www.deadtower.run.place Open in urlscan Pro
77.238.239.195  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.deadtower.run.place/	3 KB 2 KB	1167ms 68ms	Document text/html	77.238.239.195 VDSINA
General Check archive.org Show headers Download Go to Full URL https://www.deadtower.run.place/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.238.239.195 Amsterdam, Netherlands, ASN216071 (VDSINA, AE), Reverse DNS v40749.com Software Apache/2.4.59 (Debian) / Resource Hash e444450af11e40775198c41ad81afda8aec95c04c24a2d16b042dec35ea297b2 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Accept-Ranges bytes Connection Keep-Alive Content-Encoding gzip Content-Length 1451 Content-Type text/html Date Thu, 16 May 2024 23:48:17 GMT ETag "ae5-6189798d7fb29-gzip" Keep-Alive timeout=5, max=100 Last-Modified Thu, 16 May 2024 19:54:03 GMT Server Apache/2.4.59 (Debian) Vary Accept-Encoding
GET H2	200	rp-cl-ob.js Show response richinfo.co/richpartners/push/js/	94 KB 35 KB	995ms 705ms	Script application/x-javascript	109.200.199.110 I3DNET
General Check archive.org Show headers Download Go to Full URL https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=925178&siteid=346450&niche=33 Requested by Host: www.deadtower.run.place URL: https://www.deadtower.run.place/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.199.110 Settimo Milanese, Italy, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 5cd7eff684ae09ba991ae724ef2c64eefce751daf52d6b81bee7c243f36b5d97 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:17 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id 8AW44XDKMYY51681 etag W/"48e0c66e13f063ffe401a275add23665" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 tyHaNcKlB4ah1L4MA0SnfeNQ2h1kz0PBYnLqr4aOddsNPQ6xZAiw6C1dD314ZWd8joW1Ik6/V1A=
GET H2	200	richads-ob.js Show response richinfo.co/richpartners/in-page/js/	72 KB 27 KB	995ms 705ms	Script application/x-javascript	109.200.199.110 I3DNET
General Check archive.org Show headers Download Go to Full URL https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Requested by Host: www.deadtower.run.place URL: https://www.deadtower.run.place/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.199.110 Settimo Milanese, Italy, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 307a474f84ca8a18d69c8cf37c40ead47690e97c8ae99582a5b3328e4a064467 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:17 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id 8AW2ZVKVP7R6Q65R etag W/"2ddcb957a89b99f69dad51fb8e99ea5c" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 AqqsduoROjrHDibTjMdUM2wfNRK4j4DdI/snIBAN+lytkZ336eObHzMWvuuWb51DcndJzN+pf8U=
GET H2	200	richads-pu-ob.js Show response richinfo.co/richpartners/pops/js/	62 KB 23 KB	495ms 240ms	Script application/x-javascript	109.200.199.110 I3DNET
General Check archive.org Show headers Download Go to Full URL https://richinfo.co/richpartners/pops/js/richads-pu-ob.js Requested by Host: www.deadtower.run.place URL: https://www.deadtower.run.place/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.199.110 Settimo Milanese, Italy, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 227286d010fc3f83c563975911f946a9e1accfacedc8b01a350fa74c14cf293b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:17 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id ZQF5Q2MZ9543RF3N etag W/"0dea35c9de7957b6bd8df47d3587ae12" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 OQbbUIj5zqykb6BlWQXwf+TYaU2CP4N8ZexrzrFm6xZdbrZxzL1BaGOfRdjhEk4uFYLZcQN+pak=
GET H/1.1	200 OK	infdark.png www.deadtower.run.place/	150 KB 151 KB	72ms 72ms	Image image/png	77.238.239.195 VDSINA
General Check archive.org Show headers Download Go to Show image Full URL https://www.deadtower.run.place/infdark.png Requested by Host: www.deadtower.run.place URL: https://www.deadtower.run.place/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.238.239.195 Amsterdam, Netherlands, ASN216071 (VDSINA, AE), Reverse DNS v40749.com Software Apache/2.4.59 (Debian) / Resource Hash 5a5e08df952571b0c05c27ce1f4682e6a983c5610a45ad9d0d09bac3ddc02004 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 16 May 2024 23:48:17 GMT Last-Modified Wed, 15 May 2024 21:34:49 GMT Server Apache/2.4.59 (Debian) ETag "259fd-61884e3616488" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 154109
GET H2	200	pu-ob.js Show response 7ool.net/richpartners/pops/js/	46 KB 17 KB	547ms 221ms	Script application/x-javascript	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/pops/js/pu-ob.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 6d7f57be01ebc67f1e00dd55156ac0c898453ec4c1f345454558311a7df91378 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id 4ADB19WC1X53DKPZ etag W/"6ffabec4290a76154425808d40c0b9bc" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 VdmbbbBsrzYcB9mBn9N8LarczJscRA/hluYRIP3PW0cHrT+bJ/vV5JchrsOGyLJP1iKIYPF7Nd8=
GET H2	200	st rtb.pushdom.co/pb/	0 72 B	709ms 160ms	Image text/html	31.204.132.207 I3DNET
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=925178&sid=346450&dm=www.deadtower.run.place&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st Requested by Host: www.deadtower.run.place URL: https://www.deadtower.run.place/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.204.132.207 Atlanta, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT server openresty/1.21.4.1 content-length 0 content-type text/html;charset=UTF-8
GET H2	200	st rtb.pushdom.co/pb/	0 73 B	708ms 159ms	Image text/html	31.204.132.207 I3DNET
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.pushdom.co/pb/st?sctp=content-locker&m=si&pid=925178&sid=346450&dm=www.deadtower.run.place&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st Requested by Host: www.deadtower.run.place URL: https://www.deadtower.run.place/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.204.132.207 Atlanta, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT server openresty/1.21.4.1 content-length 0 content-type text/html;charset=UTF-8
GET H2	200	fp.js Show response 7ool.net/richpartners/pops/js/	30 KB 11 KB	137ms 136ms	Script application/x-javascript	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/pops/js/fp.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 916548cff605f88e2c6a235ff2f29302332d663d96395a27ce197e32c847b333 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id TZPN4412992FHE07 etag W/"9a03b4f00a9a0e2e99f616cf76a3ec12" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 zgOZCTos0VXdyUb7TrObTtj1sp/ozSN9mfT1aaRx6Bbu6BTb3JjdCX00+cQYAsV9JzAM+9lkfbembWxlFUEjfUozF+WvvRso+doqvPmlGVM=
GET H2	200	in-page.css 7ool.net/richpartners/in-page/js/	2 KB 1 KB	135ms 133ms	Stylesheet text/css	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/in-page.css Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash c32db7b04d099a77cec006a811b99040d697726093aa780db55f23ec67882282 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id 88B2H4K4RN8SZ79X etag W/"7b98c1051df4fae82026de8cec85b36f" x-amz-server-side-encryption AES256 content-type text/css x-amz-id-2 qJs5YuVzNItWU2NxKJB/j+vBZ5s1XnyS3MYF5CU7ebFpLQMwdvRrOKSx6yxN5otMycYcBlFKAaQRDn5izxyX9/j6fSgNZfbBugoIAGf6I8o=
GET H2	200	fp.js Show response 7ool.net/richpartners/in-page/js/	30 KB 11 KB	136ms 135ms	Script application/x-javascript	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/fp.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 916548cff605f88e2c6a235ff2f29302332d663d96395a27ce197e32c847b333 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id EX6EGPQPX8S5Z74F etag W/"9a03b4f00a9a0e2e99f616cf76a3ec12" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 JeKGkRPhKGDIih8nB5u/YIcw5sLPHcDMrJz8kmLfc1pgmShgUw8odxkNV91F2hY8fpXSX2m9SMA=
GET H2	200	info Show response eu.convers.link/users/	211 B 294 B	542ms 66ms	Script application/json	5.200.15.239 I3DNET
General Check archive.org Show headers Download Go to Full URL https://eu.convers.link/users/info?callback=userinfo_rp_pu Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.200.15.239 Rotterdam, Netherlands, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 8b4269e1d8a124edee66024f7a67871566d1fb56961356806cee32a00bab6366 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip server openresty/1.21.4.1 content-type application/json;charset=UTF-8
GET H2	200	in-page-ob.js Show response 7ool.net/richpartners/in-page/js/	48 KB 18 KB	946ms 946ms	Script application/x-javascript	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/in-page-ob.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash a29939fa3c958ca951b305b9e66279bfd6f55074c461e18829a7707c70203559 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id JKB0JZ0X3SWPGFD9 etag W/"be8526fef719f0e84a8e280ca1171624" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 WQLI/br2QCmarfbS9yGWyucilfTAtik8nGrOqz1SyEJAMDW1u47XDjlMBdWItSCZX2E1WhQ8Wy+wQh5xoApziPGmcFv1cwonbIXwwHdEJL0=
GET H2	200	md5.js Show response 7ool.net/richpartners/pops/js/	47 KB 17 KB	521ms 521ms	Script application/x-javascript	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/pops/js/md5.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id GEGXSMA11EFHQBB1 etag W/"957f14b329cbf0159c40d4d8a5620041" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 5yhIQ+YfIt3KRKuGbsgpM/q3bg+zCqXXywe+WBe8DppwwfngnPQ5EfNTj5hqr1TOVNRo9rrZmRHB06Jp6gu883UepgEpVGrCjpk2dUBKdTs=
GET H2	200	info Show response us.convers.link/users/	211 B 293 B	997ms 115ms	Script application/json	31.204.132.208 I3DNET
General Check archive.org Show headers Download Go to Full URL https://us.convers.link/users/info?callback=userinfo_rp_pu Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.204.132.208 Atlanta, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash e9e8f3d58904ec41d26fa8ec5ed85dd0c29fb163f3a7be422bb3e6aaa044f01b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:20 GMT content-encoding gzip server openresty/1.21.4.1 content-type application/json;charset=UTF-8
GET H2	200	b1e178a81fa1875d36e7c2728f3d49cf.json Show response cdn.adx1.com/publisher-config/	281 B 454 B	879ms 387ms	Fetch application/octet-stream	5.200.15.240 I3DNET
General Check archive.org Show headers Download Go to Full URL https://cdn.adx1.com/publisher-config/b1e178a81fa1875d36e7c2728f3d49cf.json Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/pops/js/richads-pu-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.200.15.240 Rotterdam, Netherlands, ASN49544 (I3DNET, NL), Reverse DNS Software / Resource Hash dca22aab33d2444563ce77dc723c1a9a6b459c33ffd636b0b7904976066ca974 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" accept application/json Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.deadtower.run.place access-control-allow-credentials true accept-ranges bytes etag "c69f1085db4ebd762b3cc313ddfa85c5" content-length 281 content-type application/octet-stream
GET H2	200	md5.js Show response 7ool.net/richpartners/pops/js/	47 KB 0	0ms 0ms	Script application/x-javascript	109.200.209.143 I3DNET
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/pops/js/md5.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.143 Newark, United States, ASN49544 (I3DNET, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 16 May 2024 23:48:18 GMT content-encoding gzip last-modified Thu, 02 May 2024 10:22:54 GMT server openresty/1.21.4.1 x-amz-request-id GEGXSMA11EFHQBB1 etag W/"957f14b329cbf0159c40d4d8a5620041" x-amz-server-side-encryption AES256 content-type application/x-javascript x-amz-id-2 5yhIQ+YfIt3KRKuGbsgpM/q3bg+zCqXXywe+WBe8DppwwfngnPQ5EfNTj5hqr1TOVNRo9rrZmRHB06Jp6gu883UepgEpVGrCjpk2dUBKdTs=
GET H2	200	/ Show response 8961.xml.4armn.com/	128 B 262 B	376ms 293ms	XHR text/xml	5.200.15.244 I3DNET
General Check archive.org Show headers Download Go to Full URL https://8961.xml.4armn.com/?ip=212.7.210.181&country=DEU&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/125.0.0.0%20Safari/537.36&pubid=925178&siteid=346451&domain=www.deadtower.run.place&user_id=24700f9f1986800ab4fcc880530dd0ed&lang=nl-NL&source=1 Requested by Host: 7ool.net URL: https://7ool.net/richpartners/pops/js/pu-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.200.15.244 Rotterdam, Netherlands, ASN49544 (I3DNET, NL), Reverse DNS Software / Resource Hash f5d3a22f1558f9198f789e2fb5f776405de51cb5e777d7ee1590143fdaf605b6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.deadtower.run.place content-encoding gzip access-control-allow-credentials true content-type text/xml; charset=UTF-8
GET H2	200	b1e178a81fa1875d36e7c2728f3d49cf.json Show response cdn.adx1.com/publisher-config/	281 B 115 B	16ms 15ms	Fetch application/octet-stream	5.200.15.240 I3DNET
General Check archive.org Show headers Download Go to Full URL https://cdn.adx1.com/publisher-config/b1e178a81fa1875d36e7c2728f3d49cf.json Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=925178&siteid=346451 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.200.15.240 Rotterdam, Netherlands, ASN49544 (I3DNET, NL), Reverse DNS Software / Resource Hash dca22aab33d2444563ce77dc723c1a9a6b459c33ffd636b0b7904976066ca974 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" accept application/json Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.deadtower.run.place access-control-allow-credentials true accept-ranges bytes etag "c69f1085db4ebd762b3cc313ddfa85c5" content-length 281 content-type application/octet-stream
GET H/1.1	200 OK	logo.png www.deadtower.run.place/	42 KB 42 KB	37ms 37ms	Other image/png	77.238.239.195 VDSINA
General Check archive.org Show headers Download Go to Full URL https://www.deadtower.run.place/logo.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 77.238.239.195 Amsterdam, Netherlands, ASN216071 (VDSINA, AE), Reverse DNS v40749.com Software Apache/2.4.59 (Debian) / Resource Hash b551b6a201b7fd5dde6441f7be8c64f48d486df597e9996c012f272e4794fe30 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 16 May 2024 23:48:20 GMT Last-Modified Thu, 16 May 2024 19:50:51 GMT Server Apache/2.4.59 (Debian) ETag "a6e2-618978d5e8da5" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 42722
GET H2	204	/ Show response 11572.xml.4armn.com/	0 84 B	632ms 180ms	XHR text/plain	109.200.199.113
General Check archive.org Show headers Download Go to Full URL https://11572.xml.4armn.com/?ip=212.7.210.181&country=DEU&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/125.0.0.0%20Safari/537.36&pubid=925178&siteid=346451&domain=www.deadtower.run.place&user_id=24700f9f1986800ab4fcc880530dd0ed&lang=nl-NL&source=1 Requested by Host: 7ool.net URL: https://7ool.net/richpartners/in-page/js/in-page-ob.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.199.113 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://www.deadtower.run.place/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin https://www.deadtower.run.place access-control-allow-credentials true

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x4488 function| DOMReady function| _0x141b function| userinfo_rp_pu object| pubInfo function| _0x65d8 function| _0x14c0 function| _0x3a37 function| _0x5d69 function| jsPopunder function| _0x245f function| _0x131c function| Fingerprint2 number| countLoadPersonalInfo function| _0x1b4794 function| process function| _0x2c43f0 function| _0x122cc5 function| _0x3c01 function| showInPage function| clickInPage function| _0x2136 function| closePopup function| showNotifyByDelay function| isCapped function| getCookie function| setCookie function| addPopup function| getDefaultsOptions function| getTemplateInfo object| CryptoJS string| popupBlockId string| popupBlockLinkId number| limit number| interval string| cookie number| delayBeforeShow number| delayBetweenShow object| queryParams string| positionBlock number| maxCount

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_POP_LIMIT Value: 4
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_POP_INTERVAL_IN_SECONDS Value: 60
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_POP_DELAY_IN_SECONDS Value: 15
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_POP_RESET_LIMIT Value: false
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_POP_TYPE Value: POP_UP
			www.deadtower.run.place/	1970-01-20 20:38:23	Name: RP_ADVERTISER_POP_EXPECTATION Value: 1
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_IN_PAGE_LIMIT Value: 2
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_IN_PAGE_INTERVAL_IN_SECONDS Value: 3600
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_IN_PAGE_DELAY_BEFORE_SHOW_IN_SECONDS Value: 2
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_IN_PAGE_DELAY_BETWEEN_SHOW_IN_SECONDS Value: 5
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_IN_PAGE_RESET_LIMIT Value: true
			www.deadtower.run.place/	1970-01-20 20:39:49	Name: RP_ADVERTISER_IN_PAGE_POSITION_TYPE Value: TOP_RIGHT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11572.xml.4armn.com
7ool.net
8961.xml.4armn.com
cdn.adx1.com
eu.convers.link
richinfo.co
rtb.pushdom.co
us.convers.link
www.deadtower.run.place
109.200.199.110
109.200.199.113
109.200.209.143
31.204.132.207
31.204.132.208
5.200.15.239
5.200.15.240
5.200.15.244
77.238.239.195
227286d010fc3f83c563975911f946a9e1accfacedc8b01a350fa74c14cf293b
307a474f84ca8a18d69c8cf37c40ead47690e97c8ae99582a5b3328e4a064467
5a5e08df952571b0c05c27ce1f4682e6a983c5610a45ad9d0d09bac3ddc02004
5cd7eff684ae09ba991ae724ef2c64eefce751daf52d6b81bee7c243f36b5d97
6d7f57be01ebc67f1e00dd55156ac0c898453ec4c1f345454558311a7df91378
8b4269e1d8a124edee66024f7a67871566d1fb56961356806cee32a00bab6366
916548cff605f88e2c6a235ff2f29302332d663d96395a27ce197e32c847b333
a29939fa3c958ca951b305b9e66279bfd6f55074c461e18829a7707c70203559
b551b6a201b7fd5dde6441f7be8c64f48d486df597e9996c012f272e4794fe30
c32db7b04d099a77cec006a811b99040d697726093aa780db55f23ec67882282
ce83db32028f370ef58605bf13bedbf32a82f34677f7fd62e17a10d8790910c5
dca22aab33d2444563ce77dc723c1a9a6b459c33ffd636b0b7904976066ca974
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444450af11e40775198c41ad81afda8aec95c04c24a2d16b042dec35ea297b2
e9e8f3d58904ec41d26fa8ec5ed85dd0c29fb163f3a7be422bb3e6aaa044f01b
f5d3a22f1558f9198f789e2fb5f776405de51cb5e777d7ee1590143fdaf605b6