qqmj.happyfeed.net Open in urlscan Pro
34.102.249.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bejuy.com/?bejuy
Effective URL:
https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Submission: On May 17 via api (May 17th 2020, 11:39:04 pm UTC) from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 21 domains to perform 21 HTTP transactions. The main IP is 34.102.249.222, located in United States and belongs to GOOGLE, US. The main domain is qqmj.happyfeed.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 4th 2020. Valid for: 3 months.

This is the only time qqmj.happyfeed.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	173.239.5.6 173.239.5.6	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	52.203.154.39 52.203.154.39	14618 (AMAZON-AES) (AMAZON-AES)
1 1	198.134.116.18 198.134.116.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3	107.178.249.212 107.178.249.212	15169 (GOOGLE) (GOOGLE)
1 2	35.201.123.4 35.201.123.4	15169 (GOOGLE) (GOOGLE)
1	34.102.249.222 34.102.249.222	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
2	130.211.12.92 130.211.12.92	15169 (GOOGLE) (GOOGLE)
2 2	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
4	2600:1f18:40f... 2600:1f18:40f7:9700:2e97:c585:d39e:99b7	14618 (AMAZON-AES) (AMAZON-AES)
3 3	173.239.53.18 173.239.53.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	104.31.86.230 104.31.86.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	149.6.163.10 149.6.163.10	174 (COGENT-174) (COGENT-174)
3	149.11.201.98 149.11.201.98	174 (COGENT-174) (COGENT-174)
2 2	195.201.189.16 195.201.189.16	24940 (HETZNER-AS) (HETZNER-AS)
2 2	94.130.133.182 94.130.133.182	24940 (HETZNER-AS) (HETZNER-AS)
1 1	104.19.130.80 104.19.130.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.132.80 104.19.132.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	199.241.100.2 199.241.100.2	27589 (MOJOHOST) (MOJOHOST)
2 2	18.184.36.31 18.184.36.31	16509 (AMAZON-02) (AMAZON-02)
21	11

2 173.239.5.6 (Brooklyn, United States)

ASN27257 (WEBAIR-INTERNET, US)

bejuy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.30 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.clkepd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.154.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-154-39.compute-1.amazonaws.com

r.ewoss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.18 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.junmediadirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.249.212 (United States)

ASN15169 (GOOGLE, US)
PTR: 212.249.178.107.bc.googleusercontent.com

rdr.rtbravo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.123.4 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 4.123.201.35.bc.googleusercontent.com

ok.plsnotifyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imp.plsnotifyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.249.222 (United States)

ASN15169 (GOOGLE, US)
PTR: 222.249.102.34.bc.googleusercontent.com

qqmj.happyfeed.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.12.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 92.12.211.130.bc.googleusercontent.com

get.securedcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.16 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.pclk.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:40f7:9700:2e97:c585:d39e:99b7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

tanit-dio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.239.53.18 (Garden City, United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.fastdlr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
click.jadspro.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.31.86.230 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.mobifortune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.6.163.10 (Paris, France) 2 redirects

ASN174 (COGENT-174, US)

rtb.4armn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.11.201.98 (United States)

ASN174 (COGENT-174, US)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.189.16 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.16.189.201.195.clients.your-server.de

tracking.push.sincityinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.133.182 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.182.133.130.94.clients.your-server.de

2.gotrkpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.130.80 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.132.80 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.241.100.2 (Franklin, United States) 2 redirects

ASN27589 (MOJOHOST, US)
PTR: cs3556.mojohost.com

serve.mondiad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.36.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-36-31.eu-central-1.compute.amazonaws.com

img.msg.sale	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	tanit-dio.com tanit-dio.com	30 KB
3	adskeeper.co.uk 1 redirects c.adskeeper.co.uk s-img.adskeeper.co.uk	19 KB
3	adx1.com cdn.adx1.com	86 KB
3	rtbravo.com rdr.rtbravo.com	5 KB
2	msg.sale 2 redirects img.msg.sale	2 KB
2	mondiad.net 2 redirects serve.mondiad.net	2 KB
2	jadspro.live 2 redirects click.jadspro.live	406 B
2	gotrkpsh.com 2 redirects 2.gotrkpsh.com	595 B
2	sincityinteractive.com 2 redirects tracking.push.sincityinteractive.com	800 B
2	4armn.com 2 redirects rtb.4armn.com	215 B
2	pclk.name 2 redirects click.pclk.name	2 KB
2	securedcdn.com get.securedcdn.com	18 KB
2	gstatic.com www.gstatic.com	22 KB
2	plsnotifyme.com 1 redirects ok.plsnotifyme.com imp.plsnotifyme.com	2 KB
2	ewoss.com 1 redirects r.ewoss.com	924 B
2	bejuy.com bejuy.com	1 KB
1	mobifortune.com 1 redirects r.mobifortune.com	467 B
1	fastdlr.com 1 redirects xml.fastdlr.com	595 B
1	happyfeed.net qqmj.happyfeed.net	795 B
1	junmediadirect.com 1 redirects click.junmediadirect.com	152 B
1	clkepd.com 1 redirects click.clkepd.com	185 B
21	21

	Domain	Requested by
4	tanit-dio.com	qqmj.happyfeed.net
3	cdn.adx1.com	qqmj.happyfeed.net
3	rdr.rtbravo.com	r.ewoss.com rdr.rtbravo.com qqmj.happyfeed.net
2	img.msg.sale	2 redirects
2	serve.mondiad.net	2 redirects
2	click.jadspro.live	2 redirects
2	s-img.adskeeper.co.uk	qqmj.happyfeed.net
2	2.gotrkpsh.com	2 redirects
2	tracking.push.sincityinteractive.com	2 redirects
2	rtb.4armn.com	2 redirects
2	click.pclk.name	2 redirects
2	get.securedcdn.com	qqmj.happyfeed.net
2	www.gstatic.com	qqmj.happyfeed.net
2	r.ewoss.com	1 redirects bejuy.com
2	bejuy.com	bejuy.com
1	c.adskeeper.co.uk	1 redirects
1	r.mobifortune.com	1 redirects
1	xml.fastdlr.com	1 redirects
1	imp.plsnotifyme.com	get.securedcdn.com
1	qqmj.happyfeed.net	rdr.rtbravo.com
1	ok.plsnotifyme.com	1 redirects
1	click.junmediadirect.com	1 redirects
1	click.clkepd.com	1 redirects
21	23

This site contains no links.

Subject Issuer	Validity	Valid
expiereddnsmanager.com Let's Encrypt Authority X3	`2020-04-11` - `2020-07-10`	3 months	crt.sh
rtbravo.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
happyfeed.net Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
securedcdn.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
plsnotifyme.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
tanit-dio.com Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
*.adx1.com Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Frame ID: EA57EBC808D199DE3F25697F3676BC85
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bejuy.com/?bejuy Page URL
http://bejuy.com/ Page URL
http://click.clkepd.com/click?i=2S2LhHeQfSE_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNkb21haW4maz13d3cuYnVzaGNyYWZ0c2hvcC5ubCZiPTAuMDAwOC... HTTP 302
http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397 Page URL
http://click.junmediadirect.com/click?i=NCv9hPgczys_0 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t Page URL
https://ok.plsnotifyme.com/lp?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&s=78213e57f50ce5ea6591ae7cfd... HTTP 302
https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

86 %
HTTPS

10 %
IPv6

21
Domains

23
Subdomains

11
IPs

4
Countries

183 kB
Transfer

227 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bejuy.com/?bejuy Page URL
http://bejuy.com/ Page URL
http://click.clkepd.com/click?i=2S2LhHeQfSE_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNkb21haW4maz13d3cuYnVzaGNyYWZ0c2hvcC5ubCZiPTAuMDAwOCZzPTE3MTQ2Nw2 HTTP 302
http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397 Page URL
http://click.junmediadirect.com/click?i=NCv9hPgczys_0 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t Page URL
https://ok.plsnotifyme.com/lp?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&s=78213e57f50ce5ea6591ae7cfd9f589c5ed4a4891bb8c2998ecdc6baa149c26bdd2be69614275aa8095b1e6b194c750b6f5d2416c433&ex=b2100&d=www.hoedshop.nl HTTP 302
https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://click.clkepd.com/click?i=2S2LhHeQfSE_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNkb21haW4maz13d3cuYnVzaGNyYWZ0c2hvcC5ubCZiPTAuMDAwOCZzPTE3MTQ2Nw2 HTTP 302
http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397

Request Chain 3

http://click.junmediadirect.com/click?i=NCv9hPgczys_0 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t

Request Chain 11

http://click.pclk.name/thumbnail?i=PaPGlpqpXqM_0&imgt=icon HTTP 302
https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr6Aijf33kZWQa7rJMkTAzwSqdtotFQMmYyTS2mRN7B-2Ig_O7LlcFFM6N5qdfoZIFEAOYf4UvOtCctYtlKxuCzbjwKzVb9POhHfRfGy4o_qViKEL8fivTlbxrwGhe78iBAxk9UBH1qmwoHZ4ppMwM0totlCXNUMSx5qJhMrRImFDXHZE-3GLMZpmqHKWqWHWJtnMZdbDh4_V0pPJ2xHwlEruUfBXXmnqYzbC8rQ4xfZCfb_GXQIjHs-W-MlpyiMxkqAAayWn2-HuhC03Z1Zz1B0MFuTgJ-KeKc4FgzyLKaHdS5Rns3AHy3zkGiZEqO222t0GckNl_cimc_o2Kn5VyScPQYIaWOwGNu0T3uXhswnQmcYcsa1sBegWZKGwkWOneGOKQ6MXrRhU0rMLk2kWUdsDjzbZz9EXxtJXYc3gXafdmUcOBJ26z3a61Dn7vgQDzV1sGIy_TDTGxztEvP5bU6CJlcf2r3rD5PrUxp0RTSi-miUy8KNWK9Bgg4G56R6G_JKnRuQ=.3Nhto3lRkdlANoSHM7kyaw==

Request Chain 12

http://click.pclk.name/thumbnail?i=PaPGlpqpXqM_0 HTTP 302
https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr6Aijf33kZWQa7rJMkTAzwSqdtotFQMmYyTS2mRN7B-2Ig_O7LlcFFM6N5qdfoZIFEAOYf4UvOtCctYtlKxuCzbjwKzVb9POhHfRfGy4o_qViKEL8fivTlbxrwGhe78iBAxk9UBH1qmwoHZ4ppMwM0totlCXNUMSx5qJhMrRImFDXHZE-3GLMZpmqHKWqWHWJtnMZdbDh4_V0pPJ2xHwlEruUfBXXmnqYzbC8rQ4xfZCfb_GXQIjHs-W-MlpyiMxkqAAayWn2-HuhC03Z1Zz1B0MFuTgJ-KeKc4FgzyLKaHdS5Rns3AHy3zkGiZEqO222t0GckNl_cimc_o2Kn5VyScPQYIaWOwGNu0T3uXhswnQmcYcsa1sBegWZKGwkWOneGOKQ6MXrRhU0rMLk2kWUdsDjzbZz9EXxtJXYc3gXafdmUcOBJ26z3a61Dn7vgQDzV1sGIy_TDTGxztEvP5bU6CJlcf2r3rD5PrUxp0RTSi-miUy8KNWK9Bgg4G56R6G_JKnRuQ=.3Nhto3lRkdlANoSHM7kyaw==

Request Chain 13

http://xml.fastdlr.com/thumbnail?i=y*oaNEd3PQE_0&imgt=icon HTTP 302
https://r.mobifortune.com/ix/ic/EGAJLpjbjB4p6vhNODqVfSOSucIFg-8lVpxym-_keDDWoV0wHNUbzg1Xjxq-h3tztdAyeFv3NH8TfYe0IQOB0lV82xdmXZkn_H_PmXR66JMsr4T65Lo5uKYM_WQFp74qcskswRFTk88n7iNpryIk0cHjERttd9wuAXR9NRbOAifNxIc-FKA24SZqZzAt4pCv8p8TfTFXtQuGG5SX0SqjmMzzwKRLxGPbs3rPKBUbzygg7jP7yj1EjRWC21ns2OuQmC4cqE_Qz626NZabpTWuPkZ3_Pp_Xmw0gpUfoEKWtoCZUPFebCeO9UHPQLKxEqjLdkMk6_B8OnLL5HjX3NKAvBMT4GJEh2WUZT7iqUiVzYhFYIhXSOU7-luxO3MRx9JBtnhr5wT-T8eaiSdSeJ9QYaGIr0cnI7u4PT5F-IwmRr1mOe8BXbpqk0-cmpkHUEIZ4qn87Pq7p1tlZkYkZXZ2wQ_6UtGjjNUJsVpd7w HTTP 302
https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=4916-4916-7-ea2d9f6d-3585-6ca4-4166-742d21f8ca1e&img=https%3A%2F%2Fcdn.adx1.com%2F64d8e23e1df929c03565a3785b45cd05.png HTTP 302
https://cdn.adx1.com/64d8e23e1df929c03565a3785b45cd05.png

Request Chain 14

https://tracking.push.sincityinteractive.com/impress?id=9ffdafa8-33c4-4a67-a2c9-a9cdf7d90e0f HTTP 301
https://2.gotrkpsh.com/ic?sid=10&data=%2BWSeGUOolbrPrznLT06c2PSLp3EPUUwGWkJQrrUqlrTNQmOPmiQAaoJrFwmAk%2FtAOMgNptvwspkTxU5vV39QxHvpMaE6BbAaqBEc%2B5zzjAXjoKM2euCCGt737OSES2ZHirWpxTwdqsPuwZ9NX93R1CpsJFKebhYgBuNXQtTn%2FEy0V06pKCIv2xpez%2B6O%2BjI2kwIcFne97iEfhWM5dtnCC6QkevO4ImZaurjKKRGOXt61cskO%2BONYQGtnRGuSSyEYaBlHnb%2FMvMnubXXO22P3pAoNU0YewYMVT%2FHcxlSfocACH4qbDuZB31QTj3LcdMprAxZF9jCs8JBQmjPT54s1qyIxGXnhVntRoc0w1IX4wc9LhVeM%2FyIxhdgJ8D1tpsJXO%2BTNHm12uBxzf5hDAhZHBw%3D%3D HTTP 302
https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=4263-4263-7-24a88402-d6b0-3ac1-56c1-205a6b7be376&img=https%3A%2F%2Fcdn.adx1.com%2Ff599b0c8640f21a0f38d576ba8be7691.png HTTP 302
https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png

Request Chain 15

https://tracking.push.sincityinteractive.com/image?id=9ffdafa8-33c4-4a67-a2c9-a9cdf7d90e0f HTTP 301
https://2.gotrkpsh.com/im?sid=10&data=Rwn9xbjrQu%2FpAtLN2gMx01AFPLARRNfdvkr2u85yKZTARFmE6ww9MDzPCLfIR1HmBmfeydubIkybrvPbRxhxlXWNCLKUcHhmzEqcoReopkEETfC0bTRklxHNZLLPpNc5VTOhj%2B8R4Z8h%2FhO0yiMLztCM7W6BwjESBARxWU1mtZOZN56Bw1csCpU%2BW1oKpbUOw91tdRwFXyqwo%2Fn1VwFp5pcRyloZ7u7b5PFPh8BrfFQ%2BVHyqS8ZwTNjhUGCkT0I%2B HTTP 302
https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg

Request Chain 16

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|M_uBH04jMo_wYp3pmJczx0dlkjD2dT7WG3yZXgkP2nrFjbB40BODkCUILNUJB2SJ&cid=393552&f=1&h2=OhYoaE2KvQNUloliI1BFSvN-fy5S3o8nVYjDcujLCRw*&rid=90c05304-9897-11ea-8c8d-e4434b374c12&psid=99709976&cp=154&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy80MzQzODgzLzMyOHgzMjgvMHgweDQ5MngzMjgvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TVRBdk1qVTNNRGt6TDJSaE5qaGhaVFZqTWpJd01ERXhZelV3WlRnME5XRTNPVEl6TkdNeU5XRTJMbXB3WldjKi53ZWJw HTTP 301
https://s-img.adskeeper.co.uk/g/4343883/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc%2A.webp

Request Chain 18

https://click.jadspro.live/thumbnail?i=3YDp6pPOTrU_0&imgt=icon HTTP 302
https://serve.mondiad.net/v2/168/90c2f1f4-9897-11ea-baf3-0cc47a1e589f/0/ic HTTP 302
https://img.msg.sale/content/icon?id=KG6BfMCG-03KuOh8yzuyO6MoCvnuCejSf8e1QLrTwz-upXSUK9at6s2VXAA4y_wYZi4nYypRDkxcqeCjiQMMHGKlp_Qrvnzr3yJ5yHTfqnm-57bhskAnrd5-Dns7Cv2Mnn4kPXBaqo4n32MbmwNF6OkAe98HR6cwHLUnOm3kENtJ_qCTWqTrsWhvS5Tx7J0hIxJFxdwFbd14W3bX_AIPFSNWwUewAPusLDlFVjbel7RCCyk1OtrqbhNxwwwnMx1VJkStv4SBLyB-HgZDhqsoil4AMHjeMvfs5t-yU89rULY2tv6c7MPnw_nvE-l3oz2iraQbgoxIXSQTQ0ZZL_6GmWgcapcedDiDTMxGN-ZenOLa_gorNhE_M_6ahL6pf2M5cUVv-z89PDDcdK6z4LUNhgoNKpguz-nwDXlWUEeeJId1bUTOlZtQ2YGOZ8nFl3KVWFN4ImadL6cjnrQK2Rijx-04gehXNIKgLOgkQ128zmr9YH2X4V4ras47WdTDXSxHo-2xL7WgV9D8w43-8f1aW-j89w2pYC6gFY5rizb9-wiYCxaFQC7IgzM7mUkVy7-9mo9w4_iG1IuvHKOIAnFEvf67K_vawQpoJmJcGd81b4BlE6OXDdcHai9C9BC9I5zE3Gs3kkDWUI1z-lePo9GSywdtPWMdiOwkWR9wUr6O3yB5cYzniMUhC_DnOqc0GZS8DYcdpR6XdlbHpAyPPxS3xGRQedJmNOdoBfDSE1GA3rZbIIjQjGMLsvsULwJP7-8GQiRM2a4FICzPa4-sfcTuZnQGBLtQXHzkQLlTZShezljE6Wk7f7L49CHqT6BnXW8urL2QV0bfQwjWhGDCysY-CGVmxFhJiphRq_wPz1DW3lxaS-vfsN0lgBx-pWXv9dfkWLR-FCfXIc-5-ux_AWRjgXSkhK5HJ7zCPlPJCAZGfUqCvK8Ph57P7EJopqV49jZ8w939cexAe1a_5jgkRw6IjVj47VG4HZFIPOOmTinJ5FWxyCfCn2_GDXDO-IyVKquiUchXp5DH7BjQ0Tf2qXhMFTnsSqidMgqKxbkPw-gfpqORJjkW1sqJ39OtPMUJkI1UdW3HW2thagBN8qh5nCRifxJ2z0UZAfo4322oi_nZ9m1bUCq_SYwArcwX0Y2LVOcdwsbBnTVQs7DmnGMYGxcbMOIbyB1oMpyYoQLyShMK0lTV2-n5HuG5xS6FSkM9oAzAc2wKEkUtyzQSs0KH6qpRhCsIQlebOp3qCi8DHNiIZ2TS_9xQ5z02RMGOK-Q0I3BXd6jLT4o7lvrUIB097hEs9hQT0LB8xVkEw8vH2TjgpkloCxcXyBZwqusG3S574S5oCq_2MdTbpNIFf9DdE66ENfBzNCFQVGQfw5vxSxPRcO7SnHaorqkgXMTIerCL4r0MqQL-TE5qt6eg5Bsg_N7wjUazXLcUl3-6_7LLUj60cJjon56cw08P5dBefTbKwWZFnJCsOpF7l0QthuZs7iDEoDm6e4jGiPd8yrn-BWRabKo HTTP 307
https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPHdXXP0ltWiONjVue7NmYYe9T79Z_My9_c4XKMeehufkwNGMrovaXzFtKrOYySHbOzSimMe8iYvH6cWGZuR88629PHi4q4aHmNYrgzICRcIxDoHuRadbW7yglDc55RMk3XQ9g50sed1VHBmrWT4CraIXHYby8jW4RnY-lOuY9EBzS-U_D_H6HFVSCMfvMzkHQwaNT73diC1fdDH35qctuB0gzwPF4is2B3aPxm-dtSOZHzT3SXPWHKRVI22ydMVWlRh-2hXkEu6o80pLTlY5wstYbBNf2UQ-oGv_AvyhulDVWzPJ28LbP5UbFbpBNpGSHcU9krN5FfvEcW5cUj3ktNypt0465EUl2D8CozEpAeBPwPKwLayUjSP4-B1LcPd426-KWY7rcok33TRq5ROEaRrHNxpPsMD1wo8qR3lopuAAbDOdZU0b_ez_GV1TS_PMRhSQDoTpbU3AySGapOvHZMjzfO7vFCI_biTwcNjt32T6JLyKRfahWe4GTkzKkN7q2G-P0UwxoKxiOCGmXIfQSG9JtO_7f_07aUYfRKWislkNaj1Dc436X2sKRaQOXstpkw4iNM2NrvnMVqR33pOcxlm9tTjRzJlAtdMRk0KPH9TjoAq68PAF9Mw==.Rjq5e8syO9XRobiRzlo-sQ==

Request Chain 19

https://click.jadspro.live/thumbnail?i=3YDp6pPOTrU_0 HTTP 302
https://serve.mondiad.net/v2/168/90c2f1f4-9897-11ea-baf3-0cc47a1e589f/0/im HTTP 302
https://img.msg.sale/content/image?id=pCbOoG_Ek8x0X1o5_KX-1dZxZvJQQhbnHCsjXxmqX-dh6IAQ5hj9uFRkVm0j7sXIHtKE45nQFBf7bknsC9jBnIFaYdqUmoNbjBmcsmibasAJD6e0Z1wFWualzJ3GI49Ty6-8fK2lkaDLbBXF2Fek8nzQMk7PB2PrMrpdMRyEcXQUTVvSoq6La4P038Hd-9FIPWPK5uveZr6TzaWtKxfgp8lFB7GxEriEP7BHjHylP-4S0xDaXW3eUh6a28yKCHLffjvwJVOoPEY2Xo1nmasDEF5TtZWngf6d9FVSNB-msDkNbjgvRPyDSLaMABEfToBLjNk6g1-UvuZCONq15IiEx0hHQ5M089VfC0FU76aD0W7CkHpqES-53u6TB3X1BMchgTZDbavWXMWxGkKK5WhrOSl97yEOsQjl4KLu5SMWtbaRTtUg4ZvrqQii1GYO1UL6EQBLGiplVvzXoBlMe5H3fh7nxeh2b8RRu6kuvxrUPp-O-qYaZonbwieVpunMH5cvqBUGDhCxpfxzkzKWW9Ptg1n3leBZwU6PJx8zFF3pDWB3i-H9eurjfgr6kVPNVxOmMmBGQ2qUVxZHVuuJiHaFVKyCK_TuTMSJTKBDjwFdhJwYA5ZkwrWmuNENNSHu-rcaZ_YLBXYsp47EJUVQSzv9IYnt8n8-lnMM0DSqaVVS076ciLvQSQFVpth4uDutmTS9Nh1xholdPPYIcF-QNg7bJYcsFAJmvmIleirabW6BGUwO5mLYzpPrbRQ_5K_eedmejk01dtezXwLQ9zutuV6VA1wrUaoZSVelq7-PR8uyywxilCpbTvE1w2b4dtr36rtIU7gJhuw25RdF9baQKTzxIi-ktkdywWEAy70ftXqEAHLPezmu77e7rqGH887ttt0lli62cXuU51jL-DGf7eZ01hF9BZeXLcNSxDPC-6naJF3IDOQK8t7QcBRIg_kxivaW9-f_hjhWVhZRXvC8wyEfYZGu39ayVtD84jq8WjtLcHFEXNrT1z6cNaowdQxcgJDb9v7Xre6GDdcRKdl1b_cnqsRGPlt_oZVx7jsWfBRokr2kFgC051Q4kh-mZmE0Uwa4aXlbRgtxNFpOtj4ZMFI4DRSvRH-xMuL--4OtCV7WOj3f25wIJuZepD7d2HbZiLZFZyFl5ATLTysQ4FWNOfFZrdef3RA7V005UQBQ6MA_XGjUNRRTfxUo6BO5Opc1gZ2fvuS_fwpUQcQTReU2S3W6aiM1BlYtiuq6qtw6nNNY0AI HTTP 307
https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPHdXXP0ltWiONjVue7NmYYe9T79Z_My9_c4XKMeehufkwNGMrovaXzFtKrOYySHbOzSimMe8iYvH6cWGZuR88629PHi4q4aHmNYrgzICRcIxDoHuRadbW7yglDc55RMk3XQ9g50sed1VHBmrWT4CraIXHYby8jW4RnY-lOuY9EBzS-U_D_H6HFVSCMfvMzkHQwaNT73diC1fdDH35qctuB0gzwPF4is2B3aPxm-dtSOZHzT3SXPWHKRVI22ydMVWlRh-2hXkEu6o80pLTlY5wstYbBNf2UQ-oGv_AvyhulDVWzPJ28LbP5UbFbpBNpGSHcU9krN5FfvEcW5cUj3ktNypt0465EUl2D8CozEpAeBPwPKwLayUjSP4-B1LcPd426-KWY7rcok33TRq5ROEaRrHNxpPsMD1wo8qR3lopuAAbDOdZU0b_ez_GV1TS_PMRhSQDoTpbU3AySGapOvHZMjzfO7vFCI_biTwcNjt32T6JLyKRfahWe4GTkzKkN7q2G-P0UwxoKxiOCGmXIfQSG9JtO_7f_07aUYfRKWislkNaj1Dc436X2sKRaQOXstpkw4iNM2NrvnMVqR33pOcxlm9tTjRzJlAtdMRk0KPH9TjoAq68PAF9Mw==.Rjq5e8syO9XRobiRzlo-sQ==

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
bejuy.com/ 632 B
514 B 484ms
99ms Document
text/html 173.239.5.6
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: https://bejuy.com/?bejuy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.239.5.6 Brooklyn, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f02ca2b420a72a606840bc09e0ebc4464a5c981aecc170f14bbbfe7cb5997a58

Request headers

:method: GET
:authority: bejuy.com
:scheme: https
:path: /?bejuy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx/1.18.0
date: Sun, 17 May 2020 23:38:48 GMT
content-type: text/html;charset=utf-8
content-encoding: gzip

POST
H/1.1 200
OK Cookie set / Show response
bejuy.com/ 200 B
597 B 1192ms
1180ms Document
text/html 173.239.5.6
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL: http://bejuy.com/
Requested by: Host: bejuy.com
URL: https://bejuy.com/?bejuy
Protocol: HTTP/1.1
Server: 173.239.5.6 Brooklyn, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: cb55f1c6959eab1338d1753eca827cfc3159fb0c655c0203fb070628e65bc2a5

Request headers

Host: bejuy.com
Connection: keep-alive
Content-Length: 12
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Sun, 17 May 2020 23:38:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjEsImZlZWRJZCI6ODMsInRzIjoxNTg5NzU4NzI5LCJoYXNoIjoiMzIxOGY5ZmYifQ==;Expires=Mon, 18-May-2020 00:38:49 GMT;Max-Age=3600
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding: gzip

GET
H/1.1

200
OK

Cookie set out.aspx Show response
r.ewoss.com/
Redirect Chain

http://click.clkepd.com/click?i=2S2LhHeQfSE_0
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNkb21haW4maz13d3cuYnVzaGNyYWZ0c2hvcC5ubCZiPTAuMDAwOCZzPTE3MTQ2Nw2
http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397

322 B
650 B

105ms
104ms

Document
text/html

52.203.154.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397
Requested by: Host: bejuy.com
URL: http://bejuy.com/
Protocol: HTTP/1.1
Server: 52.203.154.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-154-39.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: f153cb83c1ce60b2f575db5d6ce628f9a00e9acc34e94de612357cdd938e8bb1

Request headers

Host: r.ewoss.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://bejuy.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://bejuy.com/

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 17 May 2020 23:38:50 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=jyv141bjk3onvbylnb5fdnf0; path=/; HttpOnly
Vary: Accept-Encoding
Content-Length: 336
Connection: keep-alive

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Sun, 17 May 2020 23:38:49 GMT
Location: http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397
Server: Microsoft-IIS/10.0
Content-Length: 183
Connection: keep-alive

GET
H2

200

p Show response
rdr.rtbravo.com/brdr/
Redirect Chain

http://click.junmediadirect.com/click?i=NCv9hPgczys_0
https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t

4 KB
5 KB

187ms
122ms

Document
text/html

107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Requested by: Host: r.ewoss.com
URL: http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8119762588da981992f0fbf873674f332600f44b5b4bc0a46eda641e9946330f

Request headers

:method: GET
:authority: rdr.rtbravo.com
:scheme: https
:path: /brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://r.ewoss.com/out.aspx?u=176fc907-dcdc-4a34-ab06-870e2b7c4397

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Sun, 17 May 2020 23:38:51 GMT
content-type: text/html; charset=utf-8
content-length: 4546
etag: W/"11c2-MVFlIHfh/EjGcGTU5vfrjw"
via: 1.1 google
alt-svc: clear

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 oij23rewlnkads
rdr.rtbravo.com/brdr/ 222 B
333 B 121ms
121ms XHR
application/json 107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr.rtbravo.com/brdr/oij23rewlnkads?i=eyJiaWRpZCI6InYyNTBrd2RzZ2p2bGlmZjRjMjcxMjd3ODFvNWxtZnE5eHQ3NHQxaDA0dCIsImlzaWYiOiJuby1pZnJhbWUiLCJwbWZzIjowLCJpbmZyYW1lIjpmYWxzZSwic2l6ZSI6IjE2MDB4MTIwMCIsInJlZiI6InIuZXdvc3MuY29tIiwiZnJlZiI6Imh0dHA6Ly9yLmV3b3NzLmNvbS9vdXQuYXNweD91PTE3NmZjOTA3LWRjZGMtNGEzNC1hYjA2LTg3MGUyYjdjNDM5NyIsImlzZm9jdXMiOnRydWV9
Requested by: Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 23:38:51 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"de-ogAXTK5YjAH3GJ9n+jQetQ"
content-type: application/json; charset=utf-8
status: 200
alt-svc: clear
content-length: 222

GET
H2

200

Primary Request sw.js Show response
qqmj.happyfeed.net/psh/
Redirect Chain

https://ok.plsnotifyme.com/lp?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&s=78213e57f50ce5ea6591ae7cfd9f589c5ed4a4891bb8c2998ecdc6baa149c26bdd2be69614275aa8095b1e6b194c750b6f5d2416c433&ex=b2100&d=...
https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100

672 B
795 B

190ms
134ms

Document
text/html

34.102.249.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Requested by: Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.249.222 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.249.102.34.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d4b5af10d3ee2b6cceab4fbc0845dc606177ec7fb139f0539fccf2259eb390c5

Request headers

:method: GET
:authority: qqmj.happyfeed.net
:scheme: https
:path: /psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rdr.rtbravo.com/brdr/p?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Sun, 17 May 2020 23:38:51 GMT
content-type: text/html;charset=UTF-8
cache-control: no-cache
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
server: nginx/1.10.3 (Ubuntu)
date: Sun, 17 May 2020 23:38:51 GMT
content-type: text/html; charset=utf-8
content-length: 274
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
location: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
vary: Accept
via: 1.1 google
alt-svc: clear

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.7/ 34 KB
12 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.7/firebase-app.js

Requested by

Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 03:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:05:34 GMT
server: sffe
age: 506296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
expires: Wed, 12 May 2021 03:00:35 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.7/ 35 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.7/firebase-messaging.js

Requested by

Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 May 2020 07:58:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:05:34 GMT
server: sffe
age: 142792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10096
x-xss-protection: 0
expires: Sun, 16 May 2021 07:58:59 GMT

GET
H2 200 imp Show response
get.securedcdn.com/lp/ 8 KB
8 KB 158ms
115ms Script
text/javascript 130.211.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.12.211.130.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 83aee56497f4ecf1aa5ec4c8964ce10fcca2a014b24843ef18ae17a59559d5a2

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 23:38:51 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"1fef-a40qsFFw8tHqM0aCST7PKqwuy/o"
surrogate-control: no-store
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 8175
expires: 0

GET
H2 200 signup Show response
get.securedcdn.com/sub/ 10 KB
10 KB 65ms
22ms Script
text/javascript 130.211.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://get.securedcdn.com/sub/signup?a=b2100&lp=pushallow&vid=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.12.211.130.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 23:38:51 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"276b-jEwo2yXUAv2hpuqeBWpvGeokuvk"
surrogate-control: no-store
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 10091
expires: 0

GET
H2 200 get Show response
imp.plsnotifyme.com/feed/ 1 KB
1 KB 1552ms
1509ms Script
application/json 35.201.123.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.plsnotifyme.com/feed/get?v=2&s=pushallow&uid=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Requested by: Host: get.securedcdn.com
URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.4 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 4.123.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8486c70485aa6048f92fdeae03d7fff89caad449d50d62025c5a9f9291f37eec

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 23:38:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"494-8mWgb04+giwbkmSL8/6ZiPgetTE"
surrogate-control: no-store
content-type: application/json; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 1172
expires: 0

GET
H2

200

MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr...
tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/
Redirect Chain

http://click.pclk.name/thumbnail?i=PaPGlpqpXqM_0&imgt=icon
https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJ...

7 KB
7 KB

289ms
88ms

Image
image/webp

2600:1f18:40f7:9700:2e97:c585:d39e:99b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr6Aijf33kZWQa7rJMkTAzwSqdtotFQMmYyTS2mRN7B-2Ig_O7LlcFFM6N5qdfoZIFEAOYf4UvOtCctYtlKxuCzbjwKzVb9POhHfRfGy4o_qViKEL8fivTlbxrwGhe78iBAxk9UBH1qmwoHZ4ppMwM0totlCXNUMSx5qJhMrRImFDXHZE-3GLMZpmqHKWqWHWJtnMZdbDh4_V0pPJ2xHwlEruUfBXXmnqYzbC8rQ4xfZCfb_GXQIjHs-W-MlpyiMxkqAAayWn2-HuhC03Z1Zz1B0MFuTgJ-KeKc4FgzyLKaHdS5Rns3AHy3zkGiZEqO222t0GckNl_cimc_o2Kn5VyScPQYIaWOwGNu0T3uXhswnQmcYcsa1sBegWZKGwkWOneGOKQ6MXrRhU0rMLk2kWUdsDjzbZz9EXxtJXYc3gXafdmUcOBJ26z3a61Dn7vgQDzV1sGIy_TDTGxztEvP5bU6CJlcf2r3rD5PrUxp0RTSi-miUy8KNWK9Bgg4G56R6G_JKnRuQ=.3Nhto3lRkdlANoSHM7kyaw==
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:2e97:c585:d39e:99b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8ae37067947ca98c4c265d432888d25dc536a4af1a19cd6c2e3bea0a99589760

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 23:38:53 GMT
content-disposition: inline;filename=f.txt
content-length: 7530
content-type: image/webp

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr6Aijf33kZWQa7rJMkTAzwSqdtotFQMmYyTS2mRN7B-2Ig_O7LlcFFM6N5qdfoZIFEAOYf4UvOtCctYtlKxuCzbjwKzVb9POhHfRfGy4o_qViKEL8fivTlbxrwGhe78iBAxk9UBH1qmwoHZ4ppMwM0totlCXNUMSx5qJhMrRImFDXHZE-3GLMZpmqHKWqWHWJtnMZdbDh4_V0pPJ2xHwlEruUfBXXmnqYzbC8rQ4xfZCfb_GXQIjHs-W-MlpyiMxkqAAayWn2-HuhC03Z1Zz1B0MFuTgJ-KeKc4FgzyLKaHdS5Rns3AHy3zkGiZEqO222t0GckNl_cimc_o2Kn5VyScPQYIaWOwGNu0T3uXhswnQmcYcsa1sBegWZKGwkWOneGOKQ6MXrRhU0rMLk2kWUdsDjzbZz9EXxtJXYc3gXafdmUcOBJ26z3a61Dn7vgQDzV1sGIy_TDTGxztEvP5bU6CJlcf2r3rD5PrUxp0RTSi-miUy8KNWK9Bgg4G56R6G_JKnRuQ=.3Nhto3lRkdlANoSHM7kyaw==

GET
H2

200

http://click.pclk.name/thumbnail?i=PaPGlpqpXqM_0
https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJ...

7 KB
7 KB

353ms
174ms

Image
image/webp

2600:1f18:40f7:9700:2e97:c585:d39e:99b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr6Aijf33kZWQa7rJMkTAzwSqdtotFQMmYyTS2mRN7B-2Ig_O7LlcFFM6N5qdfoZIFEAOYf4UvOtCctYtlKxuCzbjwKzVb9POhHfRfGy4o_qViKEL8fivTlbxrwGhe78iBAxk9UBH1qmwoHZ4ppMwM0totlCXNUMSx5qJhMrRImFDXHZE-3GLMZpmqHKWqWHWJtnMZdbDh4_V0pPJ2xHwlEruUfBXXmnqYzbC8rQ4xfZCfb_GXQIjHs-W-MlpyiMxkqAAayWn2-HuhC03Z1Zz1B0MFuTgJ-KeKc4FgzyLKaHdS5Rns3AHy3zkGiZEqO222t0GckNl_cimc_o2Kn5VyScPQYIaWOwGNu0T3uXhswnQmcYcsa1sBegWZKGwkWOneGOKQ6MXrRhU0rMLk2kWUdsDjzbZz9EXxtJXYc3gXafdmUcOBJ26z3a61Dn7vgQDzV1sGIy_TDTGxztEvP5bU6CJlcf2r3rD5PrUxp0RTSi-miUy8KNWK9Bgg4G56R6G_JKnRuQ=.3Nhto3lRkdlANoSHM7kyaw==
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:2e97:c585:d39e:99b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8ae37067947ca98c4c265d432888d25dc536a4af1a19cd6c2e3bea0a99589760

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 23:38:53 GMT
content-disposition: inline;filename=f.txt
content-length: 7530
content-type: image/webp

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://tanit-dio.com/imp/90c2a360-9897-11ea-a221-0a6167ba4649/1/MZlcALSaVOXev27zV9wz5fVlsO_PdPbikJL4ZNmYpOSRdpvZUxuDk5aL1LNxu-UAB54Up8Si4OAVgyUS_F4l5eEx3_81-IbiT12VJRBF6asZ8cepImUdRvd71C0JhZ6KGCtJgdIJA5n2CSHGOSIOlrF1ZNo4Ia66M60yuAdL7fIC12cowvWGBph_vyGe0Vcr_G7hr6Aijf33kZWQa7rJMkTAzwSqdtotFQMmYyTS2mRN7B-2Ig_O7LlcFFM6N5qdfoZIFEAOYf4UvOtCctYtlKxuCzbjwKzVb9POhHfRfGy4o_qViKEL8fivTlbxrwGhe78iBAxk9UBH1qmwoHZ4ppMwM0totlCXNUMSx5qJhMrRImFDXHZE-3GLMZpmqHKWqWHWJtnMZdbDh4_V0pPJ2xHwlEruUfBXXmnqYzbC8rQ4xfZCfb_GXQIjHs-W-MlpyiMxkqAAayWn2-HuhC03Z1Zz1B0MFuTgJ-KeKc4FgzyLKaHdS5Rns3AHy3zkGiZEqO222t0GckNl_cimc_o2Kn5VyScPQYIaWOwGNu0T3uXhswnQmcYcsa1sBegWZKGwkWOneGOKQ6MXrRhU0rMLk2kWUdsDjzbZz9EXxtJXYc3gXafdmUcOBJ26z3a61Dn7vgQDzV1sGIy_TDTGxztEvP5bU6CJlcf2r3rD5PrUxp0RTSi-miUy8KNWK9Bgg4G56R6G_JKnRuQ=.3Nhto3lRkdlANoSHM7kyaw==

GET
H2

200

64d8e23e1df929c03565a3785b45cd05.png
cdn.adx1.com/
Redirect Chain

http://xml.fastdlr.com/thumbnail?i=y*oaNEd3PQE_0&imgt=icon
https://r.mobifortune.com/ix/ic/EGAJLpjbjB4p6vhNODqVfSOSucIFg-8lVpxym-_keDDWoV0wHNUbzg1Xjxq-h3tztdAyeFv3NH8TfYe0IQOB0lV82xdmXZkn_H_PmXR66JMsr4T65Lo5uKYM_WQFp74qcskswRFTk88n7iNpryIk0cHjERttd9wuAXR9N...
https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=4916-4916-7-ea2d9f6d-3585-6ca4-4166-742d21f8ca1e&img=https%3A%2F%2Fcdn.adx1.com%2F64d8e23e1df929c03565a3785b45cd05.png
https://cdn.adx1.com/64d8e23e1df929c03565a3785b45cd05.png

19 KB
19 KB

20ms
19ms

Image
image/png

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/64d8e23e1df929c03565a3785b45cd05.png
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 7ad4322fd917529ac49de877e6611e9afdb778c7134b06adeaf3972737225676

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 23:38:54 GMT
last-modified: Wed, 24 Apr 2019 10:33:51 GMT
server: openresty/1.15.8.3
etag: "5cc03b8f-4b8c"
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19340
expires: Thu, 28 May 2020 08:57:36 GMT

Redirect headers

status: 302
date: Sun, 17 May 2020 23:38:53 GMT
server: openresty/1.15.8.3
content-length: 0
location: https://cdn.adx1.com/64d8e23e1df929c03565a3785b45cd05.png

GET
H2

200

f599b0c8640f21a0f38d576ba8be7691.png
cdn.adx1.com/
Redirect Chain

https://tracking.push.sincityinteractive.com/impress?id=9ffdafa8-33c4-4a67-a2c9-a9cdf7d90e0f
https://2.gotrkpsh.com/ic?sid=10&data=%2BWSeGUOolbrPrznLT06c2PSLp3EPUUwGWkJQrrUqlrTNQmOPmiQAaoJrFwmAk%2FtAOMgNptvwspkTxU5vV39QxHvpMaE6BbAaqBEc%2B5zzjAXjoKM2euCCGt737OSES2ZHirWpxTwdqsPuwZ9NX93R1CpsJ...
https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=4263-4263-7-24a88402-d6b0-3ac1-56c1-205a6b7be376&img=https%3A%2F%2Fcdn.adx1.com%2Ff599b0c8640f21a0f38d576ba8be7691.png
https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png

24 KB
25 KB

15ms
15ms

Image
image/png

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 23:38:54 GMT
last-modified: Wed, 24 Apr 2019 10:33:53 GMT
server: openresty/1.15.8.3
etag: "5cc03b91-61ad"
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 25005
expires: Thu, 28 May 2020 08:58:00 GMT

Redirect headers

status: 302
date: Sun, 17 May 2020 23:38:53 GMT
server: openresty/1.15.8.3
content-length: 0
location: https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png

GET
H2

200

47f3a96a7754114f456a4843fd3691aa.jpg
cdn.adx1.com/
Redirect Chain

https://tracking.push.sincityinteractive.com/image?id=9ffdafa8-33c4-4a67-a2c9-a9cdf7d90e0f
https://2.gotrkpsh.com/im?sid=10&data=Rwn9xbjrQu%2FpAtLN2gMx01AFPLARRNfdvkr2u85yKZTARFmE6ww9MDzPCLfIR1HmBmfeydubIkybrvPbRxhxlXWNCLKUcHhmzEqcoReopkEETfC0bTRklxHNZLLPpNc5VTOhj%2B8R4Z8h%2FhO0yiMLztCM7...
https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg

42 KB
42 KB

45ms
14ms

Image
image/jpeg

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e280a986dec023767e9780260764ea473ed2557d0a5e56209a1dd0a83ecb3982

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 23:38:53 GMT
last-modified: Wed, 24 Apr 2019 10:33:52 GMT
server: openresty/1.15.8.3
etag: "5cc03b90-a673"
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 42611
expires: Thu, 28 May 2020 08:59:59 GMT

Redirect headers

Location: https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg
Date: Sun, 17 May 2020 23:38:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc%2A.webp
s-img.adskeeper.co.uk/g/4343883/328x328/0x0x492x328/
Redirect Chain

https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|M_uBH04jMo_wYp3pmJczx0dlkjD2dT7WG3yZXgkP2nrFjbB40BODkCUILNUJB2SJ&cid=393552&f=1&h2=OhYoaE2KvQNUloliI1BFSvN-fy5S3o8nVYjDcujLCRw*&rid=90c05304-9897-11ea-8c8d-...
https://s-img.adskeeper.co.uk/g/4343883/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc%2A.webp

8 KB
8 KB

18ms
18ms

Image
image/webp

104.19.132.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4343883/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc%2A.webp
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 665bc98167712f89acc33a88bff12feea205bfa662082680633eae3e8ecdf0bc

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 23:38:53 GMT
cf-cache-status: HIT
age: 8849508
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 8062
cf-request-id: 02c69a453400000b43321bf200000001
last-modified: Fri, 17 Jan 2020 09:47:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 59512cb528650b43-AMS
expires: Mon, 17 May 2021 23:38:53 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 May 2020 23:38:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/4343883/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59512cb4b9b7c795-AMS
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02c69a44f60000c795e9294200000001

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc*.webp
s-img.adskeeper.co.uk/g/4343883/492x328/0x0x492x328/ 10 KB
11 KB 56ms
18ms Image
image/webp 104.19.132.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/4343883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMjU3MDkzL2RhNjhhZTVjMjIwMDExYzUwZTg0NWE3OTIzNGMyNWE2LmpwZWc*.webp
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33b1fa1863acafc701cb6867a8d0718684462c18910621452e74c86f157b5c0d

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 23:38:53 GMT
cf-cache-status: HIT
age: 843803
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 10356
cf-request-id: 02c69a44f000000b43321b9200000001
last-modified: Tue, 17 Mar 2020 11:28:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 59512cb4bfe40b43-AMS
expires: Mon, 17 May 2021 23:38:53 GMT

GET
H2

200

8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPH...
tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/
Redirect Chain

https://click.jadspro.live/thumbnail?i=3YDp6pPOTrU_0&imgt=icon
https://serve.mondiad.net/v2/168/90c2f1f4-9897-11ea-baf3-0cc47a1e589f/0/ic
https://img.msg.sale/content/icon?id=KG6BfMCG-03KuOh8yzuyO6MoCvnuCejSf8e1QLrTwz-upXSUK9at6s2VXAA4y_wYZi4nYypRDkxcqeCjiQMMHGKlp_Qrvnzr3yJ5yHTfqnm-57bhskAnrd5-Dns7Cv2Mnn4kPXBaqo4n32MbmwNF6OkAe98HR6cw...
https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNND...

7 KB
7 KB

90ms
89ms

Image
image/webp

2600:1f18:40f7:9700:2e97:c585:d39e:99b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPHdXXP0ltWiONjVue7NmYYe9T79Z_My9_c4XKMeehufkwNGMrovaXzFtKrOYySHbOzSimMe8iYvH6cWGZuR88629PHi4q4aHmNYrgzICRcIxDoHuRadbW7yglDc55RMk3XQ9g50sed1VHBmrWT4CraIXHYby8jW4RnY-lOuY9EBzS-U_D_H6HFVSCMfvMzkHQwaNT73diC1fdDH35qctuB0gzwPF4is2B3aPxm-dtSOZHzT3SXPWHKRVI22ydMVWlRh-2hXkEu6o80pLTlY5wstYbBNf2UQ-oGv_AvyhulDVWzPJ28LbP5UbFbpBNpGSHcU9krN5FfvEcW5cUj3ktNypt0465EUl2D8CozEpAeBPwPKwLayUjSP4-B1LcPd426-KWY7rcok33TRq5ROEaRrHNxpPsMD1wo8qR3lopuAAbDOdZU0b_ez_GV1TS_PMRhSQDoTpbU3AySGapOvHZMjzfO7vFCI_biTwcNjt32T6JLyKRfahWe4GTkzKkN7q2G-P0UwxoKxiOCGmXIfQSG9JtO_7f_07aUYfRKWislkNaj1Dc436X2sKRaQOXstpkw4iNM2NrvnMVqR33pOcxlm9tTjRzJlAtdMRk0KPH9TjoAq68PAF9Mw==.Rjq5e8syO9XRobiRzlo-sQ==
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:2e97:c585:d39e:99b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8ae37067947ca98c4c265d432888d25dc536a4af1a19cd6c2e3bea0a99589760

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 23:38:54 GMT
content-disposition: inline;filename=f.txt
content-length: 7530
content-type: image/webp

Redirect headers

Location: https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPHdXXP0ltWiONjVue7NmYYe9T79Z_My9_c4XKMeehufkwNGMrovaXzFtKrOYySHbOzSimMe8iYvH6cWGZuR88629PHi4q4aHmNYrgzICRcIxDoHuRadbW7yglDc55RMk3XQ9g50sed1VHBmrWT4CraIXHYby8jW4RnY-lOuY9EBzS-U_D_H6HFVSCMfvMzkHQwaNT73diC1fdDH35qctuB0gzwPF4is2B3aPxm-dtSOZHzT3SXPWHKRVI22ydMVWlRh-2hXkEu6o80pLTlY5wstYbBNf2UQ-oGv_AvyhulDVWzPJ28LbP5UbFbpBNpGSHcU9krN5FfvEcW5cUj3ktNypt0465EUl2D8CozEpAeBPwPKwLayUjSP4-B1LcPd426-KWY7rcok33TRq5ROEaRrHNxpPsMD1wo8qR3lopuAAbDOdZU0b_ez_GV1TS_PMRhSQDoTpbU3AySGapOvHZMjzfO7vFCI_biTwcNjt32T6JLyKRfahWe4GTkzKkN7q2G-P0UwxoKxiOCGmXIfQSG9JtO_7f_07aUYfRKWislkNaj1Dc436X2sKRaQOXstpkw4iNM2NrvnMVqR33pOcxlm9tTjRzJlAtdMRk0KPH9TjoAq68PAF9Mw==.Rjq5e8syO9XRobiRzlo-sQ==
Date: Sun, 17 May 2020 23:38:53 GMT
Cache-control: no-cache, no-store
Referrer-Policy: no-referrer
Server: fasthttp
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

https://click.jadspro.live/thumbnail?i=3YDp6pPOTrU_0
https://serve.mondiad.net/v2/168/90c2f1f4-9897-11ea-baf3-0cc47a1e589f/0/im
https://img.msg.sale/content/image?id=pCbOoG_Ek8x0X1o5_KX-1dZxZvJQQhbnHCsjXxmqX-dh6IAQ5hj9uFRkVm0j7sXIHtKE45nQFBf7bknsC9jBnIFaYdqUmoNbjBmcsmibasAJD6e0Z1wFWualzJ3GI49Ty6-8fK2lkaDLbBXF2Fek8nzQMk7PB2P...
https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNND...

7 KB
7 KB

89ms
88ms

Image
image/webp

2600:1f18:40f7:9700:2e97:c585:d39e:99b7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPHdXXP0ltWiONjVue7NmYYe9T79Z_My9_c4XKMeehufkwNGMrovaXzFtKrOYySHbOzSimMe8iYvH6cWGZuR88629PHi4q4aHmNYrgzICRcIxDoHuRadbW7yglDc55RMk3XQ9g50sed1VHBmrWT4CraIXHYby8jW4RnY-lOuY9EBzS-U_D_H6HFVSCMfvMzkHQwaNT73diC1fdDH35qctuB0gzwPF4is2B3aPxm-dtSOZHzT3SXPWHKRVI22ydMVWlRh-2hXkEu6o80pLTlY5wstYbBNf2UQ-oGv_AvyhulDVWzPJ28LbP5UbFbpBNpGSHcU9krN5FfvEcW5cUj3ktNypt0465EUl2D8CozEpAeBPwPKwLayUjSP4-B1LcPd426-KWY7rcok33TRq5ROEaRrHNxpPsMD1wo8qR3lopuAAbDOdZU0b_ez_GV1TS_PMRhSQDoTpbU3AySGapOvHZMjzfO7vFCI_biTwcNjt32T6JLyKRfahWe4GTkzKkN7q2G-P0UwxoKxiOCGmXIfQSG9JtO_7f_07aUYfRKWislkNaj1Dc436X2sKRaQOXstpkw4iNM2NrvnMVqR33pOcxlm9tTjRzJlAtdMRk0KPH9TjoAq68PAF9Mw==.Rjq5e8syO9XRobiRzlo-sQ==
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:2e97:c585:d39e:99b7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8ae37067947ca98c4c265d432888d25dc536a4af1a19cd6c2e3bea0a99589760

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 23:38:54 GMT
content-disposition: inline;filename=f.txt
content-length: 7530
content-type: image/webp

Redirect headers

Location: https://tanit-dio.com/imp/90c90c0c-9897-11ea-921e-12b2682e701b/1/8VnashHvwOJaGnkEhKV7C1908F1jwl9DGxn6rEovXgIWt1-uenLG7pY2WDcVsNmLI5nm8buS_yVp7BeRTNzAexpXB0QHNlC8iM2oTQUPQSHxlujBzw1zJJYPX4wpJsusGNNDV27vUkBEBr0uKpXrQ_1PBuJpeSl6B8zzk1QL-6_DLjP0xsZ6d6UXDkwWAeQgtpxPHdXXP0ltWiONjVue7NmYYe9T79Z_My9_c4XKMeehufkwNGMrovaXzFtKrOYySHbOzSimMe8iYvH6cWGZuR88629PHi4q4aHmNYrgzICRcIxDoHuRadbW7yglDc55RMk3XQ9g50sed1VHBmrWT4CraIXHYby8jW4RnY-lOuY9EBzS-U_D_H6HFVSCMfvMzkHQwaNT73diC1fdDH35qctuB0gzwPF4is2B3aPxm-dtSOZHzT3SXPWHKRVI22ydMVWlRh-2hXkEu6o80pLTlY5wstYbBNf2UQ-oGv_AvyhulDVWzPJ28LbP5UbFbpBNpGSHcU9krN5FfvEcW5cUj3ktNypt0465EUl2D8CozEpAeBPwPKwLayUjSP4-B1LcPd426-KWY7rcok33TRq5ROEaRrHNxpPsMD1wo8qR3lopuAAbDOdZU0b_ez_GV1TS_PMRhSQDoTpbU3AySGapOvHZMjzfO7vFCI_biTwcNjt32T6JLyKRfahWe4GTkzKkN7q2G-P0UwxoKxiOCGmXIfQSG9JtO_7f_07aUYfRKWislkNaj1Dc436X2sKRaQOXstpkw4iNM2NrvnMVqR33pOcxlm9tTjRzJlAtdMRk0KPH9TjoAq68PAF9Mw==.Rjq5e8syO9XRobiRzlo-sQ==
Date: Sun, 17 May 2020 23:38:53 GMT
Cache-control: no-cache, no-store
Referrer-Policy: no-referrer
Server: fasthttp
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 conv
rdr.rtbravo.com/brdr/ 0
0 125ms
124ms Image
application/json 107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdr.rtbravo.com/brdr/conv?i=v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&event=bvw&payout=0
Requested by: Host: qqmj.happyfeed.net
URL: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://qqmj.happyfeed.net/psh/sw.js?cb=289539623137989ball3v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.happyfeed.net/	1970-01-19 09:37:25	Name: uidsv3 Value: v250kwdsgjvliff4c27127w81o5lmfq9xt74t1h04t^1589758735

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.gotrkpsh.com
bejuy.com
c.adskeeper.co.uk
cdn.adx1.com
click.clkepd.com
click.jadspro.live
click.junmediadirect.com
click.pclk.name
get.securedcdn.com
img.msg.sale
imp.plsnotifyme.com
ok.plsnotifyme.com
qqmj.happyfeed.net
r.ewoss.com
r.mobifortune.com
rdr.rtbravo.com
rtb.4armn.com
s-img.adskeeper.co.uk
serve.mondiad.net
tanit-dio.com
tracking.push.sincityinteractive.com
www.gstatic.com
xml.fastdlr.com
104.19.130.80
104.19.132.80
104.31.86.230
107.178.249.212
130.211.12.92
149.11.201.98
149.6.163.10
173.239.5.6
173.239.53.18
174.137.133.16
18.184.36.31
195.201.189.16
198.134.116.18
198.134.116.30
199.241.100.2
2600:1f18:40f7:9700:2e97:c585:d39e:99b7
2a00:1450:4001:81a::2003
34.102.249.222
35.201.123.4
52.203.154.39
94.130.133.182
33b1fa1863acafc701cb6867a8d0718684462c18910621452e74c86f157b5c0d
4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
665bc98167712f89acc33a88bff12feea205bfa662082680633eae3e8ecdf0bc
7ad4322fd917529ac49de877e6611e9afdb778c7134b06adeaf3972737225676
8119762588da981992f0fbf873674f332600f44b5b4bc0a46eda641e9946330f
83aee56497f4ecf1aa5ec4c8964ce10fcca2a014b24843ef18ae17a59559d5a2
8486c70485aa6048f92fdeae03d7fff89caad449d50d62025c5a9f9291f37eec
8ae37067947ca98c4c265d432888d25dc536a4af1a19cd6c2e3bea0a99589760
8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc
cb55f1c6959eab1338d1753eca827cfc3159fb0c655c0203fb070628e65bc2a5
d4b5af10d3ee2b6cceab4fbc0845dc606177ec7fb139f0539fccf2259eb390c5
d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45
e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f
e280a986dec023767e9780260764ea473ed2557d0a5e56209a1dd0a83ecb3982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f02ca2b420a72a606840bc09e0ebc4464a5c981aecc170f14bbbfe7cb5997a58
f153cb83c1ce60b2f575db5d6ce628f9a00e9acc34e94de612357cdd938e8bb1

qqmj.happyfeed.net Open in urlscan Pro 34.102.249.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

86 %HTTPS

10 %IPv6

21 Domains

23 Subdomains

11 IPs

4 Countries

183 kBTransfer

227 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

1 Cookies

qqmj.happyfeed.net Open in urlscan Pro
34.102.249.222 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

86 %
HTTPS

10 %
IPv6

21
Domains

23
Subdomains

11
IPs

4
Countries

183 kB
Transfer

227 kB
Size

1
Cookies

21 HTTP transactions
1 data transactions