0U3FyhYRnAjYVclJlc3Bxk1CCcCViMINlZNIQkrEAckFysLF2wLIRFGcCMMMDQqEB0fJjsnMyQlBgwRJyAuUQ48UjIHETQ1cSQsVS4aHAIzIQFUAycLMTwHPRAuMhIWVQQcETYgLlEFARQTNQAzOTExIxYtFwg8PzADLxIoUhQEFjA2KiczMwYUDCc2ITojHCgUciIHDQApJhIoLBoMNyciJVwVASUtChINWioxEh03BTEzLycTFSIvMiEBBx0xKy4vETEDMSMiJCU/IAElMgAACSI7MRIdNxoMDis7BCsOASUyABECJg0yEkgMeicMDS0aIwo0KhACBycIG1UHAjYJNxw3AgkjHSY5KT8gMzEQDxMgOgsyFzAlAw4dISYpVCcwUnJRBRIXBSR2IDMBEgYEMykjCDAyBxwFJxQPPQA3LRomES86KT8hMTIUAhMjUgwndictGiMKJi4DURQgNSpVEwwLFSQpPyQaMxE9KQQwYg8QLQs0WAkMEhMWFSgvMFRWGw
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: emagazing.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1228
Connection: keep-alive
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: VBe9-0bQRfNK9cTw9imT4IhKp3r5POwnRtfp8NadgBFDBDb6MVdx1Q==

GET
H2 204 utx Show response
emagazing.fun/ 0
424 B 124ms
115ms XHR
text/plain 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emagazing.fun/utx?cb=DKo8od5pYhLs&top=daffodil-ruddy-run.glitch.me&tid=898034
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:43 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: FiXqjbaxQzcMTtrjzVQZcmEP37TbfcNMY_Rq4oce3BPupK0eW6Nr_Q==

GET
H/1.1 200
OK dwN5RxBSIwkGJmBHIgEdXxF1FRBTWRgkOkknBkEoBgc
emagazing.fun/MWFIcnJQAysfTVBcKlQHQw11V0B3RHo0FgMSKggFXAIvRxNcE3tcEV0OPRYUQw4mBlxfBDxXQHcnGhgoaAIPFR5mNRElJEsrLiI3ADAuBUdeMHkKFWkiOxQwWzgEIgp4Ki4fK34uCjMzVCY7AypIIBk+M14sLQUWFFMKOjNaDh0lJGYlGxokazQ... Frame B39B 0
0 139ms
121ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://emagazing.fun/MWFIcnJQAysfTVBcKlQHQw11V0B3RHo0FgMSKggFXAIvRxNcE3tcEV0OPRYUQw4mBlxfBDxXQHcnGhgoaAIPFR5mNRElJEsrLiI3ADAuBUdeMHkKFWkiOxQwWzgEIgp4Ki4fK34uCjMzVCY7AypIIBk+M14sLQUWFFMKOjNaDh0lJGYlGxokazQOPTgAKH4mJEkGGRsVVyB7BiB9BicwPHcgfjQjcBcNMUJjNxsGKHgJIzc5XQVxIxsEGw81Gmc2JisXfzMNPj4ABjs6CkIUDUABSDUQIzV8M3wROwARcSMeVhMeCAZnNiYoKHpQHhMWWlRxIx5ZUgoVX1UjEDAZdQIeJBNVDSsdM3AwIiMmATIJC0tyBx07B1IWHgQqXRU/N0BBIBkxQ1QtCkI3aBYZECRnEXolGHQDDCU/dAAKETx7N3hBJWRQeDAYQjgPGx5TMR4kE3AgfQAqXQknMx9dIB9AFXAAHiQTVQodRzRWCngqQQAiBBw/dwN5RxBSIwkGJmBHIgEdXxF1FRBTWRgkOkknBkEoBgc
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: emagazing.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1233
Connection: keep-alive
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: qGbzKrMZuyzWqkU_p6e0NByZ40yjljR7ZCWaxjKRXEbUVHNxsywGRA==

GET
H/1.1 200
OK eRkkHWtiGyUALSgeOwA2OFYnCixpSg8DDgs2ICEiDUsNLiAePDAuEw4fJiYBCjoYLgkKAQo9HhUgID09BhUbPBkmPRsuNR08HDwCHzl6JgALPgQhAhktBjk0eAIRBAofICMLPRkADz0VDT4vLiAVEAgDYS0gMFsTCBQ9PTsaPSIuMHkTGwMZBD8NBBsNLnwKEQ0PG...
emagazing.fun/SW9YTHgoDTshRyhSOmoNOwNlaUoPSmoKHHscOjYPJAw/ Frame 6A74 0
0 138ms
121ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://emagazing.fun/SW9YTHgoDTshRyhSOmoNOwNlaUoPSmoKHHscOjYPJAw/eRkkHWtiGyUALSgeOwA2OFYnCixpSg8DDgs2ICEiDUsNLiAePDAuEw4fJiYBCjoYLgkKAQo9HhUgID09BhUbPBkmPRsuNR08HDwCHzl6JgALPgQhAhktBjk0eAIRBAofICMLPRkADz0VDT4vLiAVEAgDYS0gMFsTCBQ9PTsaPSIuMHkTGwMZBD8NBBsNLnwKEQ0PGzcgGhYAOjsKOQ1fFgoUAww7Gj4aODQJSxsDGQQgMAsfGTktJjsaPhotPw00HAMCIzoRXh8ZOS09Eg41BjozLwAIPnUgHRsnHh4yCCYcFUh4PRkeLiQ6aDwbHiwZAzwhJhsKSBM+Gn0PcCwZLysIAgkJOng9OgNIOScaHTl6LCAOIRE7HgstASoRFkh4PB8dKiU6aQkiCwIOCy0ICxwCKRwrChoUMToLHTsIXRYCLRgqDwUufUkyPxcnH2UIKys5Cj9NHThqCB16
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: emagazing.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1209
Connection: keep-alive
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 68PN2Lfch7M_pSnp6fgj3XIhT3thwDTmva2jl2lS2bqUQq7twHeMAg==

GET
H2 204 utx Show response
emagazing.fun/ 0
425 B 116ms
116ms XHR
text/plain 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emagazing.fun/utx?cb=sGqXFmVjT7dl&top=daffodil-ruddy-run.glitch.me&tid=889494
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:43 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 6jFnEvDbg_8IFffJfS7M7wk4y-BXSyad4F6UnwILwMpPkioVVVGOSA==

GET
H/1.1 200
OK bSNQJzYAdgEFD3oIKgIcYSgzAjxtDiQ6Hgk0LBkicyYLKw9+IzRKLmoBKyQOd3IvFUJ6DTYnDX4oUhU7VwksJS9sNS0VPWsOIQFHYRUNPRRXMCs6L0l3BCAhYw8bRkB9AgFFOwoGLhcaCHU4IDFuFCE7QmEVEkY8UxUAOi9Jdy0VBF0hDBEDYRUSRhNUEQwxLxQzO...
emagazing.fun/cnc5RGITFVopXRNKW2IXABsEYVA0UgsCBkAEWz4VHxRecQMfBQpqAR4YTCAEABhXMEwcEk1hUDQOXAAKOyUIEQAkDmAsAxUPawgqAgNoBSRKEVQCBycdSistBRB/DwUVFXojEUs/ Frame D5D2 0
0 138ms
121ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://emagazing.fun/cnc5RGITFVopXRNKW2IXABsEYVA0UgsCBkAEWz4VHxRecQMfBQpqAR4YTCAEABhXMEwcEk1hUDQOXAAKOyUIEQAkDmAsAxUPawgqAgNoBSRKEVQCBycdSistBRB/DwUVFXojEUs/bSNQJzYAdgEFD3oIKgIcYSgzAjxtDiQ6Hgk0LBkicyYLKw9+IzRKLmoBKyQOd3IvFUJ6DTYnDX4oUhU7VwksJS9sNS0VPWsOIQFHYRUNPRRXMCs6L0l3BCAhYw8bRkB9AgFFOwoGLhcaCHU4IDFuFCE7QmEVEkY8UxUAOi9Jdy0VBF0hDBEDYRUSRhNUEQwxLxQzOysxfCAHHBQJBycVHHAtKxYgUAkXOyEJDyYcPVQQGihAWhwgOTR+BREiJkESKDU9VwsaQ0FdPgkgIkB1CyhHUSIuISYcdiA0D38wBiUiWxEmHRh2BlIWEl4CFiEPY3ADJTFzByoGB2B0CRYSVycPNSENNCwmD10HBUcOYy9aJRIKAhg2JmxiCAEYVzRfEDh3NlEHLVQKCjVG
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: emagazing.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1229
Connection: keep-alive
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: NCLRhuLAbK9jj_tXb96T8UjT6f4K9wjr1aJSWARew51i841ifKegiQ==

GET
H2 200 login.php
www.facebook.com/ 0
0 369ms
368ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 115ms
95ms Image
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 221ms
220ms Image
text/html 2a00:1450:4001:810::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK ads-priv.php Show response
syndication.exosrv.com/ 0
314 B 99ms
66ms Script
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exosrv.com/ads-priv.php?i=0
Requested by: Host: a.exosrv.com
URL: https://a.exosrv.com/popunder1000.js
Protocol: HTTP/1.1
Server: 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 pubads_impl_2021012801.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 111ms
51ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99311
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:56:43 GMT

GET
H/1.1 200
OK zone Show response
choupsee.com/ 718 B
1 KB 37ms
36ms Fetch
application/json 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

30fea238b7c7058f28665cbfaf4d7a3de9a033808b1d82569b5974f90bf2f06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 65639c95c7d63f6dc72b69cbaa4873c7
Date: Wed, 03 Feb 2021 01:56:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 718

GET
H/1.1 200
OK universal.min.js Show response
choupsee.com/pfe/current/ 188 KB
54 KB 124ms
54ms Fetch
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK zone Show response
kumteerg.com/ 718 B
1 KB 37ms
36ms Fetch
application/json 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

30fea238b7c7058f28665cbfaf4d7a3de9a033808b1d82569b5974f90bf2f06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f170d49f0a4b95a9d8cc477a9314e694
Date: Wed, 03 Feb 2021 01:56:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 718

GET
H/1.1 200
OK universal.min.js Show response
kumteerg.com/pfe/current/ 188 KB
54 KB 123ms
54ms Fetch
application/javascript 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 410ms
142ms XHR
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
X-Amz-Cf-Pop: FRA2-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 29 Jan 2021 06:42:57 GMT
Server: AmazonS3
ETag: W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
x-amz-version-id: 8kbPIzTLk7_TMvnggUSDACBTugDfX2qC
Via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400
Content-Type: application/javascript
X-Amz-Cf-Id: Urfo_pNJM9J80hRhsZs-n8Uya0BYzJUTfQaFuR8dXlU3oA6o-2rGnQ==

GET
H2 204 utx Show response
emagazing.fun/ 0
425 B 204ms
204ms XHR
text/plain 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emagazing.fun/utx?cb=7kgU9hdchlqK&top=daffodil-ruddy-run.glitch.me&tid=737329
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:43 GMT
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: QTvgPgqfU2c70arV1HnCke5HDHGJcKYURPX45kxJKpwsOTf6hrLHGw==

GET
H/1.1 200
OK LhwmMQ4ZDAI+Py0zXi0AGCI7LRYIGCMIEgUML3hvPQkeExRdLiItOww4C3kzXQsveG89AgkAGVx3UwsQPmsoKGcLaD0bMEpoKA4EIQouGiAKFloxGQkeJDMUXmMNGzkuPj0nYgsWPAg0JiIGIxQGLhgbZDUPKxoCPgMdOQ4kCCslAhg+BBwfPhMpMA4nETwcGQ5qC...
emagazing.fun/SVdvWmooNQw3VShqDXwfOztSf1gPcl0cDiMhVmMZMTgeKhx4ZkE5BiYiCzwYJjkbdAQsI0poLB0YKDIlLQI1OCgwFjs/Pz4VJDECMRReY1MbZFc/KyNnDhEvIQEgHz8zA14tJhgWH39YDx87KikPL1s5JAsRWBk/fT4pGQIvATg9OwIRGwwMeBo... Frame C7C9 0
0 115ms
115ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://emagazing.fun/SVdvWmooNQw3VShqDXwfOztSf1gPcl0cDiMhVmMZMTgeKhx4ZkE5BiYiCzwYJjkbdAQsI0poLB0YKDIlLQI1OCgwFjs/Pz4VJDECMRReY1MbZFc/KyNnDhEvIQEgHz8zA14tJhgWH39YDx87KikPL1s5JAsRWBk/fT4pGQIvATg9OwIRGwwMeBoBAis5LT4NKAQQLB8PLGYcHiEbJAcJDRwwKDAJLB88YyMCZgwJIDE8Hg0/eG8iaSceACguIi0/LhwmMQ4ZDAI+Py0zXi0AGCI7LRYIGCMIEgUML3hvPQkeExRdLiItOww4C3kzXQsveG89AgkAGVx3UwsQPmsoKGcLaD0bMEpoKA4EIQouGiAKFloxGQkeJDMUXmMNGzkuPj0nYgsWPAg0JiIGIxQGLhgbZDUPKxoCPgMdOQ4kCCslAhg+BBwfPhMpMA4nETwcGQ5qCQgWKS4NGwAIFz0RYig7K3wNDmoOewQYMQUPEz0IPhEgFTkdPTE2HzA+HwdrEG89HDUEOWoZah8+YypvJg4iG207
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: emagazing.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1233
Connection: keep-alive
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: VN8Rfp-P32Tsv5dWVzMeBpG6ECbLgRGZSnfB84jzUn3OFMxa91AdCw==

GET
H/1.1 200
OK ECEVGwEFEyEuPzowGUhmGiYkNWAGJhI5FBo5GTFjJjMaLQUVJQUhORQQZRIgLRkzRTsuGjNIKi5HOQ
emagazing.fun/QndDeFMjFSAVbCNKIV4mMBt+XWEEUnE+NygBekEgOhgyCCVzRm0bPy0CJx4hLRk3Vj0nA2ZKFRYUBSIhGC8KLBwTIgcsAhNScT4Xcx8FKWEELhUTGRUnAR8YCjYBChI1HCU5FBskAC0aCRQBQDUEHHIWBxMcFzA5BCASADAnORUiBhQ1BgEQFB8... Frame C156 0
0 119ms
118ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://emagazing.fun/QndDeFMjFSAVbCNKIV4mMBt+XWEEUnE+NygBekEgOhgyCCVzRm0bPy0CJx4hLRk3Vj0nA2ZKFRYUBSIhGC8KLBwTIgcsAhNScT4Xcx8FKWEELhUTGRUnAR8YCjYBChI1HCU5FBskAC0aCRQBQDUEHHIWBxMcFzA5BCASADAnORUiBhQ1BgEQFB8ELjoPPBQ6ayQ7AjEZCh8FAgQROQsgPhg4FUgZGzg0FxQFD3cREQAuIi4EFwcSPREDJzQtAQQPOwIEFCIlPQcUOBVIGiQ9Fk0LExArAgQUIQcpEi4WFitiBBFzTQsTHwYVFDUcGzopDz0HECAHFHJVOCglczY7ECEZPQUVJSEsASkuCh8KCCFzMQUWGyc7GwZPAjkVJjQZHyQDMhELZhMcATkCBiIHPityEw5IZho5BhA/ECEVGwEFEyEuPzowGUhmGiYkNWAGJhI5FBo5GTFjJjMaLQUVJQUhORQQZRIgLRkzRTsuGjNIKi5HOQ
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: emagazing.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1205
Connection: keep-alive
Date: Wed, 03 Feb 2021 01:56:43 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: yjTdUgI0GZBzuX1KhYJaq03qAni350EIFehQ-Ps95ffPJ4wmZdB-nw==

GET
H2

200

link-converter.min.js Show response
cdn.shorte.st/
Redirect Chain

http://cdn.shorte.st/link-converter.min.js
https://cdn.shorte.st/link-converter.min.js

116 KB
43 KB

39ms
23ms

Script
application/javascript

2606:4700:20::ac43:4a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/link-converter.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2264
cf-request-id: 08073442f90000dfa55c1d2000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-1d196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FgTZ%2F8620MEoGehqNQx9EFmVYtsCIMisDNw0xzhLlvbVwgEwh2a48Aoa9lWUjiqIKoBP4ZDu%2FfkgbFXnPihMvJwLLdR40ERFqZixpiZa8xVeAkpqpqqLGi3N"}],"group":"cf-nel"}
content-type: application/javascript
x-server-id: shn10
cache-control: max-age=14400
cf-ray: 61b8897e5c7bdfa5-FRA
expires: Wed, 03 Feb 2021 02:18:59 GMT

Redirect headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Server: cloudflare
Age: 241
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Iw%2FKG9eG0%2Bu2t3yzrjk30WwyoaNIAKB53UIjC9qyPL2qTe1yGLXzpw5fSbILq9piNdRVsjeQzZLalGUK9gMOsh2LAbBg1GPmjmAOkrZRrZ0M2glNMBkL9VVM"}]}
Location: https://cdn.shorte.st/link-converter.min.js
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 61b8897e1ace637d-FRA
Content-Length: 0
cf-request-id: 08073442ca0000637d14a82000000001

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 1AF1 0
0 50ms
49ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H2 200 / Show response
freychang.fun/ 16 B
759 B 130ms
113ms Fetch
text/plain 2606:4700:e2::ac40:8512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=89bc8e837503c48a9890a804c32f1977
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c34729d3dd997e9d5227a96ef53dd671456adc8025df6903ab9df1366831629

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FteZ7HVm7lkHtbb6rk9I4x3NFD16vrL9awLo%2FFZT5Lg%2BcJNoxfTnYuDyCUQ%2BxFciirq%2F5GEiIcO3jKbvil1xFNRacQw3b0Uy7RdsRUhaCVeAbP479gd7c76i"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 61b8897ce92ac2e5-FRA
access-control-allow-headers: X-Requested-With, content-type
cf-request-id: 080734420e0000c2e5ca1f0000000001

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 225 KB
85 KB 74ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86255
x-xss-protection: 0
server: cafe
etag: 8534310779558063066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 01:56:43 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame 5E96 0
0 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210127/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 02 Feb 2021 05:00:08 GMT
expires: Tue, 16 Feb 2021 05:00:08 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 75395
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
freychang.fun/ 15 B
328 B 108ms
107ms Fetch
text/plain 2606:4700:e2::ac40:8512
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=89bc8e837503c48a9890a804c32f1977
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8512 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d29895d50d252d681d7327f5a571674ed7ad9c5bb2acbf40c303ebad51ebe543

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2coZ15CJiJ3ZFfOcsfIM%2FhmuDChk9HgpqOJ2NjfQM2BALdys9yD843Xuf%2Bs2Xn92ue6eCk55HbqSliLaETdZUVGOfWuqhIEwkJV4YNm%2BJD8klU6dG03Qq3rQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 61b8897d897cc2e5-FRA
access-control-allow-headers: X-Requested-With, content-type
cf-request-id: 08073442700000c2e5d734f000000001

OPTIONS
H/1.1 200
OK custom
choupsee.com/ Frame 0
0 34ms
34ms Other
text/plain 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
choupsee.com/ 39 B
502 B 37ms
37ms Fetch
application/json 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 045a2be408b22d87cc921727fd920dfa
Date: Wed, 03 Feb 2021 01:56:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
785 B 1152ms
39ms Fetch
application/json 139.45.195.106
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=24778e9e54cd4c70ac4e1054f2f346aa&zoneId=3808000&checkDuplicate=true&ymid=&var=

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.106 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

11f8675accf03f247064b5b6a4de5f46d09e650f917f9dda0004db2b86b922a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 / Show response
c.adsco.re/ 36 KB
12 KB 39ms
22ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 182962
etag: W/"i3T2LXGRCAaVCQTagVXOkw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 61b8897e8a03177a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08073443160000177ac8958000000001
expires: Sat, 06 Mar 2021 01:56:43 GMT

GET
H/1.1

200
OK

cm
ws-na.assoc-amazon.com/widgets/ Frame B788
Redirect Chain

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

0
0

552ms
132ms

Document
text/html

52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: ws-na.assoc-amazon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Wed, 03 Feb 2021 01:57:01 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset: UTF-8
Access-Control-Allow-Origin: *
Vary: User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Wed, 03 Feb 2021 01:57:01 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 360
Connection: keep-alive
x-amz-rid: AWKY69NP38P5YMY0PCRR
Location: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent

GET
H/1.1 200
OK 1120283
ad.a-ads.com/ Frame F4EC 0
0 47ms
46ms Document
text/html 148.251.13.139
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1120283?size=120x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.139.13.251.148.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 0
332 B 7478ms
351ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=7693038295828&DIF=2
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Len: 0
Date: Wednesday, 03-Feb-2021 01:56:51 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 04-Feb-2020 01:56:51 GMT
CONNECTION: Close
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame D6C8 0
0 367ms
350ms Document
text/html 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=55931277440535&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=55931277440535&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bdv.bidvertiser.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Wednesday, 03-Feb-2021 01:56:44 GMT
Cache-Control: no-store
Last-Modified: Tuesday, 04-Feb-2020 01:56:44 GMT
Set-Cookie: bdv_c2p=338; domain=.bidvertiser.com; path=/; expires=Thu, 04-Feb-2021 01:56:44 GMT bdv_c2p=1_1_1; domain=.bidvertiser.com; path=/; expires=Thu, 04-Feb-2021 01:56:44 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5388
CONNECTION: Close

GET
H/1.1 200
OK CKYD553E.json Show response
srv.buysellads.com/ads/ 644 B
725 B 15451ms
81ms XHR
application/json 178.128.255.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://srv.buysellads.com/ads/CKYD553E.json?segment=placement:eefiojre9hugu9rgtrtfrg
Requested by: Host: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Server: 178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-11.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 2e7bedf9402992a10ae543c8555dfac28f2e2c7b03d59f99384170b30bcaf692

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:59 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 473

GET
H/1.1 200
OK adskeeper.uk.16162.js Show response
jsc.adskeeper.co.uk/a/d/ 224 KB
67 KB 15346ms
34ms Script
text/javascript 104.19.130.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1211325643
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.19.130.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e1f6b8324009a56a3cc25d5b4aa553b2c85bad57cbaa71f2ef9a670b40b68b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:59 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 5459
Cf-Polished: origSize=228998
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EEAF2E346CCD5718
x-amz-id-2: FVzrMP81BevSly3duLlbZhpmifRWU2ywNrzkePocJqP4nPk5yMDWHSiHEJ43tKrrN6bIf/MDmVo=
Last-Modified: Wed, 20 Jan 2021 08:48:59 GMT
Server: cloudflare
ETag: W/"daffee7066c06931623289049a52aa3e"
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Wed, 03 Feb 2021 05:56:59 GMT
Cache-Control: public, max-age=14400
cf-request-id: 0807347ef60000cc3eee914000000001
CF-RAY: 61b889de5ef7cc3e-ZRH
Cf-Bgj: minify

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p405661.mycdn.co/banners/script/ 176 KB
53 KB 1326ms
42ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p405661.clksite.com
URL: http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:45 GMT

GET
H/1.1 200
OK CKYICKQI.json Show response
srv.carbonads.net/ads/ 1 KB
934 B 132ms
47ms Script
application/javascript 178.128.255.150
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYICKQI.json?segment=placement:dsawrewreafera&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-11.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: a0eb1614ba513fd9f8846bdf2a1fc6f2fb6d7332d49bfbc89a82f3aa0cdd2528

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 695
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
c.adsco.re/ 36 KB
14 KB 19ms
14ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/cloudinary-jquery-file-upload.min.js
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 182962
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 080734433f0000dfa5c01b2000000001
Server: cloudflare
ETag: W/"i3T2LXGRCAaVCQTagVXOkw=="
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=2678400
CF-RAY: 61b8897eccdadfa5-FRA
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Sat, 06 Mar 2021 01:56:43 GMT

GET
H2 200 /
6.adsco.re/ 0
480 B 27ms
12ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:44 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 61b8897efb614a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 080734435c00004a9226207000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
474 B 165ms
42ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
429 B 211ms
64ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 48 B
474 B 332ms
63ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 25e45b62f2315cdb6c6aee3955da8ec4076b60d07b65be98ec20361ed2224df6

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
682 B 20ms
13ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61b8897eccc10629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807344341000006297b368000000001

POST
H/1.1 200
OK /
frdqkhe5m6w2.l4.adsco.re/ 0
464 B 24919ms
14961ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://frdqkhe5m6w2.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:57:07 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
frdqkhe5m6w2.n4.adsco.re/ 0
464 B 15753ms
118ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://frdqkhe5m6w2.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:59 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
frdqkhe5m6w2.s4.adsco.re/ 0
464 B 1754ms
191ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://frdqkhe5m6w2.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK /
c.adsco.re/ Frame 6872 0
0 20ms
14ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Wed, 03 Feb 2021 01:56:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Sat, 06 Mar 2021 01:56:43 GMT
ETag: W/"i3T2LXGRCAaVCQTagVXOkw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 182962
cf-request-id: 080734434600004a683d94d000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 61b8897edd6c4a68-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
6.adsco.re/ 0
682 B 12ms
11ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61b8898f7f9b0629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807344dad000006293d3de000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
474 B 41ms
41ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
429 B 124ms
42ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 48 B
474 B 244ms
41ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 25e45b62f2315cdb6c6aee3955da8ec4076b60d07b65be98ec20361ed2224df6

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
682 B 10ms
9ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Server: cloudflare
Access-Control-Allow-Headers: Content-Type
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61b8897f9d910629-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08073443bc00000629483f6000000001

POST /
nwxv1igqbfpq.l4.adsco.re/ 0
0

POST
H/1.1 200
OK /
nwxv1igqbfpq.n4.adsco.re/ 0
464 B 455ms
119ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://nwxv1igqbfpq.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:47 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
nwxv1igqbfpq.s4.adsco.re/ 0
464 B 833ms
194ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://nwxv1igqbfpq.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:47 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK /
c.adsco.re/ Frame E65B 0
0 15ms
15ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Sat, 06 Mar 2021 01:56:44 GMT
ETag: W/"i3T2LXGRCAaVCQTagVXOkw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 182963
cf-request-id: 08073443bf00004a6864851000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 61b8897f9e474a68-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1542656909-explore-themes-2.jpg
cdn4.buysellads.net/uu/1/23814/ 25 KB
25 KB 97ms
29ms Image
image/jpeg 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/23814/1542656909-explore-themes-2.jpg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 192e49a8d791354fa0e62f05a4f046dc04e39893079f1cf69d3ab3864e2fb686

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:44 GMT
last-modified: Mon, 19 Nov 2018 19:48:31 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 68448E060C397A7E
etag: "577ca19a88015bef792c6d5cadbc440d"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 25458
x-amz-id-2: mnUFhUs22Gt3yB21ACoUXFpzZlqhJmn40px7N7rFLUohzNRw/6LcFpvuKJtX/GFlDQTvl4KbNKY=
expires: Sat, 29 Jan 2022 01:56:44 GMT

GET
H/1.1 200
OK popunder.gif
yiatelychur.top/ 35 B
501 B 539ms
271ms Image
image/gif 13.224.194.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yiatelychur.top/popunder.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.224.194.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-107.fra2.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Wed, 03 Feb 2021 01:56:44 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Connection: keep-alive
Content-Length: 58
Via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: kOsMf5lfIMN0oc6pTbs9Awn_aWtBdz3kpfDXnK5Li8bsPB961URo1g==

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
870 B 63ms
63ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: b8991415789cf9503e88f2b3e9673f8c2702d4e1a8b6d5138d96d865372900f3

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Wed, 03 Feb 2021 01:56:44 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
871 B 70ms
66ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: eb7ad86e0ae8f29378656dc4d203eb57e0f0fe939f3da739f5702c6351ea5623

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Wed, 03 Feb 2021 01:56:44 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK c Show response
serve.popads.net/ 0
272 B 201ms
183ms Script
application/javascript 216.21.13.11
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://serve.popads.net/c?_=BAoAYBoC3AFgGgLcgAGBAsAAIPa6HX9-jnP_XoAh_Z5KPl4LQotZrrebQJcIBuX7yHu8wQBHMEUCICapd51qqZyWNpfufpLkvsl1d8JdzsIIcLK0H752z15IAiEAmD2rrJEf6EP1D2Q29kEMiXFN_xes3zPhMoPlsywkGN3CACAqMppwTgJtrb01nfuqwLlM2kb4FEXooLRfHCyQNG4NU8QAECoBBPgBklQUAAAAAAAAAALFABBFcUFOln6WghfWaG55dYzlwwBHMEUCIQCNXoGqDK3Zd0pWcS3B1sP0SxQ6KamZgCAmjXWdVRvi_wIgJ5SqfYbpBTr0ZUj9CPf5AhNpPYfOhnY4MZ51uPnkMHs&v=4&siteId=2351736&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: HTTP/1.1
Server: 216.21.13.11 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Wed, 10 Feb 2021 01:56:44 GMT

GET
H/1.1 200
OK mu.html Show response
displayvertising.com/ 0
272 B 197ms
179ms Script
application/javascript 216.59.56.9
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://displayvertising.com/mu.html?_=BAoAYBoC3AFgGgLcgAGBAsAAIPa6HX9-jnP_XoAh_Z5KPl4LQotZrrebQJcIBuX7yHu8wQBIMEYCIQCWhVrL77ghUKqyxyR0qxIpH7_EUnsBK5UubuSqNyMc0wIhAPKriOlkrRUvxJ6Fjrixb8NIV5vgFQ1adczexZohSSK4wgAgKjKacE4Cba29NZ37qsC5TNpG-BRF6KC0XxwskDRuDVPEABAqAQT4AZJUFAAAAAAAAAACxQAQRXFBTpZ-loIX1mhueXWM5cMARjBEAiEAhCPzxeVsVM46IUEH7HW6l-qZlod6Ab1h81frJo_0-IYCHxkdeCU6G253UG0n-1j_yg9oRqB5Pbe9zQLnDyiSbVM&v=4&QvbyNaPe=2351736&minBid=&FkBvDPCe=0,0&BPNGcYpC=&kwPnxQhZ=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/cloudinary-jquery-file-upload.min.js
Protocol: HTTP/1.1
Server: 216.59.56.9 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Wed, 10 Feb 2021 01:56:44 GMT

GET
H2 200 multi Show response
emagazing.fun/ 3 KB
2 KB 119ms
119ms XHR
text/plain 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://emagazing.fun/multi?cs=RnRDckJ3QnVCcydGcRF2d0MgR3J2&abt=0&red=1&sm=76&k=&v=1.0.50.1&sts=64&prn=0&emb=0&tid=898034&u=378011056989045&fs=1&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=1&uloc=&if=0&_4H18=1612317404713&crc=1
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 1b77231ff9c0e2baf6f96d7bd432564dcb5808836d477f08164f165fb9f60db7

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:44 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1450
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-id: 0ur4Vv-gVZKVvKZB6cLGduSxtQZhUrsNoaj1RbY-pTN9EHCEGnJTNQ==

GET
H2 200 ata.js Show response
c0.pubmine.com/2.19.01600444727688/ 194 KB
52 KB 80ms
30ms Script
application/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.19.01600444727688/ata.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

115ed11fb9457bb897579d4be870323771379eda1d31ffa4337da93659bcc73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 03 Feb 2021 01:56:44 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 16:00:58 GMT
server: nginx
x-amz-cf-pop: AMS50-C1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5

35 KB
13 KB

149ms
148ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: a932a8e7d1d33131cfc984290d283ed938ba1905cafdf7ff85a784f8779e8a7d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5
Date: Wed, 03 Feb 2021 01:56:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 24ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3362353
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1309
cf-request-id: 080734465d00002bd2b9bd0000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oUe3PRWAAr11PwmH78oA9%2F%2FhpllMOx%2FWnVoYUwIRIoeS%2FByrVRBYhH8WgbcxDL12CRZJ5NE%2Fz5yHTn%2BzHh0aSa8ZlRaXZGgDRFVTI4r7t%2B0W0YsjsEd66e7R6oSztbaB0Q%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61b88983ce262bd2-FRA
expires: Mon, 24 Jan 2022 01:56:44 GMT

GET
H/1.1 200
OK loader.js Show response
config.seedtag.com/ 39 KB
12 KB 1075ms
30ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/loader.js?v=0.3564459301333891
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.18.131.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3958565c7262e5d14c2b8687c710bde8ff3852bca75ec6b14198fcda31465b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3984
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 11835
cf-request-id: 0807344b1500002373a32ca000000001
Last-Modified: Tue, 02 Feb 2021 12:49:28 GMT
Server: cloudflare
ETag: "e38dc4a94bf64fcb4db3c99d01116031"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=1200
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 61b8898b59ee2373-ZRH
Expires: Wed, 03 Feb 2021 02:16:45 GMT

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p93920.mycdn.co/banners/script/ 176 KB
53 KB 136ms
93ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p93920.clksite.com
URL: http://p93920.clksite.com/adServe/banners?tid=93920_153711_0
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:44 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AA4 0
0 39ms
39ms Document
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/gen_204?id=rmvasftr&type=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 03 Feb 2021 01:56:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 5A0B 0
0 344ms
31ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1612276355.184646"
last-modified: Tue, 02 Feb 2021 14:20:05 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Wed, 03 Feb 2021 01:56:45 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1612317405~rv=36~id=e67b24cd77be59d45efc40ec36bdf34e; path=/; Expires=Wed, 03 Feb 2021 01:56:45 GMT; Secure; SameSite=None

GET
H/1.1 200
OK ZGFmZm9kaWwtcnVkZHktcnVuLmdsaXRjaC5tZQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 3501ms
407ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/ZGFmZm9kaWwtcnVkZHktcnVuLmdsaXRjaC5tZQ==
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:48 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 692d75ef6cdc8796feaad01063897f60
Content-Length: 16
Expires: Wed, 03 Feb 2021 13:56:48 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
468 B 282ms
30ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.630246648656182
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:45 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 05 Mar 2021 01:56:45 GMT

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 119ms
118ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_sticky_refresh.js?v31
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Last-Modified: Wed, 13 Jan 2021 17:57:03 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fff346f-d42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3394

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame 93ED 10 KB
11 KB 146ms
130ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=3542x300x250x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=3542x300x250x700x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e2bf90b6152f901cceb0c3b1517a72f52633a3788db65c47e8e5a64480339013

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:45 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 500
Internal Server Error invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 1105ms
78ms Script
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
DATA 200
OK truncated
/ Frame 75D7 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

Cookie set match
s.pubmine.com/ Frame E3D5
Redirect Chain

https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us...
https://s.pubmine.com/match?bidder_id=13&external_user_id=b862886f-65ed-4739-a0bf-53b49aa825c5&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=

0
0

48ms
47ms

Document
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/match?bidder_id=13&external_user_id=b862886f-65ed-4739-a0bf-53b49aa825c5&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: s.pubmine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: c=1612317405; tuuid_lu=1612317405; tuuid=287fe991-806c-4157-a35c-094314e5962f; rum=!1,2c10192f-76aa-4a9e-9978-241ba162ebda,381560207!10,2752708575326948989,381560205!12,17903821785207866523,381560205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: rum=!13,b862886f-65ed-4739-a0bf-53b49aa825c5,381560208!1,2c10192f-76aa-4a9e-9978-241ba162ebda,381560207!10,2752708575326948989,381560205!12,17903821785207866523,381560205; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:48 GMT
Content-Encoding: gzip

Redirect headers

Date: Wed, 03 Feb 2021 01:56:48 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
X-Xss-Protection: 0
Location: https://s.pubmine.com/match?bidder_id=13&external_user_id=b862886f-65ed-4739-a0bf-53b49aa825c5&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
Set-Cookie: __uis=b862886f-65ed-4739-a0bf-53b49aa825c5; expires=Fri, 05 Mar 2021 01:56:47 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None HAPLB5S=s579|YBoC4; path=/; domain=.go.sonobi.com; SameSite=None; secure
Server: sonobi-go

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D33A 0
0 3166ms
43ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=61977
Expires: Wed, 03 Feb 2021 19:09:45 GMT
Date: Wed, 03 Feb 2021 01:56:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

404
Not Found

Cookie set match
s.pubmine.com/ul_cb/ Frame 719C
Redirect Chain

https://cs.emxdgt.com/um?ssp=pbs&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D16%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D78423087430...
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D16%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D7842308...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D16%2526ssp_data%253D287fe9...
https://cs.emxdgt.com/umcheck?apnxid=4075567622729266895&redirect=https://s.pubmine.com/match?bidder_id=16&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_con...
https://s.pubmine.com/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1
https://s.pubmine.com/ul_cb/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1

0
0

47ms
47ms

Document
text/html

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/ul_cb/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: s.pubmine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tuuid=4c176489-03dc-4474-bd28-fc1c21ac1883; c=1612317420; tuuid_lu=1612317420
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:57:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=4c176489-03dc-4474-bd28-fc1c21ac1883; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:57:00 GMT tuuid_lu=1612317420; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:57:00 GMT

Redirect headers

Server: nginx
Date: Wed, 03 Feb 2021 01:57:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://s.pubmine.com/ul_cb/match?bidder_id=16&uid=4075567622729266895brt222551612317420362880f1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=4c176489-03dc-4474-bd28-fc1c21ac1883; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:57:00 GMT c=1612317420; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:57:00 GMT tuuid_lu=1612317420; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:57:00 GMT

GET
H/1.1

200
OK

Cookie set match
s.pubmine.com/ul_cb/ Frame 298A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58366/occ
https://ups.analytics.yahoo.com/ups/58366/occ?verify=true
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-
https://s.pubmine.com/ul_cb/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-

0
0

89ms
44ms

Document
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pubmine.com/ul_cb/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Host: s.pubmine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: tuuid=fe4aa170-8c79-4a43-9b7a-b22bc7bc28b9; c=1612317405; tuuid_lu=1612317405
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=fe4aa170-8c79-4a43-9b7a-b22bc7bc28b9; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:45 GMT tuuid_lu=1612317405; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:45 GMT rum=!15,y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-,381560205; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:45 GMT
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Location: https://s.pubmine.com/ul_cb/match?bidder_id=15&external_user_id=y-pjxye1J1l2bLEIyEatGz69RBlomAyp4OxrOLnpA-
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: tuuid=fe4aa170-8c79-4a43-9b7a-b22bc7bc28b9; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:45 GMT c=1612317405; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:45 GMT tuuid_lu=1612317405; SameSite=None; Secure; path=/; expires=Fri, 03-Feb-2023 01:56:45 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4A18 0
0 4501ms
149ms Document
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP002 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

x-33x-status: 2020008
server: 33XP002
date: Wed, 03 Feb 2021 01:56:48 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5902 0
0 15379ms
30ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 03 Feb 2022 01:57:00 GMT
Date: Wed, 03 Feb 2021 01:57:00 GMT
Connection: keep-alive

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D7F 0
0 3194ms
47ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=61977
Expires: Wed, 03 Feb 2021 19:09:45 GMT
Date: Wed, 03 Feb 2021 01:56:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame B613 0
0 3133ms
27ms Document
text/html 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 03 Feb 2021 01:56:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 checksync.php
contextual.media.net/ Frame B050 0
0 1183ms
70ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13

Requested by

Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?cid=8CU8HDVRS&cs=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sat, 07 Aug 2021 01:56:46 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Fri, 05 Feb 2021 01:56:46 GMT
date: Wed, 03 Feb 2021 01:56:46 GMT
content-length: 7896

GET pd
u.openx.net/w/1.0/ Frame BD71 0
0

GET
H2 200 iframe
sync.teads.tv/ Frame FE7E 0
0 1224ms
74ms Document
text/html 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe
Requested by: Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.19.01600444727688/ata.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 153
expires: Wed, 03 Feb 2021 01:56:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 03 Feb 2021 01:56:46 GMT
set-cookie: tt_bluekai=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Tue, 02 Feb 2021 00:56:46 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None

GET
H/1.1 200
OK pixel
s.pubmine.com/ 43 B
276 B 46ms
46ms Image
image/gif 79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.pubmine.com/pixel?id=15&type=img
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26ri...
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f...
https://s.pubmine.com/match?bidder_id=12&external_user_id=17903821785207866523&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=

43 B
717 B

389ms
44ms

Image
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=12&external_user_id=17903821785207866523&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif

Redirect headers

location: https://s.pubmine.com/match?bidder_id=12&external_user_id=17903821785207866523&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
date: Wed, 03 Feb 2021 01:56:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.pubmine.com%252Fmatch%253Fbidder_id%253D10%2526external_user_id%253D%2524UID%2526ssp_data%253D287fe991-806c-4157-a35c-094314e5962f%2526...
https://s.pubmine.com/match?bidder_id=10&external_user_id=2752708575326948989&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=

43 B
750 B

158ms
47ms

Image
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=10&external_user_id=2752708575326948989&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:45 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: 29104d39-ac26-4bc9-9f8f-b82f90fb4875
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.pubmine.com/match?bidder_id=10&external_user_id=2752708575326948989&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&us_privacy=&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://pixel.advertising.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=&apid=UP11bdc753-65c3-11eb-bef2-025cf823f9be
https://ups.analytics.yahoo.com/ups/58194/occ?ssp_data=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=&apid=UP11bdc753-65c3-11eb-bef2-025cf823f9be&verify=true
https://s.pubmine.com/match?bidder_id=7&external_user_id=UP11bdc753-65c3-11eb-bef2-025cf823f9be&gdpr=0&gdpr_consent=

43 B
366 B

243ms
43ms

Image
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=7&external_user_id=UP11bdc753-65c3-11eb-bef2-025cf823f9be&gdpr=0&gdpr_consent=
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif

Redirect headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.pubmine.com/match?bidder_id=7&external_user_id=UP11bdc753-65c3-11eb-bef2-025cf823f9be&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=287fe991-806c-4157-a35c-094314e5962f&user_id=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=wordpress&ssp_data=287fe991-806c-4157-a35c-094314e5962f&user_id=287fe991-806c-4157-a35c-094314e5962f&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp=wordpress&gdpr=0&gdpr_consent=

43 B
324 B

3115ms
49ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp=wordpress&gdpr=0&gdpr_consent=
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp=wordpress&gdpr=0&gdpr_consent=
date: Wed, 03 Feb 2021 01:56:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D7842308...
https://s.pubmine.com/match?bidder_id=1&external_user_id=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&gdpr=0&gdpr_consent=&us_privacy=

43 B
570 B

48ms
47ms

Image
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:47 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif

Redirect headers

location: https://s.pubmine.com/match?bidder_id=1&external_user_id=2c10192f-76aa-4a9e-9978-241ba162ebda&ssp_data=287fe991-806c-4157-a35c-094314e5962f&rid=784230874304&gdpr=0&gdpr_consent=&us_privacy=
date: Wed, 03 Feb 2021 01:56:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 /
ssc-cms.33across.com/ps/ 0
72 B 3450ms
148ms Image
text/plain 67.202.110.23
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3D287fe991-806c-4157-a35c-094314e5962f%26rid%3D784230874304%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.23 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP003 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-33x-status: 2020008
date: Wed, 03 Feb 2021 01:56:49 GMT
server: 33XP003

GET
BLOB 200
OK ea9aa304-a98f-4e7a-b16b-7316d2ac9087
http://daffodil-ruddy-run.glitch.me/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://daffodil-ruddy-run.glitch.me/ea9aa304-a98f-4e7a-b16b-7316d2ac9087
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 1567
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 85ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 05:55:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 72105
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Wed, 02 Feb 2022 05:55:00 GMT

GET
H/1.1 200
OK defaultSkin.min.js Show response
choupsee.com/pfe/current/ 56 KB
19 KB 38ms
38ms Fetch
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/defaultSkin.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 1 Show response
servicer.adskeeper.com/1056221/ 2 KB
2 KB 65ms
64ms Script
application/x-javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1056221/1?w=1600&h=90&cols=3&pv=5&cbuster=1612317405077984250583&uniqId=09d31&consentData=&gdprApplies=false&uspString=1YNY&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&lu=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pageView=1&pvid=177659b2f96b8e6acd2&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94aec9e75f97a3fd9b5d8542b4aa9a1d29ef4407cb5d0cc2c9590f0ddd700258

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b8898b9c52d6e1-FRA
cf-request-id: 0807344b3a0000d6e1bda4f000000001

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 3767ms
109ms XHR
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1612317405080&sessionId=0eb9003c-c911-1f21-3a92-55daaa291ec8&url=daffodil-ruddy-run.glitch.me&cheqSource=1&cheqEvent=0&exitReason=1
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:48 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 421a266d8961c93ce2977e1afd0b4640
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK it-ui-comp-17.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 30ms
29ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-17.css
Requested by: Host: p93920.mycdn.co
URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5df7"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:45 GMT

GET
H/1.1 200
OK it-ui-comp-6.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 40ms
29ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Requested by: Host: p93920.mycdn.co
URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5da0"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:45 GMT

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 868 B
1 KB 1322ms
290ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=93920_153711_0&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DBANNER%26evp%3DtmxvfbadWlnC3mj2pwwRGQ6LqbBRdWnFOMZjcHXjAhu6TLHzQ8t6Beh99B4pVZNYZZJCxAdeOqU%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26tip%3DTrying%2520to%2520reach%2520the%2520most%2520ads%2520since%25202020&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCpte49gg66nj
Requested by: Host: p93920.mycdn.co
URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: cc095a816fdb83ec40887f87cce60adeeefcf88efd8ae1a53f1cea6a12106f5e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:47 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame 1DF2 10 KB
10 KB 127ms
126ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 43be6d69db8c2342a171bb7093f216d9dfedba7de83cd6fc834efdde1ae65b43

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:46 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK bounce-tag_80.2-1.js Show response
p93920.mycdn.co/banners/bounce/ 48 KB
18 KB 30ms
30ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-be2b"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:46 GMT

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame 87DA 37 KB
37 KB 134ms
112ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=3542x300x250x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=3542x300x250x700x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:45 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Nov 2020 17:49:07 GMT
server: cloudflare
etag: "5fbbf613-9275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bsnyqEyZNINPIf90ZWZQ50kWPmFAvPrMBiIUX99j6MiwmB11TUC%2Bg7Cw3GA2Xw2aC3vWqlvpmuQhWtRgSTG3JlKUtw34UfOhjiAqQonsag5FaObJ%2FkSzxjG2WCp%2F1w%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61b88988dc6fbee2-FRA
content-length: 37493
cf-request-id: 08073449850000bee2f9a3b000000001
expires: Fri, 05 Feb 2021 01:56:45 GMT

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame 87DA 87 KB
88 KB 111ms
110ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:45 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rR3HE6C%2FpsSd2i5kGIfFmaACx7xcjd6Ee%2Br%2B3G%2FqNmpwkdQ1JcQcc7WAbmZkb2D0kxPPHZeZZZVAn72j8JOMNNLvJhaRCA9IS6wai8CHMjcFF%2FBJuAXNcjBNYdvlQQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61b889899c8dbee2-FRA
content-length: 89476
cf-request-id: 08073449fc0000bee2d114a000000001
expires: Fri, 05 Feb 2021 01:56:45 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 87DA 275 KB
84 KB 323ms
55ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=170594
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Fri, 05 Feb 2021 01:20:00 GMT

GET
H/1.1 500
Internal Server Error invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 2304ms
80ms Script
text/html 213.196.2.1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H/1.1 200
OK st_0.a9358593947addc04e1c.js Show response
config.seedtag.com/ 89 KB
28 KB 29ms
28ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/st_0.a9358593947addc04e1c.js
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.3564459301333891
Protocol: HTTP/1.1
Server: 104.18.131.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a529384e27251d95e9d5ccfa9fe6e41302eff931ffc9d7af12ba539df036e385

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3986
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 27748
cf-request-id: 0807344c7a00002373b430d000000001
Last-Modified: Tue, 02 Feb 2021 12:49:28 GMT
Server: cloudflare
ETag: "1913089086b65c7ef961c639921b87b3"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 61b8898d8b1c2373-ZRH
Expires: Wed, 03 Feb 2021 02:56:46 GMT

GET
H/1.1 200
OK st_3.a3b183f7efb65c955e88.js Show response
config.seedtag.com/ 371 KB
99 KB 29ms
29ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/st_3.a3b183f7efb65c955e88.js
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.3564459301333891
Protocol: HTTP/1.1
Server: 104.18.131.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab0bd33fd9800e6525135b76cc1a3149642cb9e99b0433dc7ab125cf071fb408

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3986
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 100041
cf-request-id: 0807344ca600002373831df000000001
Last-Modified: Tue, 02 Feb 2021 12:49:28 GMT
Server: cloudflare
ETag: "e48ba6ef85462e3aa62b532ff2c554b6"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 61b8898ddb632373-ZRH
Expires: Wed, 03 Feb 2021 02:56:46 GMT

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
170 B 94ms
92ms Script
application/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?consentData=&gdprApplies=0&cbuster=1612317406080155480809
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:46 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: f70d2725-2f93-4db4-8cd8-693d365442e5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b8898e1dded6e1-FRA
cf-request-id: 0807344cd00000d6e1e0a77000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 3677 19 B
259 B 102ms
102ms Script
application/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1612317406083306285938
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:46 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 7962c487-adbf-4ee7-9923-f611f7847d42
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b8898eae59d6e1-FRA
cf-request-id: 0807344d2e0000d6e1a30b1000000001
server: cloudflare

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 315ms
25ms Image
image/svg+xml 104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 4889
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6BE463F6BAC5A7C1
x-amz-id-2: RArm/XP29WEXpt1na/QYRjXvNh1vZoLGeDDzh3exT1n3ePKYDPneFDIazwhil5ouns7OiCmA9m0=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 0807344cb70000cc3ec1911000000001
cf-ray: 61b8898df953cc3e-ZRH
expires: Wed, 03 Feb 2021 05:56:46 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjQ3MzE5L2U5MTkwYzIyNDA4ZjMzNGRjMGM1NDI0M2I3NzgxMmMxLmpwZw.webp
s-img.adskeeper.com/g/7679855/492x328/0x0x492x328/ 9 KB
10 KB 13ms
11ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7679855/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjQ3MzE5L2U5MTkwYzIyNDA4ZjMzNGRjMGM1NDI0M2I3NzgxMmMxLmpwZw.webp?v=1612317406-WD-oRPe68K6krX70qaB6fTNhrowncpesHfFg_qWXfpY
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73be538e125be899656978e1759da5718cb2993b55e74bee2da30497781430f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Jan 2021 12:24:16 GMT
x-mg-request-uuid: 5882cccd-17a3-4f32-8123-281869cba22b
age: 1153836
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b8898c1cabd6e1-FRA
content-length: 9528
cf-request-id: 0807344b8b0000d6e1c012d000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzU0NzAxLzc2YzQyMmI2ZmFiZWY3Y2RiNTc3YzY4MWVkY2VhN2EzLmpwZw.webp
s-img.adskeeper.com/g/7806760/492x328/157x100x1282x854/ 10 KB
10 KB 14ms
12ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7806760/492x328/157x100x1282x854/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzU0NzAxLzc2YzQyMmI2ZmFiZWY3Y2RiNTc3YzY4MWVkY2VhN2EzLmpwZw.webp?v=1612317406-15zC5gDcDCnWWNST82dI5YjymnXA2lnCgamVhCnJXnU
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e67e958ae1495d6d7bda1b310bdb24a8b68a77875d51d2254bfc97614990b4b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Dec 2020 10:02:21 GMT
x-mg-request-uuid: f58d0acf-f25d-49cb-8d47-bba66a0a6365
age: 2217984
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b8898c1ca9d6e1-FRA
content-length: 10182
cf-request-id: 0807344b8a0000d6e1aeb9a000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDIwLTAxLzI4MDYzNi8xMmFkZDg3NjkzODg2NmE3ZDMxYTlhYmM3OTJiNzczZC5qcGc.webp
s-img.adskeeper.com/g/5094911/492x328/0x0x492x328/ 16 KB
17 KB 14ms
12ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5094911/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDIwLTAxLzI4MDYzNi8xMmFkZDg3NjkzODg2NmE3ZDMxYTlhYmM3OTJiNzczZC5qcGc.webp?v=1612317406-p_N1c-HXvK2RA2y1TnqBECfk02a98lgpiSdLjLzuATo
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7b62eec10f8436af666ec3e69a71e5fa80a42d95be921a89d4e54e8781ea5f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Feb 2021 12:09:56 GMT
x-mg-request-uuid: 4039682e-007f-47d4-8c7f-88e7641388e4
age: 42762
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b8898c1caad6e1-FRA
content-length: 16870
cf-request-id: 0807344b8a0000d6e1b8baf000000001
server: cloudflare

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 87DA 56 KB
19 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55079a25ae573f90cd94a4911ef0cd5031d07c9a21281b1e2d843b5fb42b1171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "772 / 260 of 1000 / last-modified: 1612307399"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 19173
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:46 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame 87DA 331 KB
332 KB 112ms
112ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HBIk4prgOl3DpnHisHr7X968czbZ4Cdjyuq9X3oeg4UqLZjbcAes9sKHZg2oVHTYUxw4wtPqY%2BEblaXGu3mT43T7heegclr4nabw9CSwdOUJaBet2e9BiYkuiwNprg%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61b8898cbceebee2-FRA
content-length: 338715
cf-request-id: 0807344bf10000bee2cb010000000001
expires: Fri, 05 Feb 2021 01:56:46 GMT

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame 47B3 37 KB
37 KB 117ms
117ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Nov 2020 17:49:07 GMT
server: cloudflare
etag: "5fbbf613-9275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8HAPIsYk4UsP5aE%2BbP3mX81glrzjTjjEzsfM1ewCOkZSmNAhEFisuhY8G5WSlGMiINZC%2FlPL7j9YpIN3WEFkDHZeOBOeriCpEhnqABrTNBaVnT87XwGJHYjLwX4OqA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61b8898cccf0bee2-FRA
content-length: 37493
cf-request-id: 0807344c010000bee2bf899000000001
expires: Fri, 05 Feb 2021 01:56:46 GMT

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame 47B3 87 KB
88 KB 111ms
111ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EO%2BEv19v%2F2E9eIjmofLlmSa3D0OnAtgiMyShaNLCVUlgowfT%2BiTjGJL8OXSb8rwoReg%2BksV%2BZwODjfsQfsrxKdxWvg4lN9ukN03%2FVroiurWrVzMoFP57lOsrv%2F3FxA%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61b8898d9d0cbee2-FRA
content-length: 89476
cf-request-id: 0807344c810000bee2de892000000001
expires: Fri, 05 Feb 2021 01:56:46 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 47B3 275 KB
84 KB 41ms
41ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=170594
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Fri, 05 Feb 2021 01:20:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 87DA
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1
https://mug.criteo.com/sid?cpp=48v9bXxJOGhBejA4OWpsclE3TWxhTHFQSzRoaGNYQkFjYnlkOGhVRCtaS2NNOHBmMWo3OWhvUTZ0OHpiMFJFN0ZBcUlxTktOM3dEK2IyOWFBaHdxUkhTSElhNURzSUZYcDdXdTYvRjVxdThqcmJQaFhBdUQzUDJMTXEwK0...

422 B
681 B

119ms
39ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=48v9bXxJOGhBejA4OWpsclE3TWxhTHFQSzRoaGNYQkFjYnlkOGhVRCtaS2NNOHBmMWo3OWhvUTZ0OHpiMFJFN0ZBcUlxTktOM3dEK2IyOWFBaHdxUkhTSElhNURzSUZYcDdXdTYvRjVxdThqcmJQaFhBdUQzUDJMTXEwK05rbXdhOWdpdjdEK20xVjNqWkNHTVZ0dHVVSzR5SEN3YW1aSnhreGtZQW4rTWN6dzVmZWZaZFlnWVZGQXhya3kyU09yR0hUbVA2KzR5SDJqRGd5cFJlM2pSNTZRSWtudXlvRHdEM3JDTGRlVzR3VGpKQ1ErdE9PVU82a3UzcEYydXNmRzhPVjkzfA&cppv=2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8c823c0930ded9a2fcf021ead8d48f867e884b80889825aba00266f53d6d7f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 03 Feb 2021 01:56:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2296
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 03 Feb 2021 01:56:46 GMT
location: https://mug.criteo.com/sid?cpp=48v9bXxJOGhBejA4OWpsclE3TWxhTHFQSzRoaGNYQkFjYnlkOGhVRCtaS2NNOHBmMWo3OWhvUTZ0OHpiMFJFN0ZBcUlxTktOM3dEK2IyOWFBaHdxUkhTSElhNURzSUZYcDdXdTYvRjVxdThqcmJQaFhBdUQzUDJMTXEwK05rbXdhOWdpdjdEK20xVjNqWkNHTVZ0dHVVSzR5SEN3YW1aSnhreGtZQW4rTWN6dzVmZWZaZFlnWVZGQXhya3kyU09yR0hUbVA2KzR5SDJqRGd5cFJlM2pSNTZRSWtudXlvRHdEM3JDTGRlVzR3VGpKQ1ErdE9PVU82a3UzcEYydXNmRzhPVjkzfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4482
content-length: 509
expires: 0

GET
H3-Q050 200 pubads_impl_2021012801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 87DA 275 KB
97 KB 82ms
49ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99311
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:56:46 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 47B3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1
https://mug.criteo.com/sid?cpp=fyLtvHw4Y0hvd3ZBQWZGdGIvc3FUOVI2Q2srdnQ5SElyODVQUzNPT21YRldXREhvUksvRndoWXRCeGJLOWYrcGVPWVZTVjlkQVJOUWxxcFB6UzZ1aHVIRWpveW1YcElVTnVVV3RoMUFIZHRGMFNueUoxeDBEZWdoMm82Mk...

414 B
681 B

119ms
40ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fyLtvHw4Y0hvd3ZBQWZGdGIvc3FUOVI2Q2srdnQ5SElyODVQUzNPT21YRldXREhvUksvRndoWXRCeGJLOWYrcGVPWVZTVjlkQVJOUWxxcFB6UzZ1aHVIRWpveW1YcElVTnVVV3RoMUFIZHRGMFNueUoxeDBEZWdoMm82MkNFbmhQaFlTM2cxRUNHTk4zc1NnTlZXU1ZtWTZhQlI5OStMalBQRXlEY28yNUpldUNMZUQ2Q2VwWDFCRnVTUDdSdE1tY2hkQlZyaitHcjN1VHNxZndodzVwYUI0a0lmZ1lRNTUrZytVb0pFZmNXTHEwMlN0Z1cxVnJMSXlFbGVoTGpKWThSZ1BrfA&cppv=2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a4ef497ceb5789c5d92f74eabf1007e4fc3f6e751c0321d37a28ef1466ae344a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 03 Feb 2021 01:56:46 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2299
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 03 Feb 2021 01:56:46 GMT
location: https://mug.criteo.com/sid?cpp=fyLtvHw4Y0hvd3ZBQWZGdGIvc3FUOVI2Q2srdnQ5SElyODVQUzNPT21YRldXREhvUksvRndoWXRCeGJLOWYrcGVPWVZTVjlkQVJOUWxxcFB6UzZ1aHVIRWpveW1YcElVTnVVV3RoMUFIZHRGMFNueUoxeDBEZWdoMm82MkNFbmhQaFlTM2cxRUNHTk4zc1NnTlZXU1ZtWTZhQlI5OStMalBQRXlEY28yNUpldUNMZUQ2Q2VwWDFCRnVTUDdSdE1tY2hkQlZyaitHcjN1VHNxZndodzVwYUI0a0lmZ1lRNTUrZytVb0pFZmNXTHEwMlN0Z1cxVnJMSXlFbGVoTGpKWThSZ1BrfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5829
content-length: 509
expires: 0

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 47B3 56 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55079a25ae573f90cd94a4911ef0cd5031d07c9a21281b1e2d843b5fb42b1171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "772 / 252 of 1000 / last-modified: 1612307399"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 19173
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:46 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame 47B3 331 KB
332 KB 119ms
117ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=brS%2BZZSqyi8v5GAZvRqnbDvhvRq3Pxf1hDoDNl5xVqEmoTOlkthx8WgpObNvC%2BmABEqE%2BxD9DPIJLTklZS6KlGHpvdXuaRNnXv25YKHLvRH%2BZGVX55481mYYVclyfQ%3D%3D"}]}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61b8898fdd67bee2-FRA
content-length: 338715
cf-request-id: 0807344de40000bee2f08a1000000001
expires: Fri, 05 Feb 2021 01:56:46 GMT

GET
H3-Q050 200 pubads_impl_2021012801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 47B3 275 KB
97 KB 42ms
42ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99311
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:56:46 GMT

GET
H2 200 c
c.adskeeper.com/ 43 B
291 B 58ms
51ms Image
image/gif 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=310|81|8|lzYMwwKSNY8ifYNLq6BDDGiuaoG6aBT0kzNZf6yWebh3fvVUDZbeLSFduZ-dACiA&fw=1&extjs=66044&v=310|81|8|hes20aDHA1TdYyUwFD4zA1aESMULTBtu8bdkZFL7hvF17xR5NuYDjyo9BEpElQTo&v=310|81|8|OYLfUJXQuf4z_PMdE5AGgqbo-Q1LxDsJO5rVFE4RjYWa7v77gAf3mF34AJUiTbDG&cid=1056221&h2=0lzMjKYr_ik_zXAf0qhM7ZeiDhk8dWuQGYkVzfgIP58*&rid=12072908-65c3-11eb-a6e4-d094662c24f7&tt=Direct&iv=11&pageImp=1&cbuster=1612317407207571030016&tpl=0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:47 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d68a2d6e-94fb-48e9-9644-64c7eebad408
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b88993196cd6e1-FRA
cf-request-id: 0807344ff10000d6e1c295e000000001
server: cloudflare

GET
H/1.1 200
OK it-banner-frame.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 1CB6 2 KB
1 KB 29ms
29ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p93920.mycdn.co
URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:47 GMT

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 888 B
1 KB 162ms
162ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=405661_796127_3&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp405661.mycdn.co&bs=6&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DFLOATING_BANNER%26evp%3DtmxvfbadWlnC3mj2pwwRGQ6LqbBRdWnFOMZjcHXjAhu6TLHzQ8t6BRmt9rIFE8FPZZJCxAdeOqU%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26tip%3DTrying%2520to%2520reach%2520the%2520most%2520ads%2520since%25202020&pid=405661&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCyz69x0ol6ke
Requested by: Host: p93920.mycdn.co
URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 36fb56496d83dc79446cb58a10c83c6e48ab62308f02c2ee7e031b45014eae24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:47 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dpp_orange_ad_17x_en_new2.gif
p93920.mycdn.co/ext/onn/clean1/ Frame 1CB6 8 KB
8 KB 283ms
32ms Image
image/gif 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p93920.mycdn.co/ext/onn/clean1/dpp_orange_ad_17x_en_new2.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4d1b9cc56d380450f7ecc45545d904718721de5e3303f538767c083f64052f5d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:47 GMT
last-modified: Mon, 05 Feb 2018 08:27:38 GMT
server: NetDNA-cache/2.2
etag: "5a78157a-1e6f"
x-cache: HIT
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 7791
expires: Sat, 29 Jan 2022 01:56:47 GMT

GET
H/1.1 200
OK it-banner-frame.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 5A8A 2 KB
1 KB 29ms
29ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p93920.mycdn.co
URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 29 Jan 2022 01:56:47 GMT

GET
H2 200 coffee_6x.gif
p405661.mycdn.co/ext/onn/floating/ Frame 5A8A 17 KB
17 KB 90ms
29ms Image
image/gif 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p405661.mycdn.co/ext/onn/floating/coffee_6x.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 06220b8826c3e80c952771ee5089af5478ea84da32ca2e707152b0d2ae0f3f8f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:47 GMT
last-modified: Mon, 05 Feb 2018 08:26:33 GMT
server: NetDNA-cache/2.2
etag: "5a781539-441f"
x-cache: HIT
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 17439
expires: Sat, 29 Jan 2022 01:56:47 GMT

GET
H/1.1 200
OK brainberries.co.147802.js Show response
jsc.mgid.com/b/r/ Frame 8BDB 239 KB
71 KB 3079ms
27ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=121131
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32da56494c9fe7298767c0385addffd7605b42a7f1b9ca4fc9855e83d8d1046

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:51 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 2095
Cf-Polished: origSize=244413
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 269AA39F7BC6BA9E
x-amz-id-2: +EjZZY63g5oRw3hMzrfNUQILHN8gYiaFNjvhhuvJ9MKha0FVWChEQuTLgvEhNH8wlqys6eYcZks=
Last-Modified: Wed, 20 Jan 2021 08:46:56 GMT
Server: cloudflare
ETag: W/"8b10485b21f610c870620aab939693ae"
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Wed, 03 Feb 2021 04:56:51 GMT
Cache-Control: public, max-age=10800
cf-request-id: 0807345ff6000023c788931000000001
CF-RAY: 61b889acbf8e23c7-ZRH
Cf-Bgj: minify

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 81 KB
23 KB 53ms
28ms Script
application/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 7442
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 0807345416000018e5259e3000000001
x-trace-id: 3f0b27b1967eb85172fc754cdea66b07
pragma: no-cache
last-modified: Thu, 21 Jan 2021 10:53:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Enm0aOaKsnYHm%2BHSQO2gv%2FoHtY2db4X9YWg%2BAiIlWGg1NuMaoJtpNEwNqtVgLHdVUO2T%2FVnPtUW%2FuFXcftlv8bUzsU6l4%2B%2F6jkYt9OLOlEKnDfjuVhAT%2B60o"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 61b88999ba0618e5-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Wed, 03 Feb 2021 23:52:46 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
64 KB 133ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a4c374a18d10967b71543b3c9ebb9f63e3fff210d18d393d2dac99b16335b6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:48 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 17:16:20 GMT
etag: "601967ea-ffaa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65450
expires: Wed, 03 Feb 2021 02:56:48 GMT

GET
H/1.1 200
OK Cookie set session.html
api.bam-x.com/api/v0/ Frame 4422 0
0 15813ms
125ms Document
text/html 54.163.245.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bam-x.com/api/v0/session.html

Requested by

Host: static.narrativ.com
URL: https://static.narrativ.com/tags/verge.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.163.245.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Host: api.bam-x.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-None-Match,If-Modified-Since,X-BAM-Params
Access-Control-Allow-Methods: DELETE,GET,POST,PUT,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Allow: DELETE,GET,POST,PUT,OPTIONS
Cache-Control: private, max-age=999999999, must-revalidate, proxy-revalidate
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Feb 2021 01:57:04 GMT
ETag: 1731212651847650571
P3P: CP="NON DSP COR ADMo DEVo TAIo PSA PSDo OUR BUS CNT"
Server: nginx/1.18.0
Set-Cookie: uid_bam=1731212651847650571; expires=Wed, 03 Aug 2022 01:08:04 GMT; path=/; domain=bam-x.com; SameSite=None; Secure
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Robots-Tag: noindex, follow
Content-Length: 470
Connection: keep-alive

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 276 B
451 B 400ms
54ms Script
text/html 54.171.42.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=3645823656&tf=Id8O-DxRgoC-xFQTS-CSa7H-XSSptC-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTBBRmsqbKW8BsrBB0rCFEBBCRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCBBBBBiBBBE6Bkg7OxBb8MxOtJYHCBBBBBBBBBC9YBoBXckXBR76iUUsJBCBBBBBBBBBBBSqjBBBBZeGV2BBBCMcBUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBBBBBBBBBBBBBBBBBBBhcjG6BBJMBBBBk8BwCBQmIosBBCzBz1BBCTCBBBBbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pcode=voxprebidheader841653991752&callback=MoatNadoAllJsonpRequest_79048733
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/voxprebidheader841653991752/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.42.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: TornadoServer/4.5.3 /
Resource Hash: c5e6d06003d613b32f80e5f55b4f3697775fa7731ebe315e4d767361ccbce03c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:48 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "cbb87f20422c00faa07cc88691ee5d9a56566535"
content-length: 276
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 35ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1612317408256&de=118998761268&d=VOX_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=bc59078-clean&iw=4cbf52f&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=glitch.me&bd=daffodil-ruddy-run.glitch.me&ac=1&bq=11&f=0&na=1691839882&cs=0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:48 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 Feb 2021 01:56:48 GMT

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 0147 0
0 77ms
25ms Document
text/html 2a0c:5c81:5160::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5160::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: VertaMedia 1.0
Date: Wed, 03 Feb 2021 01:56:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 650
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 530 /
ssp.zryydi.com/bid/ 0
0 6205ms
73ms Script
text/html 104.21.20.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1612317408370
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sh-overlay.css
cdn.shorte.st/css/ 3 KB
1 KB 17ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/css/sh-overlay.css
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2030
cf-request-id: 08073454750000dfa5ba2b5000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c%2FUOwiJrlQTkycfYlSIHPWl%2B9N0jn1MPXRVVFRzZ1%2BBDjeIO88mm2xCrERAYe5OewgZS%2Bge2vqGMLfCZCHJu68YLBTDbNkY0J650isceYaAK3n6E5Xp1uncW"}],"group":"cf-nel"}
content-type: text/css
x-server-id: shn05
cache-control: max-age=14400
cf-ray: 61b8899a5b9edfa5-FRA
expires: Wed, 03 Feb 2021 02:22:58 GMT

GET
DATA 200
OK truncated
/ Frame F836 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
choupsee.com/ Frame 0
0 34ms
34ms Other
text/plain 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
choupsee.com/ 39 B
502 B 35ms
35ms Fetch
application/json 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: fe0aa252873008df73a20ebfa92bb1e0
Date: Wed, 03 Feb 2021 01:56:48 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 548ms
110ms XHR
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1612317408409&sessionId=0eb9003c-c911-1f21-3a92-55daaa291ec8&url=daffodil-ruddy-run.glitch.me&cheqSource=1&cheqEvent=3&responseTime=3580
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:48 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 857c87578a38bf4f6f10df8670c877c0
Content-Length: 4
Expires: 0

OPTIONS
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/ Frame 0
0 1282ms
66ms Other
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Protocol: HTTP/1.1
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u13
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u13
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Wed, 03 Feb 2021 01:56:49 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn06
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3 Show response
api.shorte.st/start-adsession/ 74 B
844 B 1209ms
95ms XHR
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u13
Resource Hash: e3ec149aa47e842f42415f6015d5145b8a8eb6aad92019f6d6cb5873e2fb74c5

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u13
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn05
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
bedrapiona.com/5/3850577/ 3 KB
2 KB 404ms
47ms XHR
application/json 139.45.196.129
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3850577/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.196.129 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3f7b21bbae0a7e821ceb6bd89e8071ca4a75a9db1f06822961771ebf431185ad

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 6e93e6e3426cd93cf85f4161dab55c1a
Pragma: no-cache, no-cache
Date: Wed, 03 Feb 2021 01:56:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 config.json Show response
concertads-configs.vox-cdn.com/sbn/verge/ 68 KB
7 KB 3889ms
24ms XHR
application/json 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://concertads-configs.vox-cdn.com/sbn/verge/config.json
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c3400ffd759170ff306d0be6b36615f4f231f0b80c302dd635bf70aff2b08a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
content-encoding: gzip
age: 15163
via: 1.1 varnish
x-cache: HIT
x-amz-meta-surrogate-control: max-age=31536000, stale-while-revalidate=30, stale-if-error=86400
x-amz-meta-surrogate-key: concertadsconfigs
content-length: 7031
x-amz-id-2: +/ElMx6Tt7a8eBaISUzu36xxAZ5QVMpkULieqnF0k+++Iv6FdnOmlUsXdXpzU91JZ2pPwSdTHAw=
x-served-by: cache-hhn4024-HHN
last-modified: Tue, 02 Feb 2021 21:44:08 GMT
server: AmazonS3
cache-control: max-age=3600
x-timer: S1612317412.327523,VS0,VE0
etag: "f944a28b25ffdffa084930cb33d8d67f"
vary: Accept-Encoding
geo-connection-speed: broadband
x-amz-request-id: FB76DF7977EC845B
access-control-allow-origin: *
access-control-expose-headers: geo-region, geo-connection-speed, geo-metro
geo-metro: -1
geo-region: CH-VS
accept-ranges: bytes
content-type: application/json
x-cache-hits: 116

GET
H2

200

1 Show response
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A1505%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A1505%3Afu%3A0%3Aen%3A...

186 B
268 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A1505%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025648%3Aet%3A1612317408%3Ac%3A1%3Arn%3A768251138%3Arqn%3A1%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612317402117%3Awv%3A2%3Ads%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5675%2C52%2C%2C%2C%2C6235%3Adsn%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5363%2C52%2C%2C%2C%2C6235%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612317409%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 03-Feb-2021 01:56:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:48 GMT
last-modified: Wed, 03-Feb-2021 01:56:48 GMT
location: /watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afp%3A1505%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025648%3Aet%3A1612317408%3Ac%3A1%3Arn%3A768251138%3Arqn%3A1%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612317402117%3Awv%3A2%3Ads%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5675%2C52%2C%2C%2C%2C6235%3Adsn%3A12%2C17%2C428%2C314%2C0%2C0%2C%2C5363%2C52%2C%2C%2C%2C6235%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612317409%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:48 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:48 GMT
last-modified: Tue, 02 Feb 2021 17:16:20 GMT
etag: "601967ea-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 03 Feb 2021 02:56:48 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 87DA 3 KB
3 KB 117ms
117ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v486
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:48 GMT
Last-Modified: Mon, 06 Jul 2020 13:30:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f032768-a4e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2638
Expires: Fri, 05 Feb 2021 01:56:48 GMT

GET
H/1.1 200
OK top-close-2.png
p405661.mycdn.co/img/new-comp/ 1 KB
1 KB 29ms
29ms Image
image/png 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p405661.mycdn.co/img/new-comp/top-close-2.png
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9

Request headers

Referer: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:48 GMT
Last-Modified: Mon, 14 Nov 2016 16:34:57 GMT
Server: NetDNA-cache/2.2
ETag: "5829e7b1-464"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1124
Expires: Sat, 29 Jan 2022 01:56:48 GMT

GET
H2 400 /
trends.revcontent.com/api/demand/ 0
0 1170ms
59ms Fetch
text/html 54.194.111.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=1&us_privacy=1YNY

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.111.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
date: Wed, 03 Feb 2021 01:56:49 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 sync Show response
trends.revcontent.com/ 62 B
489 B 1158ms
48ms Fetch
application/json 54.194.111.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.111.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6898b63176fe3c75101ebc6d7c7fa98e13b119845679c40037f366970363b7d1

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:49 GMT
etag: "5fa4e43d-a1ef-4d7c-84f0-b69374448b9e"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials: true
content-type: application/json
content-length: 62

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 87DA 0
230 B 1091ms
32ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:49 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET rid
match.adsrvr.org/track/ Frame 87DA 0
0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 47B3 0
46 B 1068ms
33ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:49 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET rid
match.adsrvr.org/track/ Frame 47B3 0
0

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=1&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=358957053&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317409%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025648%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317409

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:48 GMT
last-modified: Wed, 03-Feb-2021 01:56:48 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:48 GMT

GET
H/1.1 200
OK 3850575 Show response
inpagepush.com/400/ 78 KB
28 KB 8432ms
55ms Script
application/javascript 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3850575

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8e6f00879f46ce04876cbb9e18170bf5df890b15d7af2581cff67ab1b847b48e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 39982f6a46d3c2bf21b2c8657b7a4dc5
Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:57 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 1 Show response
toglooman.com/ 7 KB
4 KB 1168ms
36ms Script
text/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3850576
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: da9e101f0aa65abdd2b3f670a62d7fd5b4963f9c97ab738893b540e7e6274885

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:50 GMT
Content-Encoding: gzip
X-Sc: I4-jZRx-BVRbNV6_g_VA1kYFGOITom8JBqnYgXfQCqEDgVtECMuFpobEWHwUVvEq1lldX7JOkGU_O16sYJsWhvGmctc=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame 07AF 0
0 7371ms
60ms Document
text/html 139.45.197.61
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://onmarshtompor.com/fac.php

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.61 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:56 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 109a960b674d1b47bc6d1a94cbafe290
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 87DA 36 B
652 B 1646ms
214ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v486
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:50 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Fri, 05 Feb 2021 01:56:50 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 47B3 3 KB
3 KB 118ms
117ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v915
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
Last-Modified: Mon, 06 Jul 2020 13:30:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f032768-a4e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2638
Expires: Fri, 05 Feb 2021 01:56:50 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 615ms
55ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=2&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=634102415&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317409%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025648%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317409

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:49 GMT
last-modified: Wed, 03-Feb-2021 01:56:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:49 GMT

POST
H2 204 e Show response
s.seedtag.com/e/ 0
296 B 80ms
35ms XHR
text/plain 34.96.106.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/e
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/st_3.a3b183f7efb65c955e88.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:49 GMT
via: 1.1 google
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 sync Show response
gum.criteo.com/ 56 B
378 B 65ms
22ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=446&r=2&j=revCriteoRTUSCallback&us_privacy=1YNY

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 03 Feb 2021 01:56:49 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 2277
content-length: 172
expires: 60

GET
H2 404 / Show response
trends.revcontent.com/api/delivery/ 0
464 B 63ms
63ms Fetch
text/html 54.194.111.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?w=1&width=1600&us_privacy=1YNY&rev_allow_cookies=1&site_url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&va=1&user_uuid=5fa4e43d-a1ef-4d7c-84f0-b69374448b9e&time=1612317409748&up=pc&bn=chrome&bv=83

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.111.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:49 GMT
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0

POST
H2

204

generic
trends.revcontent.com/event/
Redirect Chain

http://trends.revcontent.com/event/generic
https://trends.revcontent.com/event/generic

0
0

141ms
47ms

Fetch

54.194.111.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.111.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: null
date: Wed, 03 Feb 2021 01:56:49 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

Redirect headers

Location: https://trends.revcontent.com/event/generic
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 47B3 36 B
652 B 349ms
117ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v915
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:50 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Fri, 05 Feb 2021 01:56:50 GMT

GET
H/1.1 200
OK 5e0c62983eb804100fd078d0ec79e214 Show response
toglooman.com/27/ 361 KB
119 KB 75ms
57ms Script
application/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://toglooman.com/27/5e0c62983eb804100fd078d0ec79e214

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3850576

Protocol

HTTP/1.1

Server

139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7598ffa91ced645d5ddb6b0ab9deffefb46701aad1345d4e75e10cfdeb73ec57

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Feb 2021 09:57:04 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age:290304000, public
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 03 Mar 2081 09:57:04 GMT

GET
H/1.1 200
OK 38 Show response
toglooman.com/42/ 0
903 B 74ms
56ms Script
text/plain 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://toglooman.com/42/38?z=3850576
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3850576
Protocol: HTTP/1.1
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Sc: 3p7_DyHpb5x80WaO6DV6gDlNA14M_4ib03w37lfsOPiUkY4grlL2z2cug3MuUfNgiP-z1M_qxko-mxElUHN6IfSZKUc=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 87ms
87ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=3&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=575487310&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317411%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025650%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317411

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:50 GMT
last-modified: Wed, 03-Feb-2021 01:56:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:50 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 86ms
86ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=1&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=214596053&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1612317411%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025650%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317411

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:50 GMT
last-modified: Wed, 03-Feb-2021 01:56:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:50 GMT

OPTIONS
H/1.1 204
No Content 9
toglooman.com/ Frame 0
0 68ms
50ms Other 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://toglooman.com/9?z=3850576&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=35&sah=1200&drf=&hil=2&ist=0
Protocol: HTTP/1.1
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 33ms
16ms Script
application/javascript 2606:4700:20::681a:87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: http://toglooman.com/27/5e0c62983eb804100fd078d0ec79e214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 1122
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oXnY2mbw5C%2FSQ2xNg7asODyWGF6VaqVo3QPmwkoWgDllQ7Rwo14ZZax4Y7oTz8eX6ogFHv9kPKvu%2F6Wn1SLzr2Uf6RHWgI02I%2BfeqRBadBa8zOV1L760muP9I63gQVLP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 61b889a9dbbf2b59-FRA
cf-request-id: 0807345e2b00002b593c877000000001

POST
H/1.1 204
No Content 9 Show response
toglooman.com/ 0
965 B 38ms
38ms XHR
application/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://toglooman.com/9?z=3850576&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=35&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: http://toglooman.com/27/5e0c62983eb804100fd078d0ec79e214
Protocol: HTTP/1.1
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Sc: dfdnHzjcFZA1n_Tey0IIvrmoHbmcx5OkqalvzZUO4Ksk9pMCKty2MaKmtd8mCpKMYKl1WY4kNHTWeBUNJv95gB2aShU=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 19ms
13ms Image
image/png 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 5087
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:50 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 19ms
13ms Image
image/png 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 5969
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:50 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
14 KB 14ms
13ms Image
image/png 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 13504
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:50 GMT

GET
H/1.1 200
OK googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 14ms
13ms Image
image/png 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 7048
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:50 GMT

GET
H/1.1 200
OK googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 14ms
13ms Image
image/png 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:50 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 3934
X-XSS-Protection: 0
Expires: Wed, 03 Feb 2021 01:56:50 GMT

OPTIONS
H/1.1 200
OK 037d5b445267f394e2e343ff39cd271eeaf0c08a
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ Frame 0
0 67ms
67ms Other
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/037d5b445267f394e2e343ff39cd271eeaf0c08a
Protocol: HTTP/1.1
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u13
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u13
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Wed, 03 Feb 2021 01:56:50 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn05
X-UA-Compatible: IE=Edge

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2567
date: Wed, 03 Feb 2021 01:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 03:14:03 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 037d5b445267f394e2e343ff39cd271eeaf0c08a Show response
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ 457 B
1 KB 81ms
81ms XHR
text/html 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/037d5b445267f394e2e343ff39cd271eeaf0c08a
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u13
Resource Hash: 21c5315b3afaea940bc3fd4e14e646602555a1745a1c2605fa2579a32a5adff1

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/html

Response headers

Date: Wed, 03 Feb 2021 01:56:51 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u13
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn10
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type
X-UA-Compatible: IE=Edge

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
397 B 45ms
12ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=801577181&t=pageview&_s=1&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&_u=YEBAAEABAAAAAC~&jid=1578593206&gjid=39000295&cid=1808149050.1612317411&tid=UA-42296749-1&_gid=714612062.1612317411&_r=1&_slc=1&z=201227070

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

display.php
www.tradeadexchange.com/a/ Frame DD5D
Redirect Chain

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.pro...
http://www.tradeadexchange.com/a/display.php?r=1329377

0
0

167ms
143ms

Document
text/html

35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tradeadexchange.com/a/display.php?r=1329377
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Host: www.tradeadexchange.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: openresty
Date: Wed, 03 Feb 2021 01:56:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google

Redirect headers

Date: Wed, 03 Feb 2021 01:56:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dae1ad6ba82cb230122b16780108647931612317411; expires=Fri, 05-Mar-21 01:56:51 GMT; path=/; domain=.shorte.st; HttpOnly; SameSite=Lax
X-Powered-By: PHP/5.6.40-0+deb8u13
Cache-Control: no-cache
Location: http://www.tradeadexchange.com/a/display.php?r=1329377
X-Server-ID: shn13
X-UA-Compatible: IE=Edge
CF-Cache-Status: DYNAMIC
cf-request-id: 0807345f0400002c2e82944000000001
Report-To: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Sf5Yiqm25vVItI5aG95Z8VfRFymZARF48%2BjFMd7KRtbt4iELFCoqBAUT3vYt9QpSJUsWd6bNSrg9YuKJWjaJm3dBkJprj7LBTBeQvwgJJrNwPfkS21Xqm7B"}],"group":"cf-nel"}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 61b889ab381d2c2e-FRA

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 1027ms
25ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 3141
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 08073464d80000cc3ec589f000000001
cf-ray: 61b889b48b30cc3e-ZRH

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1 Show response
servicer.mgid.com/147802/ 3 KB
2 KB 621ms
80ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/147802/1?w=1600&h=356&p4_w=384&p4_h=309&cols=4&pv=5&cbuster=1612317411594422680611&consentData=&gdprApplies=false&uspString=1YNY&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&lu=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pageView=1&pvid=177659b490aac70b512&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=121131
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6718dc129304e05746ba4da1930c9ecd29377901b2642bff56bb3664cf73995f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b889b1fa0dcc3e-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08073463370000cc3e009a2000000001

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 1087ms
50ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:53 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
414 B 3183ms
130ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Wed, 03 Feb 2021 01:56:56 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 15:39:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 555432
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15556
x-xss-protection: 0
expires: Thu, 27 Jan 2022 15:39:40 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmZjUwZTQ1ZGU4MTExMDA5YTdhYjRjZDExNzVmZGQyLmpwZWc.webp
s-img.mgid.com/g/4020992/492x328/0x0x866x577/ 30 KB
31 KB 52ms
49ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4020992/492x328/0x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmZjUwZTQ1ZGU4MTExMDA5YTdhYjRjZDExNzVmZGQyLmpwZWc.webp?v=1612317412-ePcOydm8jm9TDfcunZii9fNsyPoGCJSBZIoQXL1nvlg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c716b68360c247989e2383ba19cdc06b1ea297aa5e3b452a85a14de63bba8f7

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: 768c703d-bfcf-4b9f-ab68-0a475ede1ba4
age: 688163
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31114
cf-request-id: 08073463a50000cc3e9e2a2000000001
last-modified: Mon, 05 Oct 2020 11:25:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b2aa5bcc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp
s-img.mgid.com/g/4039677/492x328/44x0x754x502/ 20 KB
20 KB 26ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4039677/492x328/44x0x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1612317412-mf_Qz8LOjUQ5WE20qRAa7izEhO0oQaZTPZAHes5NtUA
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed7d86ba9aca466e54279e04325a18d0b821488564034f9d0f1ffc7829fee56

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: e7f75e96-08cd-432d-b4ee-fc0738defce9
age: 7697691
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20194
cf-request-id: 08073463a50000cc3ebb188000000001
last-modified: Mon, 05 Oct 2020 11:22:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b2aa5acc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.mgid.com/g/5523139/492x328/135x0x1062x708/ 18 KB
18 KB 44ms
41ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1612317412-v2i85osBoKuq1Y8RAGXVsxYOKppNVENfJmj0IOmSjwI
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac7590b017690e12746846c2498d60c1d205bf7006236c21df207bfee4a5d48

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4e750d4a-bf82-42b7-9fba-5ec7c36a717b
age: 7701159
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18000
cf-request-id: 08073463a50000cc3eb48bb000000001
last-modified: Mon, 05 Oct 2020 11:23:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b2aa5ccc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.mgid.com/g/5097658/492x328/0x105x650x433/ 15 KB
15 KB 25ms
25ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097658/492x328/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1612317412-7_psHFQMS3rtLhEOMhEVeH4nn5kSUX5hdrSXvvjPTEw
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3b5451f6-4f2c-4d62-9395-3d749a9629c6
age: 7688794
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14944
cf-request-id: 08073463cf0000cc3e9d2d9000000001
last-modified: Sun, 04 Oct 2020 08:22:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b2ea7ccc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmZjUwZTQ1ZGU4MTExMDA5YTdhYjRjZDExNzVmZGQyLmpwZWc.webp
s-img.mgid.com/g/4020992/492x328/0x0x866x577/ Frame 8BDB 30 KB
30 KB 24ms
23ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4020992/492x328/0x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2FmZjUwZTQ1ZGU4MTExMDA5YTdhYjRjZDExNzVmZGQyLmpwZWc.webp?v=1612317412-ePcOydm8jm9TDfcunZii9fNsyPoGCJSBZIoQXL1nvlg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c716b68360c247989e2383ba19cdc06b1ea297aa5e3b452a85a14de63bba8f7

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: 768c703d-bfcf-4b9f-ab68-0a475ede1ba4
age: 688163
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31114
cf-request-id: 08073463d60000cc3ef735b000000001
last-modified: Mon, 05 Oct 2020 11:25:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b2fa81cc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp
s-img.mgid.com/g/4039677/492x328/44x0x754x502/ Frame 8BDB 20 KB
20 KB 25ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4039677/492x328/44x0x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1612317412-mf_Qz8LOjUQ5WE20qRAa7izEhO0oQaZTPZAHes5NtUA
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed7d86ba9aca466e54279e04325a18d0b821488564034f9d0f1ffc7829fee56

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: e7f75e96-08cd-432d-b4ee-fc0738defce9
age: 7697691
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20194
cf-request-id: 08073463e20000cc3eb48bd000000001
last-modified: Mon, 05 Oct 2020 11:22:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b30a89cc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.mgid.com/g/5523139/492x328/135x0x1062x708/ Frame 8BDB 18 KB
18 KB 24ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1612317412-v2i85osBoKuq1Y8RAGXVsxYOKppNVENfJmj0IOmSjwI
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac7590b017690e12746846c2498d60c1d205bf7006236c21df207bfee4a5d48

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4e750d4a-bf82-42b7-9fba-5ec7c36a717b
age: 7701159
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18000
cf-request-id: 08073463eb0000cc3ec82c6000000001
last-modified: Mon, 05 Oct 2020 11:23:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b31a93cc3e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.mgid.com/g/5097658/492x328/0x105x650x433/ Frame 8BDB 15 KB
15 KB 24ms
24ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097658/492x328/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1612317412-7_psHFQMS3rtLhEOMhEVeH4nn5kSUX5hdrSXvvjPTEw
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:52 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3b5451f6-4f2c-4d62-9395-3d749a9629c6
age: 7688794
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14944
cf-request-id: 08073463f40000cc3ee2ac3000000001
last-modified: Sun, 04 Oct 2020 08:22:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889b31a98cc3e-ZRH

GET
H2 404 aHR0cDovL2RhZmZvZGlsLXJ1ZGR5LXJ1bi5nbGl0Y2gubWUv.json Show response
cdn.concert.io/lookup/ 26 B
163 B 712ms
410ms XHR
application/json 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.concert.io/lookup/aHR0cDovL2RhZmZvZGlsLXJ1ZGR5LXJ1bi5nbGl0Y2gubWUv.json

Requested by

Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

61a755ce43dd14b2cc237f369f9ffa77fb245071d6401725f57e34c69a39f16d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
vary: Origin
content-length: 26
x-xss-protection: 1; mode=block
x-request-id: 4933f683-6ee7-4aed-9444-281d8c390f53
x-served-by: cache-hhn4064-HHN
x-runtime: 0.006355
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-timer: S1612317413.673791,VS0,VE386
x-frame-options: SAMEORIGIN
date: Wed, 03 Feb 2021 01:56:53 GMT
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600, public, s-maxage=86400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 client.json Show response
cdn.concert.io/lookup/ 275 B
780 B 699ms
397ms XHR
application/json 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.concert.io/lookup/client.json

Requested by

Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.124 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 0
x-cache: MISS
vary: Origin
content-length: 275
x-xss-protection: 1; mode=block
x-request-id: 71a48ac6-33ed-4a3d-879f-f3afe88ce0bb
x-served-by: cache-hhn4064-HHN
x-runtime: 0.010072
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-timer: S1612317413.674067,VS0,VE374
x-frame-options: SAMEORIGIN
date: Wed, 03 Feb 2021 01:56:53 GMT
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600, public, s-maxage=3600
etag: W/"f3caeb1688453aaa314d1d7f087b3370"
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 segment Show response
cdn.concert.io/segments/v1.0/ 39 B
263 B 523ms
222ms XHR
application/json 199.232.196.124
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/segments/v1.0/segment
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: uvicorn /
Resource Hash: 46a12b27b07a3f35985806c6a290ca654d3284c49913de8c07f143ab26c2aa8a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:52 GMT
via: 1.1 varnish
server: uvicorn
x-timer: S1612317413.674066,VS0,VE198
x-served-by: cache-hhn4064-HHN
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
accept-ranges: bytes
content-length: 39
x-cache-hits: 0

GET
H/1.1 200
OK 183789-71940066017360.js Show response
js-sec.indexww.com/ht/p/ 40 KB
14 KB 2343ms
527ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 79996d3e643a3c4bda5a4c238f64a9c3082b4451764d43bc716976336253edb5

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 01:56:24 GMT
Server: Apache
ETag: "da3dd2-9ec7-5ba64e4fe5688"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3557
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13574
Expires: Wed, 03 Feb 2021 02:56:11 GMT

GET
H/1.1 200
OK 7470_Vox_Verge_Prebid_DM.js Show response
ads.rubiconproject.com/prebid/ 348 KB
89 KB 1090ms
31ms Script
text/javascript 184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/7470_Vox_Verge_Prebid_DM.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2ad5b68ebf04d1ac9aa374d9185cebb1fdfce1eff032118cb3dbd2b7364efd0e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:56:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 15 Jan 2021 00:00:51 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2437
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91195
Expires: Wed, 03 Feb 2021 02:37:30 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 177ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=4&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=137206758&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317413%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025652%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317413

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:52 GMT
last-modified: Wed, 03-Feb-2021 01:56:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:52 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 131ms
90ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=2&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=672435716&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1612317413%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025652%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317413

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:52 GMT
last-modified: Wed, 03-Feb-2021 01:56:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:52 GMT

GET
H2 200 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js Show response
cdn.permutive.com/ 491 KB
96 KB 88ms
46ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/concert-ads/v2-latest/concert_ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4f5b8b152ba12adb00755c2a996742a01c192ba25ab646ead14fdc4ddbef91

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 719
x-guploader-uploadid: ABg5-UwRZC1f8q-FVkIrPIPZF1GOU-O1L-Sy18_f5V9FwOgvVXudJPVp3yGJn1CiA1bnM2aJu0sq-OuTIH0QlciLaIk
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
cf-request-id: 08073467050000cc4e282ce000000001
last-modified: Fri, 29 Jan 2021 21:29:24 GMT
server: cloudflare
etag: W/"919d37cde96c6c4e57bcf93c4eb23874"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WYsfqQ==, md5=kZ03zelsbE5XvPk8TrI4dA==
x-goog-generation: 1611955764276590
cache-control: public, max-age=300
x-goog-stored-content-length: 107950
cf-ray: 61b889b80e5ccc4e-ZRH
expires: Wed, 03 Feb 2021 02:01:53 GMT

GET
H2 200 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-models.bin Show response
cdn.permutive.com/models/ 3 KB
3 KB 2834ms
39ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892fb92270b1336f3a2895ae7383caae98ebf18c042c068195a69aa5753250af

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:56 GMT
cf-cache-status: HIT
x-guploader-uploadid: ABg5-UyZibVS_HQcIxEvJhakFG9lieL13plJXEFFuU3IC_Tb5jW0xotPnE9wW0hQbgv5BYCi9ON6TownbD9k_Qh2rag
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
cf-request-id: 08073472790000cc4a2f38e000000001
last-modified: Fri, 29 Jan 2021 21:29:26 GMT
server: cloudflare
etag: W/"49a793330bd0b1acf9ccdcd26a85bf0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=e8+I8Q==, md5=SaeTMwvQsaz5zNzSaoW/Cg==
x-goog-generation: 1611955766248690
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=300
x-goog-stored-content-length: 2603
cf-ray: 61b889ca58cdcc4a-ZRH
expires: Wed, 03 Feb 2021 02:01:56 GMT

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
717 B 36ms
36ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:53 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.5:80
AN-X-Request-Uuid: f2398bb8-e4d8-46f7-999d-1d8390331059
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pxid Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/v2.0/ 12 B
296 B 1116ms
33ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co/v2.0/pxid?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:54 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 32
via: 1.1 google

GET
BLOB 200
OK 578cc9af-012b-4b10-88c1-77c483f17bc4
http://daffodil-ruddy-run.glitch.me/ 320 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://daffodil-ruddy-run.glitch.me/578cc9af-012b-4b10-88c1-77c483f17bc4
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c26f0271815c732f19c12370ef7fa835e3e91bf48fcd72299d21a659fc0901e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 327471

POST
H2 200 graphql Show response
api.permutive.com/ 425 B
537 B 3128ms
60ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/graphql?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Permutive /
Resource Hash: 44f23f9e112342b8d52272bd8df9e911e0a97a7fece575783e1470bd8f4c5770

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:57 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 272
via: 1.1 google

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=5&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=441056133&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317415%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025654%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317415

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:54 GMT
last-modified: Wed, 03-Feb-2021 01:56:54 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:54 GMT

GET
H2

200

idsv2 Show response
mid.rkdms.com/
Redirect Chain

http://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=VOX
https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=VOX

2 B
463 B

1396ms
123ms

XHR
application/json

52.45.216.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=VOX
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.216.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: null
date: Wed, 03 Feb 2021 01:56:57 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.18.0
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json;charset=UTF-8

Redirect headers

Date: Wed, 03 Feb 2021 01:56:55 GMT
Server: nginx/1.18.0
Location: https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=VOX
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 169

GET identity
api.rlcdn.com/api/ 0
0

GET rid
match.adsrvr.org/track/ 0
0

GET
H2 200 display.php Show response
www.tradeadexchange.com/a/ 6 KB
2 KB 3233ms
159ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Feb 2021 01:56:57 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=6&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=229377216&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317417%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025656%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317417

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:56 GMT
last-modified: Wed, 03-Feb-2021 01:56:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:56 GMT

POST
H2 200 errors Show response
api.permutive.com/v2.0/internal/ 2 B
293 B 70ms
32ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/internal/errors?k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Permutive /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:57 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: text/plain;charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 22
via: 1.1 google

POST
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
191 B 84ms
34ms XHR
text/plain 34.107.222.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Feb 2021 01:56:57 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

OPTIONS
H/1.1 200
OK 3850575
inpagepush.com/500/ Frame 0
0 146ms
36ms Other 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3850575?excludes=&oaid=5ceecb978cf24770915a0d2e6406ceca&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=36&pl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:56:57 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H/1.1 200
OK 3850575 Show response
inpagepush.com/500/ 2 KB
2 KB 180ms
179ms XHR
application/javascript 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3850575

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b57a2781a5da7dbc7e89a012281abdef15e74de88da6cb8e4d03daf8c4d5228f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Feb 2021 01:56:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c21f75b46ce990b71c968645a62d86d1
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

POST
H2 201 events Show response
api.permutive.com/v2.0/ 1 KB
841 B 75ms
75ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=true&sdkp=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Permutive /
Resource Hash: 94461fd9f1e297877ec9cd3a4dc286eae709a51d59e50b4aff7ee182442aa68f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:57 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 757
via: 1.1 google

POST
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
179 B 32ms
32ms XHR
text/plain 34.107.222.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Feb 2021 01:56:57 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ 0
189 B 32ms
32ms XHR
text/plain 34.107.222.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Feb 2021 01:56:57 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
325 B 105ms
42ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=360954&u=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183789-71940066017360.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 03 Feb 2021 01:56:57 GMT
Server: Apache
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 03 Feb 2021 01:56:57 GMT

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp
s-img.mgid.com/g/8052391/328x328/226x0x760x760/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|XGKJNvi_M7v-i2pnM-YjjwT7XHJs__11Zk9DqnaCEGuVMc_jfrwPt1ToFbDyCqpt&cid=218581&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5295256bcCHcp2ph20210...
https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKB...

12 KB
12 KB

26ms
25ms

Image
image/webp

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54d73f5aaad85c484b73596a874f87daa3ad842d03b002434fbd204feaaa4ef

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:58 GMT
cf-cache-status: HIT
x-mg-request-uuid: ff7081a7-79db-4567-a800-41c6eace784b
age: 557342
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
cf-request-id: 0807347a2f0000cc3eaa15b000000001
last-modified: Wed, 27 Jan 2021 14:55:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889d6bb34cc3e-ZRH

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: fcccad60-88d8-4bf0-991e-ac5bb5f685c3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b889d5eae1cc3e-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08073479b60000cc3ebb203000000001
server: cloudflare

GET
H2 200 display.php Show response
www.tradeadexchange.com/ad/ 62 KB
13 KB 327ms
326ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/ad/display.php?stamat=m%7CEqdjY3djaQdHkAH0dEdHP3xP.b10%2C2t5FkDDYpjxJXsMWHSh7wBG6VAx_Q9TxSSvYJWOcEw4dSpf7D6GmDmyZSIE8TU3Rf5JfCV5UIoLDL7XypVKwg-FjfCltSEkn7hJbpfh2SXkWpx7cxTFor-Pw5rOWUi3bakgeDt_H4Ls0EESx1DddAQ%2C%2C&cbrandom=0.6067051731488957&cbtitle=Trying%20to%20reach%20the%20most%20ads%20since%202020&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by: Host: www.tradeadexchange.com
URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 24a8d507a3c99ead2bb8a04e246f589a36cbaea008f2a0b6f7399c86e676359f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:56:58 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <veration-cellyric.com>; rel=dns-prefetch,<veration-cellyric.com>; rel=preconnect,<www.tradeadexchange.com>; rel=dns-prefetch,<www.tradeadexchange.com>; rel=preconnect
via: 1.1 google

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
180 B 32ms
32ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Permutive /
Resource Hash: a1ca7c7b86e6c0efca3d2bcdf987616f51c490f75091e9919a4267cd015aa21c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:58 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 112
via: 1.1 google

POST
H2 200 state Show response
api.permutive.com/v1.0/ 0
106 B 46ms
45ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=f8d3dda6-1372-4e33-b0e4-848b39d58874
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/d2fb08da-1c03-4c8a-978f-ad8a96b4c31f-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Feb 2021 01:56:58 GMT
content-encoding: gzip
server: Jetty(9.4.35.v20201120)
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-max-age: 86400
access-control-allow-credentials: true
alt-svc: clear
content-length: 20
via: 1.1 google
access-control-expose-headers: *

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=7&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=708790084&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317419%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025658%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317419

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:58 GMT
last-modified: Wed, 03-Feb-2021 01:56:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:56:58 GMT

OPTIONS
H/1.1 200
OK 11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/037d5b445267f394e2e343ff39cd271eeaf0c08a/ Frame 0
0 125ms
65ms Other
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/037d5b445267f394e2e343ff39cd271eeaf0c08a/11
Protocol: HTTP/1.1
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u13
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u13
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Wed, 03 Feb 2021 01:56:59 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn09
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 11 Show response
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/037d5b445267f394e2e343ff39cd271eeaf0c08a/ 15 B
784 B 139ms
74ms XHR
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/037d5b445267f394e2e343ff39cd271eeaf0c08a/11
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u13
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Feb 2021 01:56:59 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u13
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn10
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
95 B 13ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=801577181&t=event&_s=2&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&ec=interstitial&ea=callback&el=success&_u=aEBAAEABAAAAAC~&jid=1685775661&gjid=1531945342&cid=1808149050.1612317411&tid=UA-42296749-1&_gid=714612062.1612317411&_r=1&z=649333224

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:56:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=8&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=838061260&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317421%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025700%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317421

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:00 GMT
last-modified: Wed, 03-Feb-2021 01:57:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:00 GMT

GET
H/1.1 200
OK vo6pYG6WBLqvkXnGF4u7C3Pp0AO0bzlZI86fsN1raMtF1ba_bsZi2l1BIcEGY3kmFttkJZOJXG0cMxjRMdGWaX1LwPViXRd2EAYrasw8_1Afo-ape0rfTOCgeOHnFhQJVIPK5cbhlM_lGcTaDlf5XqmFTIxE9XF7tXerFKaE3qRupGB2tPFomAs7NiEXpIE9iT8km...
onstunkyr.com/impression/ 43 B
482 B 148ms
36ms Image
image/gif 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/vo6pYG6WBLqvkXnGF4u7C3Pp0AO0bzlZI86fsN1raMtF1ba_bsZi2l1BIcEGY3kmFttkJZOJXG0cMxjRMdGWaX1LwPViXRd2EAYrasw8_1Afo-ape0rfTOCgeOHnFhQJVIPK5cbhlM_lGcTaDlf5XqmFTIxE9XF7tXerFKaE3qRupGB2tPFomAs7NiEXpIE9iT8kmgwvv0k5sZDqHdzLh7LgqchmtShhpi3UrYs1hQpMDpzS_IvRGmyH2b8_-F9IzplWlPm1rBdOCAWYCbMt_fmGFE2pknCJpqJpOUWd3j7UzJlD?z=3850575&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=36&pl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 7721fac594735ac8f2284f7ecb967b19
Pragma: no-cache
Date: Wed, 03 Feb 2021 01:57:02 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp
s-img.mgid.com/g/8052391/328x328/226x0x760x760/ Frame 1666
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|XGKJNvi_M7v-i2pnM-YjjwT7XHJs__11Zk9DqnaCEGuVMc_jfrwPt1ToFbDyCqpt&cid=218581&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5295256bcCHcp2ph20210...
https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKB...

12 KB
12 KB

26ms
25ms

Image
image/webp

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54d73f5aaad85c484b73596a874f87daa3ad842d03b002434fbd204feaaa4ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:57:02 GMT
cf-cache-status: HIT
x-mg-request-uuid: ff7081a7-79db-4567-a800-41c6eace784b
age: 557346
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
cf-request-id: 0807348bf20000cc3ef41ea000000001
last-modified: Wed, 27 Jan 2021 14:55:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889f31db9cc3e-ZRH

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:02 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e8af5eaf-15c4-4eee-a812-bd8a2906c8d7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/8052391/328x328/226x0x760x760/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzBkYjA5YTAyMTBjYWJhNTc0YmUxODdmMWFiOTFmOWIxLmpwZWc.webp?v=1612317417-6iWFnWnhvO9kzfJsW4vqMDKBk6mQ7Vnh0OJl6Ib3m88
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b889f27d65cc3e-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807348b8d0000cc3ef0148000000001
server: cloudflare

GET
H/1.1 200
OK 3850575 Show response
inpagepush.com/500/ 2 KB
2 KB 185ms
184ms XHR
application/javascript 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3850575?excludes=5295256&oaid=5ceecb978cf24770915a0d2e6406ceca&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=37&pl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3850575

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5ac1082677dfe800edc839e1b9dcbe868ef89fd2970db34aae2b6e4f392e9e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 03 Feb 2021 01:57:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 9fdf2db1df4f074f81130a4368e06359
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3850575
inpagepush.com/500/ Frame 0
0 37ms
37ms Other 139.45.195.91
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.195.91 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 03 Feb 2021 01:57:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
176 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=9&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=176020955&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317423%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025702%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317423

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:02 GMT
last-modified: Wed, 03-Feb-2021 01:57:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:02 GMT

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/328x328/28x0x510x510/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|6tpn6_yocLf-V4-_GYyQII6d_j_K2EFfQcEOYlDpm_lAMOgQ2sYHv9Tc-_doPMWt&cid=756446&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5920476bcCHcp2ph20210...
https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9r...

23 KB
23 KB

26ms
25ms

Image
image/webp

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9rmQ65moU60gXqWix78g
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a65cdf36d5f6a8f112beb82b1510880224e0b5fea8a86a2d06be1c0b23a568a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:57:02 GMT
cf-cache-status: HIT
x-mg-request-uuid: dde071a4-f67d-4c60-8258-1fb72f9b62f7
age: 557383
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23120
cf-request-id: 0807348d420000cc3e9198c000000001
last-modified: Wed, 27 Jan 2021 14:55:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b889f53e88cc3e-ZRH

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:02 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: f182722a-3205-414b-b4de-ddc71c2c760b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9rmQ65moU60gXqWix78g
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b889f4be5acc3e-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0807348cf80000cc3e91088000000001
server: cloudflare

GET
H2

200

1
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A125%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A125%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3A...

43 B
74 B

48ms
47ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A125%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025703%3Aet%3A1612317424%3Ac%3A1%3Arn%3A499978351%3Arqn%3A2%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612317402117%3Awv%3A2%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612317424&force-urlencoded=1

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:03 GMT
last-modified: Wed, 03-Feb-2021 01:57:03 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:03 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:03 GMT
last-modified: Wed, 03-Feb-2021 01:57:03 GMT
location: /watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A125%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A1557087443264%3Ahid%3A286081260%3Az%3A60%3Ai%3A20210203025703%3Aet%3A1612317424%3Ac%3A1%3Arn%3A499978351%3Arqn%3A2%3Au%3A1612317408655635640%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612317402117%3Awv%3A2%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612317424&force-urlencoded=1
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:03 GMT

GET
H/1.1 304
NOT MODIFIED session.gif
api.bam-x.com/api/v0/ 0
825 B 127ms
126ms Image 54.163.245.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.bam-x.com/api/v0/session.gif?uid_bam=1731212651847650571

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.163.245.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 01:57:04 GMT
Server: nginx/1.18.0
ETag: 1731212651847650571
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: DELETE,GET,POST,PUT,OPTIONS
P3P: CP="NON DSP COR ADMo DEVo TAIo PSA PSDo OUR BUS CNT"
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=999999999, must-revalidate, proxy-revalidate
Connection: keep-alive
X-Robots-Tag: noindex, follow
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-None-Match,If-Modified-Since,X-BAM-Params

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
163 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=10&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=722129650&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317425%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025704%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317425

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:04 GMT
last-modified: Wed, 03-Feb-2021 01:57:04 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:04 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=11&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=709945105&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317427%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025706%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317427

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:06 GMT
last-modified: Wed, 03-Feb-2021 01:57:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:06 GMT

GET
H/1.1 200
OK X9vuvq0qihhj1ykoIkCR8gYYayv8yzs8PazjhoIO_ybdGxXRXicZghqPpR_PZ9XNQ1oC8VU45uS-jEwXERN2C6YOo9Ru5aloZWe-asmoZHHNTMEHVzWqmL4iYlWDn-eKVt4aSZOUanjEplM4w7v7iNcWMYC4UDbAd7Mc8j7kPI78MENbI4ePT6YciR8dARrNLfQwn...
onstunkyr.com/impression/ 43 B
482 B 110ms
37ms Image
image/gif 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/X9vuvq0qihhj1ykoIkCR8gYYayv8yzs8PazjhoIO_ybdGxXRXicZghqPpR_PZ9XNQ1oC8VU45uS-jEwXERN2C6YOo9Ru5aloZWe-asmoZHHNTMEHVzWqmL4iYlWDn-eKVt4aSZOUanjEplM4w7v7iNcWMYC4UDbAd7Mc8j7kPI78MENbI4ePT6YciR8dARrNLfQwnsLsrBYvmCWfVxmMW5bVYuSly3QzjOVYcRpU7VC1CuNH?z=3850575&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=37&pl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: c7ec2d5e6be1465be57c83ada4dd1fde
Pragma: no-cache
Date: Wed, 03 Feb 2021 01:57:07 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp
s-img.mgid.com/g/8052393/328x328/28x0x510x510/ Frame 1666
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|6tpn6_yocLf-V4-_GYyQII6d_j_K2EFfQcEOYlDpm_lAMOgQ2sYHv9Tc-_doPMWt&cid=756446&f=1&h2=PpCN8S8RpuqgawplLvLjFKCY8ki03-Z77VGaOn48320*&rid=z3850575zb5920476bcCHcp2ph20210...
https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9r...

23 KB
23 KB

25ms
25ms

Image
image/webp

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9rmQ65moU60gXqWix78g
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a65cdf36d5f6a8f112beb82b1510880224e0b5fea8a86a2d06be1c0b23a568a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 01:57:08 GMT
cf-cache-status: HIT
x-mg-request-uuid: dde071a4-f67d-4c60-8258-1fb72f9b62f7
age: 557389
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23120
cf-request-id: 080734a12e0000cc3eea3a3000000001
last-modified: Wed, 27 Jan 2021 14:55:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61b88a151cfecc3e-ZRH

Redirect headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:07 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8f338e8e-7e3d-4d4f-9e52-fc7946f8a78a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/8052393/328x328/28x0x510x510/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzUxOTViNGE0Zjg1NmI3ZDczNGUxZTg0MGY2NzI5NDdiLmpwZWc.webp?v=1612317422-m610DUPGllqgrbBLMMPgyF-9rmQ65moU60gXqWix78g
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61b88a144cbacc3e-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 080734a0b70000cc3e949e8000000001
server: cloudflare

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 44ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=12&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=996651527&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317429%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025708%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317429

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:08 GMT
last-modified: Wed, 03-Feb-2021 01:57:08 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:08 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 44ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=13&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=513613166&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317431%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A202102030257010%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317431

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:10 GMT
last-modified: Wed, 03-Feb-2021 01:57:10 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:10 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&wv-part=14&wv-hit=286081260&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&rn=560777225&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1612317433%3Aw%3A1600x1200%3Av%3A400%3Az%3A60%3Ai%3A20210203025712%3Au%3A1612317408655635640%3Avf%3A65gwaazdbuxw99r%3Ati%3A2%3Ast%3A1612317433

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 01:57:12 GMT
last-modified: Wed, 03-Feb-2021 01:57:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 03-Feb-2021 01:57:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.webglstats.com
URL: http://cdn.webglstats.com/stat.js

Domain: nwxv1igqbfpq.l4.adsco.re
URL: https://nwxv1igqbfpq.l4.adsco.re/

Domain: u.openx.net
URL: https://u.openx.net/w/1.0/pd

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Domain: api.rlcdn.com
URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183789

Verdicts & Comments Add Verdict or Comment

647 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 22) Message: triggered on event listener
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	debug	URL: https://c.adsco.re/(Line 15) Message:
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012801.js(Line 6) Message: Exception in queued GPT command ReferenceError: ezrpos is not defined
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	debug	URL: https://c.adsco.re/(Line 15) Message:
console-api	debug	URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://daffodil-ruddy-run.glitch.me/(Line 111) Message: CMP IS FOUND
console-api	warning	URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: http://daffodil-ruddy-run.glitch.me/(Line 106) Message: CMP IS FOUND
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 21) Message: sending ad server request
console-api	debug	URL: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=121131(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
a.exosrv.com
accounts.google.com
acdn.adnxs.com
ad.a-ads.com
ads.pubmatic.com
ads.rubiconproject.com
ads.shorte.st
adsco.re
ajax.googleapis.com
api.bam-x.com
api.permutive.com
api.rlcdn.com
api.shorte.st
as-sec.casalemedia.com
assets.revcontent.com
bdv.bidvertiser.com
bedrapiona.com
c.adsco.re
c.adskeeper.com
c.amazon-adsystem.com
c.mgid.com
c0.pubmine.com
c1.popads.net
cdn.adskeeper.co.uk
cdn.carbonads.com
cdn.concert.io
cdn.mgid.com
cdn.permutive.com
cdn.pixfuture.com
cdn.popmyads.com
cdn.shorte.st
cdn.thisiswaldo.com
cdn.vox-cdn.com
cdn.webglstats.com
cdn4.buysellads.net
cdnjs.cloudflare.com
choogeet.net
choupsee.com
clksite.com
cm.adskeeper.com
coinpayu.com
concertads-configs.vox-cdn.com
config.seedtag.com
contextual.media.net
cs.emxdgt.com
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.prmutv.co
d2sbzwmcg5amr3.cloudfront.net
daffodil-ruddy-run.glitch.me
displayvertising.com
djv99sxoqpv11.cloudfront.net
duetgypsyantis.com
eb2.3lift.com
emagazing.fun
eus.rubiconproject.com
fonts.gstatic.com
frdqkhe5m6w2.l4.adsco.re
frdqkhe5m6w2.n4.adsco.re
frdqkhe5m6w2.s4.adsco.re
freychang.fun
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
iclickcdn.com
infopicked.com
inpagepush.com
ipfind.co
js-sec.indexww.com
jsc.adskeeper.co.uk
jsc.adskeeper.com
jsc.mgid.com
kumteerg.com
log.outbrainimg.com
m.servedby-buysellads.com
match.adsrvr.org
mb.moatads.com
mc.yandex.ru
mellowads.com
mid.rkdms.com
mug.criteo.com
my.rtmark.net
nwxv1igqbfpq.l4.adsco.re
nwxv1igqbfpq.n4.adsco.re
nwxv1igqbfpq.s4.adsco.re
o.wowreality.info
odr.mookie1.com
onegalact.com
onmarshtompor.com
onstunkyr.com
p405661.clksite.com
p405661.mycdn.co
p93920.clksite.com
p93920.mycdn.co
pagead2.googlesyndication.com
pixel.advertising.com
popmyads.com
px.moatads.com
quantcast.mgr.consensu.org
rcm-na.amazon-adsystem.com
s-img.adskeeper.com
s-img.mgid.com
s.adtelligent.com
s.aolcdn.com
s.pubmine.com
s.seedtag.com
seaboblit.com
securepubads.g.doubleclick.net
serve.popads.net
served-by.pixfuture.com
servicer.adskeeper.com
servicer.mgid.com
srv.buysellads.com
srv.carbonads.net
ssc-cms.33across.com
ssp.zryydi.com
static.lalaping.com
static.narrativ.com
stawhoph.com
sync.go.sonobi.com
sync.teads.tv
syndication.exosrv.com
tcheck.outbrainimg.com
thetarhaw.com
toglooman.com
trends.revcontent.com
u.openx.net
ups.analytics.yahoo.com
waxtamnit.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws-na.assoc-amazon.com
www.bcloudhost.com
www.displayvertising.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.maxonclick.com
www.theverge.com
www.tradeadexchange.com
x.bidswitch.net
yiatelychur.top
z.moatads.com
api.rlcdn.com
cdn.webglstats.com
match.adsrvr.org
nwxv1igqbfpq.l4.adsco.re
u.openx.net
104.111.242.245
104.18.131.145
104.19.130.80
104.19.131.80
104.19.135.78
104.19.149.54
104.21.20.75
108.161.189.78
13.224.192.34
13.224.194.107
13.224.195.33
139.45.195.106
139.45.195.123
139.45.195.167
139.45.195.254
139.45.195.91
139.45.196.129
139.45.196.200
139.45.196.201
139.45.197.253
139.45.197.61
139.45.197.9
143.204.215.26
143.204.93.61
148.251.13.139
151.101.112.124
151.101.113.52
151.139.128.11
162.252.214.5
172.217.21.194
173.192.101.24
178.128.255.150
178.162.133.149
178.250.2.146
18.195.155.181
184.30.212.16
185.200.116.90
185.200.118.90
185.33.220.241
192.0.77.38
199.232.196.124
2.18.232.130
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.18.235.40
2.18.235.93
213.196.2.1
213.32.115.25
213.32.61.35
216.21.13.11
216.59.56.9
23.111.10.140
2600:9000:20eb:e00:1d:bf0d:abc0:21
2600:9000:21f3:1400:9:46dc:4700:93a1
2600:9000:21f3:f400:4:164e:ca00:93a1
2606:2800:233:af6:eab:2108:1892:6d8
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:20::681a:56b
2606:4700:20::681a:87b
2606:4700:20::681a:a9c
2606:4700:20::681a:d1a
2606:4700:20::ac43:4a21
2606:4700:20::ac43:4b09
2606:4700:3034::ac43:bbbc
2606:4700::6810:125e
2606:4700::6810:8916
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6812:1041
2606:4700:e2::ac40:8512
2a00:1450:4001:808::200a
2a00:1450:4001:810::200d
2a00:1450:4001:816::2004
2a00:1450:4001:825::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a02:2638::1c
2a02:6b8::1:119
2a02:6ea0:c700::1
2a02:6ea0:c700::2
2a03:2880:f11c:8183:face:b00c:0:25de
2a0c:5c81:5160::2
3.126.56.137
34.107.222.173
34.107.254.252
34.120.207.148
34.96.106.9
34.98.67.61
35.156.143.112
35.157.234.72
35.190.68.123
35.190.74.92
35.241.9.51
37.59.184.172
38.132.109.186
50.18.199.66
51.68.161.17
51.68.161.20
52.28.239.147
52.3.60.128
52.45.216.60
52.46.131.85
52.46.132.238
54.163.245.232
54.171.42.232
54.194.111.195
54.241.51.109
64.202.112.95
67.202.110.23
68.183.31.14
78.140.188.188
79.125.73.87
94.31.29.128
94.31.29.32
95.211.229.247
06220b8826c3e80c952771ee5089af5478ea84da32ca2e707152b0d2ae0f3f8f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0dab6095a7e07c26dc21102cfb0e3e81eda68ed0681d34b23719bd31bc188539
0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33
109a84490727f3a268b6467c6e8b7d76066e3eaf23c9dbbd833227a0d25447b1
115ed11fb9457bb897579d4be870323771379eda1d31ffa4337da93659bcc73f
1165669e2a76f3ab389a6b08d3aff86bc05cc880b763811a0268e1da4b145e2f
11f8675accf03f247064b5b6a4de5f46d09e650f917f9dda0004db2b86b922a8
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a
18c3400ffd759170ff306d0be6b36615f4f231f0b80c302dd635bf70aff2b08a
192e49a8d791354fa0e62f05a4f046dc04e39893079f1cf69d3ab3864e2fb686
1b77231ff9c0e2baf6f96d7bd432564dcb5808836d477f08164f165fb9f60db7
1c34729d3dd997e9d5227a96ef53dd671456adc8025df6903ab9df1366831629
1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c
21c5315b3afaea940bc3fd4e14e646602555a1745a1c2605fa2579a32a5adff1
24a8d507a3c99ead2bb8a04e246f589a36cbaea008f2a0b6f7399c86e676359f
258531131d81a1ab0e0a73dc45044046701a122fcacdceae0944894016be3d38
25e45b62f2315cdb6c6aee3955da8ec4076b60d07b65be98ec20361ed2224df6
25e802f6117b985e48f2a01af99b212a41e5bc64e16b2f1c4987cee1f7a5a66f
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2ad5b68ebf04d1ac9aa374d9185cebb1fdfce1eff032118cb3dbd2b7364efd0e
2bc69d10fb34b45d5325071130fa0fb2b1a7062160a8f5a34753e5bb90459218
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002
2e7bedf9402992a10ae543c8555dfac28f2e2c7b03d59f99384170b30bcaf692
30fea238b7c7058f28665cbfaf4d7a3de9a033808b1d82569b5974f90bf2f06e
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
36fb56496d83dc79446cb58a10c83c6e48ab62308f02c2ee7e031b45014eae24
3a3958565c7262e5d14c2b8687c710bde8ff3852bca75ec6b14198fcda31465b
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
3c84aa474bbd822365c8ae488ee766a0cf2fc78a66471a441b33479d5d472431
3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc
3f7b21bbae0a7e821ceb6bd89e8071ca4a75a9db1f06822961771ebf431185ad
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
43be6d69db8c2342a171bb7093f216d9dfedba7de83cd6fc834efdde1ae65b43
43e106423124c8c69f1ac878e1878c72963587027aa365aa13f4a43168ac7262
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f23f9e112342b8d52272bd8df9e911e0a97a7fece575783e1470bd8f4c5770
46a12b27b07a3f35985806c6a290ca654d3284c49913de8c07f143ab26c2aa8a
46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
492cfc9eedaae641333838e935ec3b300fc20f0528120c63a99699f6b181687c
4d126fc09151907b8438933f36324c27e6d7e3d99188809b844ef0d1400820d3
4d1b9cc56d380450f7ecc45545d904718721de5e3303f538767c083f64052f5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55079a25ae573f90cd94a4911ef0cd5031d07c9a21281b1e2d843b5fb42b1171
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
581f5527801cbaf1f8f4f9e372164ed2f0ae37edee6ed6fcb1bbd33bac050e18
5ac1082677dfe800edc839e1b9dcbe868ef89fd2970db34aae2b6e4f392e9e6b
5b11aa147cc0eeaaff5b626102c817e865cdd45f527edcdb5e442b8846d7815b
5c26f0271815c732f19c12370ef7fa835e3e91bf48fcd72299d21a659fc0901e
5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de
61a755ce43dd14b2cc237f369f9ffa77fb245071d6401725f57e34c69a39f16d
62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6718dc129304e05746ba4da1930c9ecd29377901b2642bff56bb3664cf73995f
6898b63176fe3c75101ebc6d7c7fa98e13b119845679c40037f366970363b7d1
68aa9818e0d0f8c60c5fc7e2b7921aa1a48a52e72e7da4caae29de34d030a6bf
6a65cdf36d5f6a8f112beb82b1510880224e0b5fea8a86a2d06be1c0b23a568a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
6fca035798ff90712212512ea68ab3affe0f2ca845309d4e1d1e8b1f4483af32
7598ffa91ced645d5ddb6b0ab9deffefb46701aad1345d4e75e10cfdeb73ec57
79996d3e643a3c4bda5a4c238f64a9c3082b4451764d43bc716976336253edb5
7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04
7d62917a2e70a0614f552316bba25bd7f5cfffb99617dbbcd62e9fd084dbba8f
7ed7d86ba9aca466e54279e04325a18d0b821488564034f9d0f1ffc7829fee56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f068facf5730dd7d8e5764aabdec8981cce9e9ae9a581b0d69e0461ee9248b
876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
892fb92270b1336f3a2895ae7383caae98ebf18c042c068195a69aa5753250af
897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec
8c823c0930ded9a2fcf021ead8d48f867e884b80889825aba00266f53d6d7f43
8e67e958ae1495d6d7bda1b310bdb24a8b68a77875d51d2254bfc97614990b4b
8e6f00879f46ce04876cbb9e18170bf5df890b15d7af2581cff67ab1b847b48e
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9433c1f93007125f450774ac0ffe126257e688e976c9ce29eabee0f449d76c96
94461fd9f1e297877ec9cd3a4dc286eae709a51d59e50b4aff7ee182442aa68f
94aec9e75f97a3fd9b5d8542b4aa9a1d29ef4407cb5d0cc2c9590f0ddd700258
95fddf78880041d45ca14979cd85bc1bc6e1ab896fef029842a369946352c060
99e1f6b8324009a56a3cc25d5b4aa553b2c85bad57cbaa71f2ef9a670b40b68b
9c716b68360c247989e2383ba19cdc06b1ea297aa5e3b452a85a14de63bba8f7
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0eb1614ba513fd9f8846bdf2a1fc6f2fb6d7332d49bfbc89a82f3aa0cdd2528
a1ca7c7b86e6c0efca3d2bcdf987616f51c490f75091e9919a4267cd015aa21c
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4c374a18d10967b71543b3c9ebb9f63e3fff210d18d393d2dac99b16335b6c6
a4ef497ceb5789c5d92f74eabf1007e4fc3f6e751c0321d37a28ef1466ae344a
a529384e27251d95e9d5ccfa9fe6e41302eff931ffc9d7af12ba539df036e385
a8603a88a0a1048e4163e6fa1b509bc7120def4437dba0af60102a7c4992f045
a932a8e7d1d33131cfc984290d283ed938ba1905cafdf7ff85a784f8779e8a7d
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ab0bd33fd9800e6525135b76cc1a3149642cb9e99b0433dc7ab125cf071fb408
ab7b62eec10f8436af666ec3e69a71e5fa80a42d95be921a89d4e54e8781ea5f
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
aea01dcf1d5269b14a6d81bf472944dfdc1c5f5df2bf0714ee4c4d0a95708e16
aecd3ee6431ca5007c38d315e2260f8db435ce04225c9602591ff6bf5c865699
b0af03258eaf0b179f53ff86c2bc6106b037f7cdc84b286dac05b4ace2892e45
b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474
b2ec90d9f615e6cf0243ddd6b87e717fae333772847642694beb3e708f2cf889
b57a2781a5da7dbc7e89a012281abdef15e74de88da6cb8e4d03daf8c4d5228f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8991415789cf9503e88f2b3e9673f8c2702d4e1a8b6d5138d96d865372900f3
c03993e77bf55e58d17b139ad9310d775ab94a34ca1ca6f399695634efb2fa13
c32da56494c9fe7298767c0385addffd7605b42a7f1b9ca4fc9855e83d8d1046
c33b32e9cad2570f73a60f88cf86b130b671f3671e7cea7ca4f05c37765005a1
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c5e6d06003d613b32f80e5f55b4f3697775fa7731ebe315e4d767361ccbce03c
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c73be538e125be899656978e1759da5718cb2993b55e74bee2da30497781430f
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
ca755b17ffb086fbfd92cb35a42bd8aec3b6b13b6f5e77e286b845d867057596
cc095a816fdb83ec40887f87cce60adeeefcf88efd8ae1a53f1cea6a12106f5e
ce64cd3dbb42ab4bee5f40f611aa1903b3b65479611c6b40438b6c8631f84bbc
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4f5b8b152ba12adb00755c2a996742a01c192ba25ab646ead14fdc4ddbef91
d29895d50d252d681d7327f5a571674ed7ad9c5bb2acbf40c303ebad51ebe543
d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074
d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9
da9e101f0aa65abdd2b3f670a62d7fd5b4963f9c97ab738893b540e7e6274885
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e2bf90b6152f901cceb0c3b1517a72f52633a3788db65c47e8e5a64480339013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec149aa47e842f42415f6015d5145b8a8eb6aad92019f6d6cb5873e2fb74c5
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b
eac7590b017690e12746846c2498d60c1d205bf7006236c21df207bfee4a5d48
eb7ad86e0ae8f29378656dc4d203eb57e0f0fe939f3da739f5702c6351ea5623
f3caeb1688453aaa314d1d7f087b3370b317a7b178b9c8f7b9ca2248ffd304ab
f3f4ba39ee45ee7a20e0d163cf87fdb5200de2cf712a1d3dbf9a67b8b1488c27
f54d73f5aaad85c484b73596a874f87daa3ad842d03b002434fbd204feaaa4ef
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa533eb34a8900f6013bf6f0095c696ea16758fe6fbf7442694de0f8ebb2f536
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

daffodil-ruddy-run.glitch.me Open in urlscan Pro 52.3.60.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

305 Requests

64 %HTTPS

26 %IPv6

101 Domains

145 Subdomains

110 IPs

9 Countries

4985 kBTransfer

12826 kBSize

0 Cookies

15 Outgoing links

Redirected requests

305 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

daffodil-ruddy-run.glitch.me Open in urlscan Pro
52.3.60.128 Public Scan

Screenshot
Live screenshot

Full Image

305
Requests

64 %
HTTPS

26 %
IPv6

101
Domains

145
Subdomains

110
IPs

9
Countries

4985 kB
Transfer

12826 kB
Size

0
Cookies

305 HTTP transactions
4 data transactions