urlscan.io logo urlscan.io
SecurityTrails logo

alludesgroup.com Open in urlscan Pro
2606:4700:3032::ac43:8267  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.grinningface.ca/
Effective URL: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Submission: On June 05 via manual from PL — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 19 domains to perform 50 HTTP transactions. The main IP is 2606:4700:3032::ac43:8267, located in United States and belongs to CLOUDFLARENET, US. The main domain is alludesgroup.com. The Cisco Umbrella rank of the primary domain is 344377.
TLS certificate: Issued by GTS CA 1P5 on May 20th 2024. Valid for: 3 months.
This is the only time alludesgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.243.59.20 39572 (ADVANCEDH...)
2 3.226.151.86 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 172.240.108.68 7979 (SERVERS-COM)
1 149.56.240.31 16276 (OVH)
1 2 192.243.61.227 39572 (ADVANCEDH...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.240.127.234 7979 (SERVERS-COM)
1 45.133.44.10 39572 (ADVANCEDH...)
2 2606:4700:21:... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.238.55.87 16509 (AMAZON-02)
1 18.219.242.184 16509 (AMAZON-02)
1 104.18.34.83 13335 (CLOUDFLAR...)
2 104.21.76.3 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 173.239.53.32 27257 (WEBAIR-IN...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
50 21
14    2606:4700:3035::6815:4b42 (United States)

ASN13335 (CLOUDFLARENET, US)
www.grinningface.ca
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
noisesperusemotel.com
2    3.226.151.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-151-86.compute-1.amazonaws.com
proftrafficcounter.com
1    2606:4700:10::6814:1247 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
4    172.240.108.68 (United States)

ASN7979 (SERVERS-COM, US)
differsassassin.com
1    149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net
s4.histats.com
2    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
disclosestockingsprestigious.com
1    2606:4700:3033::ac43:d0d9 (United States)

ASN13335 (CLOUDFLARENET, US)
recordedthereby.com
1    172.240.127.234 (United States)

ASN7979 (SERVERS-COM, US)
sneezeboring.com
1    45.133.44.10 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.cloudimagesb.com
2    2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    2606:4700:3033::ac43:cb94 (United States)

ASN13335 (CLOUDFLARENET, US)
go.redditrace.com
2    2606:4700:3032::ac43:8267 (United States)

ASN13335 (CLOUDFLARENET, US)
alludesgroup.com
1    18.238.55.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-87.jfk52.r.cloudfront.net
get.s-onetag.com
1    18.219.242.184 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-242-184.us-east-2.compute.amazonaws.com
pd.sharethis.com
1    104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
2    104.21.76.3 (None, )

ASN13335 (CLOUDFLARENET, US)
feed.rtbadshubmy.com
t.rtbadshubmy.com
1    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
1    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml-v4.mpds-smart1.online
1    2606:4700:3034::6815:513 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
3    2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ocmhood.com
Apex Domain
Subdomains		 Transfer
14 grinningface.ca
www.grinningface.ca
287 KB
4 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 45517
t.ocmhood.com — Cisco Umbrella Rank: 11758
14 KB
4 differsassassin.com
differsassassin.com — Cisco Umbrella Rank: 620428
38 KB
2 rtbadshubmy.com
feed.rtbadshubmy.com — Cisco Umbrella Rank: 133083
t.rtbadshubmy.com — Cisco Umbrella Rank: 152453
903 B
2 alludesgroup.com
alludesgroup.com — Cisco Umbrella Rank: 344377
21 KB
2 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 12529
t.dtscout.com — Cisco Umbrella Rank: 10723 Failed
4 KB
2 disclosestockingsprestigious.com
disclosestockingsprestigious.com — Cisco Umbrella Rank: 35800
4 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 10693
s4.histats.com — Cisco Umbrella Rank: 10924
5 KB
2 proftrafficcounter.com
proftrafficcounter.com — Cisco Umbrella Rank: 12717
607 B
2 noisesperusemotel.com
noisesperusemotel.com — Cisco Umbrella Rank: 638333
23 KB
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 48916
816 B
1 mpds-smart1.online
xml-v4.mpds-smart1.online — Cisco Umbrella Rank: 135611
1 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 18172
ic.tynt.com Failed
6 KB
1 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 14769
t.sharethis.com Failed
3 KB
1 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5239
onetag-geo.s-onetag.com Failed
8 KB
1 redditrace.com
go.redditrace.com — Cisco Umbrella Rank: 559501
543 B
1 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 19713
64 KB
1 sneezeboring.com
sneezeboring.com — Cisco Umbrella Rank: 160350
469 B
1 recordedthereby.com
recordedthereby.com — Cisco Umbrella Rank: 14363
28 KB
50 19
Domain Requested by
14 www.grinningface.ca www.grinningface.ca
4 differsassassin.com noisesperusemotel.com
www.grinningface.ca
3 t.ocmhood.com sdk.ocmhood.com
2 alludesgroup.com www.grinningface.ca
alludesgroup.com
2 disclosestockingsprestigious.com 1 redirects www.grinningface.ca
2 proftrafficcounter.com noisesperusemotel.com
2 noisesperusemotel.com www.grinningface.ca
1 cdn.ocmtag.com sdk.ocmhood.com
1 xml-v4.mpds-smart1.online alludesgroup.com
1 t.rtbadshubmy.com alludesgroup.com
1 sdk.ocmhood.com alludesgroup.com
1 feed.rtbadshubmy.com alludesgroup.com
1 cdn.tynt.com e.dtscout.com
1 pd.sharethis.com e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 t.dtscout.com e.dtscout.com
1 go.redditrace.com 1 redirects
1 e.dtscout.com s4.histats.com
1 cdn.cloudimagesb.com www.grinningface.ca
1 sneezeboring.com www.grinningface.ca
1 recordedthereby.com differsassassin.com
1 s4.histats.com s10.histats.com
1 s10.histats.com www.grinningface.ca
0 t.sharethis.com Failed pd.sharethis.com
0 onetag-geo.s-onetag.com Failed get.s-onetag.com
0 ic.tynt.com Failed
50 26

This site contains no links.

Subject Issuer Validity Valid
grinningface.ca
GTS CA 1P5		 2024-05-23 -
2024-08-21		 3 months crt.sh
noisesperusemotel.com
R3		 2024-05-18 -
2024-08-16		 3 months crt.sh
proftrafficcounter.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
s10.histats.com
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
differsassassin.com
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
recordedthereby.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
sneezeboring.com
R3		 2024-06-02 -
2024-08-31		 3 months crt.sh
cdn.cloudimagesb.com
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
dtscout.com
GTS CA 1P5		 2024-05-15 -
2024-08-13		 3 months crt.sh
alludesgroup.com
GTS CA 1P5		 2024-05-20 -
2024-08-18		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
sharethis.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-20		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-05 -
2024-09-30		 a year crt.sh
rtbadshubmy.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
ocmhood.com
E1		 2024-05-01 -
2024-07-30		 3 months crt.sh
mpds-smart1.online
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh
ocmtag.com
Cloudflare Inc ECC CA-3		 2023-12-25 -
2024-12-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Frame ID: 88B5DB464946BEC81F7B9CE081D985FD
Requests: 51 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01717607848BA8134181410EE37D1
Frame ID: 56DC4C20F230B4A3EEF7EC353B972AFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Allow

Page URL History Show full URLs

  1. http://www.grinningface.ca/ HTTP 307
    https://www.grinningface.ca/ Page URL
  2. https://go.redditrace.com/aMoXLw/?utm_source=93480&utm_campaign=16205792&cid=3b9139a1e284254334dde4685... HTTP 302
    https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

84 %
HTTPS

43 %
IPv6

19
Domains

26
Subdomains

21
IPs

3
Countries

504 kB
Transfer

894 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.grinningface.ca/ HTTP 307
    https://www.grinningface.ca/ Page URL
  2. https://go.redditrace.com/aMoXLw/?utm_source=93480&utm_campaign=16205792&cid=3b9139a1e284254334dde468599a8eaf&sid=22609139 HTTP 302
    https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.grinningface.ca/ HTTP 307
  • https://www.grinningface.ca/
Request Chain 23
  • https://disclosestockingsprestigious.com/watch.774818343610.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22page%22%2C%22not%22%2C%22found%22%2C%22%E2%80%93%22%2C%22grinning%22%2C%22face%22%5D&refer=https%3A%2F%2Fwww.grinningface.ca%2F&tz=-7&dev=r&res=14.31&uuid=745ff19a-f857-43ef-928e-e25fa95d0b76%3A1%3A1 HTTP 307
  • https://disclosestockingsprestigious.com/watch.774818343610.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22page%22%2C%22not%22%2C%22found%22%2C%22%E2%80%93%22%2C%22grinning%22%2C%22face%22%5D&pst=1717607908&refer=https%3A%2F%2Fwww.grinningface.ca%2F&res=14.31&rmtc=t&shu=36f4f1cec09516ae36b068ca78a0ec71b0a9edcbdcc8127bb7f278da4851cdee19b4b7273ba78c78479668493d6067a9829d3bc93767bedea4966e0b007a2d44d3ab0ce32e764f3d00b16b2d07e94fb4b93e1d0e8665365ae2d24920ba&tz=-7&uuid=745ff19a-f857-43ef-928e-e25fa95d0b76%3A1%3A1

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.grinningface.ca/
Redirect Chain
  • http://www.grinningface.ca/
  • https://www.grinningface.ca/
64 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b318eab5dc3e56b60c1b9c8ffdd8fcaa8e765378c31476899397ab180a3ffa72

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
88f1d0ec8bd3aa98-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 05 Jun 2024 17:17:26 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.grinningface.ca/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sXtHj0646gkLfsnik%2BCWyNzL8g9WL%2FEuT1oe0%2BSFqzIa9GMmWVdouu5IRP5DKyM6mKH8xUQJThX0GbwxuXerzYfmPfjjfdyD7PkBhlTqD%2Fkl6jGzsSL%2Bm2M0Owyg2CzNC2oo6zOrLTD0QvhgRpDj0hC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-litespeed-cache
hit

Redirect headers

Location
https://www.grinningface.ca/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
www.grinningface.ca/wp-includes/blocks/navigation/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/blocks/navigation/style.min.css?ver=6.5.3
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 23:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3687
etag
W/"4064-6626f920-6703ad3;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSSArBHel3x1RoyiFAOJd6oaa4A56kcdfAQECWiVZOBYoCeBlPzJhlcoHUVj%2BuxGYXRD%2FwNuui2JwctyNEX%2FmFhNgT%2BUBYZBaT3rEqp8SM1RUdOiynodvR3OAxrRPuEjULP%2B%2BHtaLcKaHajaUupY5t4Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
88f1d0efcf33aa98-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 14:14:32 GMT
style.min.css
www.grinningface.ca/wp-includes/blocks/social-links/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/blocks/social-links/style.min.css?ver=6.5.3
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad4364136812445867e91fa2aed3f2894df8e5aa9227d4736b5d8d3b1a46d66

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 23:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3687
etag
W/"296a-6626f920-6703b3b;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZPzoBmHCkuefIZFXa9eEOJyTE%2FoLSoIF8zR1XGdmZbFcnhKvdpZ2RESN6rcU9XVKy3K%2F2omGrjtHrh%2BFXk4GatEy8ttf2OT1k7V0aAjGMPovHHPvf2arFwhbXP3h9KO6opzp%2FDIYwprCRWl3ojmhnuE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
88f1d0efcf39aa98-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 14:14:32 GMT
patterns.css
www.grinningface.ca/wp-content/themes/newspaper-builder/assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-content/themes/newspaper-builder/assets/css/patterns.css?ver=1716596519
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddaa8fe6863895e243d209d452ab9deff63a6a462ad6c29bd311265c33f9528

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3687
cf-polished
origSize=3089
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 25 May 2024 00:21:59 GMT
server
cloudflare
etag
W/"c11-66512f27-6921190;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IX3yEqNlo%2B43nMl4c6M9pnthnRLVtZS5BAgvypUiRp8zZ1DCKtiv72W1nRKetsMiYbSRh65mc646R2kK%2FLoIQ3ZtRqOOzjrLFYdJFUvg6EWmCnIxWdjIY4MgU%2Bvqqoagm0qotUX3syvD1UCLlKpf8Qe1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
88f1d0efcf3eaa98-YYZ
expires
Sat, 25 May 2024 14:14:32 GMT
wpp.css
www.grinningface.ca/wp-content/plugins/wordpress-popular-posts/assets/css/ 		438 B
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.4.2
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3687
cf-polished
origSize=1672
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 11 Mar 2024 14:45:26 GMT
server
cloudflare
etag
W/"688-65ef1906-670493c;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KNUy7j2eiiOxlNuCgheAfJYUxeF3fxX9octyP5mb4GjaqL%2Fd8w4ydFhFz5eDdq7r7bKlfuzXN85auk0TsujvRqJRsssp0QNR8p6aEyWwxBObvJwFSZh%2Bare8H2u0%2BaKerMdPHIZbSVQthw2AJcTANCti"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=43200
cf-ray
88f1d0efcf40aa98-YYZ
expires
Sat, 25 May 2024 14:14:32 GMT
jquery.min.js
www.grinningface.ca/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 23:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3687
etag
W/"15601-6626f920-67037a4;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtZKg2pgk%2BiQeBY7ddx6UHviLFDbnfr48RvTs0pXRi5ZZjqfkLDFIKQll%2B3IkqSlq2siqtbbF5u5SuhsfvNyYuG2F0ThXNq4sHCHjntbzXDIU%2BVZqabqEdJ4dbd0gsGDaU%2FF75xAKzomxc%2FM2ZlDOjT8"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
88f1d0efcf42aa98-YYZ
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
www.grinningface.ca/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 23:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3687
etag
W/"3509-6626f920-67037f5;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ezCSWMOuNjMdyb0Ea9G2PijgLv%2BoZSrd5nwzn70h0%2BGiCAYm7KNMvbv%2B2uNaagUCN8kYXe49u1v3gw7T8NV53knvgnbDgmnkhocQbxyhUig4anWrMIw8Q%2F4Y87V9B5olx%2BXBqc6cSKUWuHibAoZ3kRCj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
88f1d0efcf44aa98-YYZ
alt-svc
h3=":443"; ma=86400
wpp.min.js
www.grinningface.ca/wp-content/plugins/wordpress-popular-posts/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.4.2
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Mar 2024 14:45:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3687
etag
W/"11d3-65ef1906-6704918;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83dx244hxcC%2FHd5PTFX55%2BUanqbHbxtYSI6iq2p7Teojw90r5mnTKbSLNd4lugCforW6bWQS2JFinIwrF7r7SHBdropoucA5WcfoOp5uWFPlLtCqsQaFyHF1CGbXUH%2FifNmeQx3jmRugiRzgB0ZS8UeE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
88f1d0efcf45aa98-YYZ
alt-svc
h3=":443"; ma=86400
invoke.js
noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
de3acfcd271af09cfaa6a773393ce26c6d139247f40de237019d4ce8afad9136
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:27 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
a3cde50c3c555fc3f3f6860777997e23
Expires
Thu, 01 Jan 1970 00:00:01 GMT
view.min.js
www.grinningface.ca/wp-includes/blocks/navigation/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/blocks/navigation/view.min.js?ver=6.5.3
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Origin
https://www.grinningface.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 23:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3687
etag
W/"ce4-6626f920-6703ace;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flRkIPsrPV0mP%2FYHVDqUGBq7dLVhvy0C%2Fzz6KUy2EjYSkliW1vzmTny1tHumLPVAKstnswieWYMQVwgdicL%2FzXYkrnoUeSMTsS6fMxHCGQsTDvghDlmQ8VinUvsJmhsebF%2BDY7rXBmr1TCSwBubBpyRP"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
88f1d0efcf48aa98-YYZ
alt-svc
h3=":443"; ma=86400
interactivity.min.js
www.grinningface.ca/wp-includes/js/dist/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/js/dist/interactivity.min.js?ver=6.5.3
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Origin
https://www.grinningface.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 May 2024 18:33:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2562
etag
W/"890d-663a73e8-67036e7;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YtwSKWEPOBJJJQE0gsy8PDmuY98mCbFFVVIBtpNuWVqple47B%2FuIpy7KwxMedW1HmQ2g%2BAMCXpFE08qZLunN1BWVGOYpWJI6K2%2F3D8ZSMs%2F%2FkrIwrwQI07dfhhMtX%2BJUZSMEnBGyn13bMnxjOBz2Gu4"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
88f1d0efcf4aaa98-YYZ
alt-svc
h3=":443"; ma=86400
dc3a2541-8fd0-45cb-b1fe-a72deba09117
https://www.grinningface.ca/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.grinningface.ca/dc3a2541-8fd0-45cb-b1fe-a72deba09117
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
invoke.js
noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
da9b5fef9e81d27b0e376af6e691b6e0d59df8953373285c1a0e9f0efb57f4a2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:27 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
fc80c88a7eaf204e5085f61ec27f05c7
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
proftrafficcounter.com/ 		40 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.151.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-151-86.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
6f96672bed1f6fe66e4122e7285718e8f997a5b3cde6136d5b60354a63acc3d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.grinningface.ca
date
Wed, 05 Jun 2024 17:17:27 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
79286
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
88f1d0f86816ac0f-YYZ
content-length
4547
stats
proftrafficcounter.com/ 		40 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proftrafficcounter.com/stats
Requested by
Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.151.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-151-86.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
61899980084487b44abf4c258961864d36bf0232dfc259e0c931625a98d3a6e6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.grinningface.ca
date
Wed, 05 Jun 2024 17:17:27 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
ntv.json
differsassassin.com/ 		4 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://differsassassin.com/ntv.json?key=0a4243b915b6aef7ce6409f3497d95fb&vstc=1
Requested by
Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
69aa3981c7f2bd873656c9afc2a5a3853a275601acd4b7f061a71e49e36eea32
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Custom-Referer
https://www.grinningface.ca
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
application/json
Access-Control-Allow-Origin
https://www.grinningface.ca
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4529
X-Request-ID
0f9f7c24445c4c9104a72c9390fc1ba3
Expires
Thu, 01 Jan 1970 00:00:01 GMT
de40747527625eb4f2cfd573cb92ac16.js
differsassassin.com/de/40/74/ 		82 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://differsassassin.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js
Requested by
Host: noisesperusemotel.com
URL: https://noisesperusemotel.com/0a4243b915b6aef7ce6409f3497d95fb/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
c077b3497f18826911b4ebac573977e24e1b3f3d3417f184f693bf5154ac6641
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
2f5812efc99db1799683c44ed059c79a
Expires
Thu, 01 Jan 1970 00:00:01 GMT
wp-emoji-release.min.js
www.grinningface.ca/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 23:56:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2562
etag
W/"4926-6626f920-670360e;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0z4jeslc4kqgYMVwe8lRY5ypsit944xsSHKcgmFPJah%2F5Z%2BvNCDyyNda6uExEpSp6Xw76SXgmouhQtxy7gsSgXtMLIfRxvkcwSvgQDXxRcgP8DxazVM09%2BTggQ4PQ7yDbXgb6Y8QVs%2Bup6ups4pwhAL%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
88f1d0f61da6aa98-YYZ
alt-svc
h3=":443"; ma=86400
Jost-SemiBold.ttf
www.grinningface.ca/wp-content/themes/newspaper-builder/assets/fonts/Jost/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-content/themes/newspaper-builder/assets/fonts/Jost/Jost-SemiBold.ttf
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea7c87bc23f00deaf7d1f7fe6d8d81820b139236849d33e41eefc9605855903

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Origin
https://www.grinningface.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:27 GMT
cf-cache-status
HIT
last-modified
Sat, 25 May 2024 00:21:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2562
etag
W/"f0d0-66512f27-6921191;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRiy4JNprgK9sm7bvkvP5I4kFEfH8T3M0X%2BaFPP5iDtGy5PDO5AjZ6Rg6jXAVcO9jRWUF%2FObwGc2asDNGJIlfMVLsX0xa%2B8s1NTgKV2NXG4WXHub%2FULkkSf0hbPTGwyAeWtmCYg5rZkzfNLbfOKfYi8A"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
public, max-age=43200
cf-ray
88f1d0f65df8aa98-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 13:39:18 GMT
Lato-Regular.ttf
www.grinningface.ca/wp-content/themes/newspaper-builder/assets/fonts/Lato/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-content/themes/newspaper-builder/assets/fonts/Lato/Lato-Regular.ttf
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Origin
https://www.grinningface.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:27 GMT
cf-cache-status
HIT
last-modified
Sat, 25 May 2024 00:21:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2562
etag
W/"12590-66512f27-692119c;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58WWCYBYLg3eNX%2BAkwCLMzgYW5wbtGaN5byEycMPN4T0J0gkvXECFVJ3LuLy0SbrLvZxhupOws8ZHK8fXTd6LQIt3C5NwB2bIolzo0lNjAdStBq7J3xAgKcNLwIN4bYwZKQNBFNU8ycij25YlSQqad7V"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
public, max-age=43200
cf-ray
88f1d0f65df9aa98-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 13:39:18 GMT
Lato-Bold.ttf
www.grinningface.ca/wp-content/themes/newspaper-builder/assets/fonts/Lato/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.grinningface.ca/wp-content/themes/newspaper-builder/assets/fonts/Lato/Lato-Bold.ttf
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f0b7f2570f2f28b504da1181b4d71b1420b10be2c4fd690927f1c8ee3b19c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Origin
https://www.grinningface.ca
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:27 GMT
cf-cache-status
HIT
last-modified
Sat, 25 May 2024 00:21:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2562
etag
W/"11e74-66512f27-6921195;br"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5K%2F8lxgyepBg20Wg9Q7gC4r0FauYR%2FEyKWlVI%2BTkT4RCoKtQT%2BsNRKBV7YI2svpByaFXlP5g9NG1yLZZr5QWExYKDPHwMR5%2Blc13OAhl%2F%2F8c5asLWN7kcvH2NDEk9Ycj3z99NeJSr2dE5dNINAVqdVEj"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
public, max-age=43200
cf-ray
88f1d0f65dfaaa98-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 13:39:18 GMT
0.php
s4.histats.com/stats/ 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4615567&@f16&@g1&@h1&@i1&@j1717607847829&@k0&@l1&@mPage%20not%20found%20%E2%80%93%20Grinning%20Face&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:-125176910&@b3:1717607848&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Fwww.grinningface.ca%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534110.ip-149-56-240.net
Software
/
Resource Hash
87f5def74fb8833eceda4049ae5c855bdc0d0e5f755f3495918d6e55ffcdc2c0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:25 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
watch.774818343610.js
disclosestockingsprestigious.com/
Redirect Chain
  • https://disclosestockingsprestigious.com/watch.774818343610.js?key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22page%22%2C%22not%22%2C%22found%22%2C%22%E2%80%93%22%2C%22grinning%22%2C%22face%22%5D&ref...
  • https://disclosestockingsprestigious.com/watch.774818343610.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22page%22%2C%22not%22%2C%22found%22%2C%22%E2%80%93%22%2C%22grinning%22%2C%22face%22%...
2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disclosestockingsprestigious.com/watch.774818343610.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22page%22%2C%22not%22%2C%22found%22%2C%22%E2%80%93%22%2C%22grinning%22%2C%22face%22%5D&pst=1717607908&refer=https%3A%2F%2Fwww.grinningface.ca%2F&res=14.31&rmtc=t&shu=36f4f1cec09516ae36b068ca78a0ec71b0a9edcbdcc8127bb7f278da4851cdee19b4b7273ba78c78479668493d6067a9829d3bc93767bedea4966e0b007a2d44d3ab0ce32e764f3d00b16b2d07e94fb4b93e1d0e8665365ae2d24920ba&tz=-7&uuid=745ff19a-f857-43ef-928e-e25fa95d0b76%3A1%3A1
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
HTTP/1.1
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.grinningface.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Custom-Referer
https://www.grinningface.ca
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://www.grinningface.ca
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
a63e9f7ed07ae80616bed7091e533531
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Custom-Referer
https://www.grinningface.ca
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://www.grinningface.ca
Location
https://disclosestockingsprestigious.com/watch.774818343610.js?dev=r&key=d1a5e500ed255cc4ebf822ff2ae48229&kw=%5B%22page%22%2C%22not%22%2C%22found%22%2C%22%E2%80%93%22%2C%22grinning%22%2C%22face%22%5D&pst=1717607908&refer=https%3A%2F%2Fwww.grinningface.ca%2F&res=14.31&rmtc=t&shu=36f4f1cec09516ae36b068ca78a0ec71b0a9edcbdcc8127bb7f278da4851cdee19b4b7273ba78c78479668493d6067a9829d3bc93767bedea4966e0b007a2d44d3ab0ce32e764f3d00b16b2d07e94fb4b93e1d0e8665365ae2d24920ba&tz=-7&uuid=745ff19a-f857-43ef-928e-e25fa95d0b76%3A1%3A1
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
3618587c8a3261e1821b58b63bd0d396
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sfp.js
recordedthereby.com/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recordedthereby.com/sfp.js
Requested by
Host: differsassassin.com
URL: https://differsassassin.com/de/40/74/de40747527625eb4f2cfd573cb92ac16.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d0d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:28 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
56c8bcfa90345532611998e8771a4cca
last-modified
Wed, 05 Jun 2024 17:17:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jf9xHF%2FTDTfy9p40y0Sj4wBpulxIpHDwhHoO7ZoJS47iAsC5bSjezyKPQz71moJh0TFlJOYoO0fmYO19vqXC60O9%2FKFipyVbD6hjGn5fS34fIWM%2Fl0RwZIKMhq8vcq1IHzIOG4xw703Dn%2BFCnz7pw9vM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
88f1d0fdb8d7ab45-YYZ
expires
Thu, 01 Jan 1970 00:00:01 GMT
purst
sneezeboring.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sneezeboring.com/pixel/purst?dl=0&th=0&sc=0&rs=2665.1000003814697&rd=2665.1000003814697&fd=785.6000003814697&bv=24.5.8221&tmpl=136
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.127.234 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Server
nginx/1.21.6
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ren.gif
differsassassin.com/ 		7 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://differsassassin.com/ren.gif?sid=H4sIAAAAAAAC%2F1xST4gcxReu3gR%2BP6Io5hgNtAQ0gTA70zM9s0OQ%2FNkYDUk0JisrCGJVV%2FVuZaqrmqru6c3msiQg8Ta5iBHE3m%2BSbDRR9OJBEGXWgzIg2BfZy568ePPP1YPM7sCCryje431fFe%2F7qt5bz7dJgJxumUtmVSpFZ8Na3T%2B6KDU3hfNfW%2FAb9Vr9hL8odbt1wl9pt475p9NUiUXBLshsNmx2as22f%2FTCqwuXLh73lewJ%2FxUR9cwxf37ZmkTMNoKwVp8s%2FyqNqZXTI5DpF41ut9aaqwWtZi0IQqzY%2F3Zc7sFRD7y%2FTQ5C8uqpDzY%2BgYxG0MmXZ4XrZSY9%2FnKSK5oZiz7feFP3tCk0kr0yth5ivTFlw7iKkA9nYPTGVCRM%2F95EJJisyMz%2FroPpB7uzg%2FWHjSAEUxAajD%2BBoj%2BCUCNIOkJkbkHyFxFxzJ%2BGTh7MU0053cXoBKvIzI3fIIuK7Lt2Ezp5dEYo5U9pK3EJuTKCXBohzTeRrf4DWWwiym5C8p%2FJO4e70MnGgrFGZwaSlzvCpRxBxiMoMQB1HvLJlh7y2EOeekj4ll9vhkF7Logpixifa4dNKrpdFs41eTvohHWKPJqMN0CWDhCpASK7htSuoSfv%2FBIehM2%2Fh1su4bgHl1XEe2MNfV6iEASFIygoQSEJioyg6Jf3uXKBKx9w5XLWmOZgmpvl0GRL6%2FS%2ByZaEJqB2AMvL9XSbPDOxyHv74VvoiS2%2FTltBq8m6jZC1qYg7kWi36t242ep2eDeMGZwsId3MjupVWZHOjQ5SWZF9m3%2BD0U04tYlI7gPNG6BFCbpcYlV%2FTnNLM9HTpqZFBm5KpNl%2BZNe9dbVNnt15pcvffA0RjU8dfu7x%2Fxsv%2FI7IlkhtiWvyB4IldXt4xRTk3hVTOPLV62kmE7lKM2n01YxmYv9nF8T1wlh%2B%2FqwbfHo6mgCT8vGCcNlFqrnUS448OiM5F%2FacsZEg3553i4Jdzt3ymdzqPL14ef7c%2BSS1wjlp9AhUVsR7%2F09EsiJPHlrZ%2BZhHfjwCaUeweYkkH5NpQJpNROkaXDo%2BdejAS%2Bnw1wNwhsCqPQ5LPRR5ObQB22sqWZHZ2n4oMT557eHzf919ug7KSjixZwQT4%2B%2F%2B2OUPLZ3cQGW57m5jyXqg2S3opETfluirElQN4PIDwyy145M%2F3Z3ER2DKGzJlvXtMWXVn12ont%2Fxu1OyErbBRb8Y8rvOgHbeZ6IgwmmN1xucayFwVv%2Fvxw38BAAD%2F%2FwEAAP%2F%2Fbzbe5KEEAAA%3D
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
25f65b45db286d98bd95af98a27b9985
Expires
Thu, 01 Jan 1970 00:00:01 GMT
impr.gif
differsassassin.com/ 		7 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://differsassassin.com/impr.gif?sid=H4sIAAAAAAAC%2F1xST4gcxReu3gR%2BP6Io5hgNtAQ0gTA70z0zu02Q%2FNkYDUk0JisrCGJVV%2FVuZaqrmqru6c3msiQg8Ta5iBHE3m%2BSbDRR9OJBEGXWg7Ig2BfZy568ePPP1YPM7sCCryje431fFe%2F7qt5bK7ZJgIJumUtmRSpFpzuNpn90QWpuSue%2FNu%2B3mo3mCX9B6m77hL%2FcbR%2FzT2eZEguCXZD5dCecaYRd%2F%2BiFV%2BcvXTzuK9kT%2Fisi7plj%2FtySNamYbgWdRnO8%2FKs0oVZOjkBmX7SiqNGebQTtsBEEHSzb%2F3Zc4cFRD7y%2FTQ5C8vqpD9Y%2FgYxH0OmXZ4Xr5SY7%2FnJaKJobiz5ff1P3tCk10r0ysR4SvT5hw7iakA%2BnYPT6RCRM%2F95YJJisydT%2FroPpB7uzg%2FWHraADpiA0GH8CZX8EoUaQdITY3ILkLyLmmDsNnT6Yo5pyuovRMVaTqRu%2FQZY12XftJnT66IxQyp%2FQlpMKcnkEuThCVmwgX%2FkHstxAnN%2BE5D%2BTdw5H0On6vLFG5waSVzvCpRxBJiMoMQB1Horxlh6KxEOReUj5lt8MO0F3Nkgoixmf7XZCKqKIdWZD3g1mOk2KIh6PN0CeDRCrAWK7isyuoifv%2FNI5CFt8D7dUwXEPLq%2BJ98Yq%2BrxCKQhKR1BSglISlDlB2a%2Fuc%2BUCVz3gyhWsNcnBJIfV0OSLa%2FS%2ByReFJqB2AMurtWybPDO2yHv74VvoiS2%2FSdtBO2RRq8O6VCQzsei2m1EStqMZHnUSBicrSDe1o3pF1mTmxgwyWZN9G3%2BD0Q04tYFY7gMtWqBlBbpUYUV%2FTgtLc9HTpqFFDm4qZPl%2B5Ne9NbVNnt15pcvffA0Rb546%2FNzj%2F7de%2BB2xrZDZCtfkDwSL6vbwiinJvSumdOSr17NcpnKF5tLoqznNxf7PLojrpbH8%2FFk3%2BPR0PAbG5eN54fKLVHOpFx15dEZyLuw5Y2NBvj3vFgS7XLilM4XVRXbx8ty582lmhXPS6BGorIn3%2Fp%2BIZU2ePLS88zGP%2FHgE0o5giwppsUkmAWk2EGercNnmqUMHXsqGvx6AMwRW7XFY5qEsqqEN2F5TyZpMN%2FZDic2T1x4%2B%2F9fdp5ugrIITe0YwsfndH7v8oaXjG6is1txtLFoPNL8FnVbo2wp9VYGqAVxxYJhndvPkT3fH8RGY8oZMWe8eU1bd2bXayS2%2F1WRBwMMwimZDyrtdEbB2RGdpEjabrbboInd18u7HD%2F8FAAD%2F%2FwEAAP%2F%2FJ4EIt6EEAAA%3D
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.68 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:28 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
7
X-Request-ID
bacbab7c9a35ed14eafda4a0740dab5e
Expires
Thu, 01 Jan 1970 00:00:01 GMT
l1.jpg
cdn.cloudimagesb.com/26e/7e6/045/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudimagesb.com/26e/7e6/045/l1.jpg
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.10 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 07 Jun 2024 17:17:28 GMT
date
Wed, 05 Jun 2024 17:17:28 GMT
last-modified
Tue, 11 Jun 2019 16:14:09 GMT
server
nginx/1.21.6
etag
"5cffd351-ff56"
content-type
image/jpeg
cache-control
max-age=172800
accept-ranges
bytes
content-length
65366
x-proxy-cache
HIT
/
e.dtscout.com/e/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.grinningface.ca%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4615567&@f16&@g1&@h1&@i1&@j1717607847829&@k0&@l1&@mPage%20not%20found%20%E2%80%93%20Grinning%20Face&@n0&@o1000&@q0&@r0&@s0&@ten-CA&@u1600&@b1:-125176910&@b3:1717607848&@b4:js15_as.js&@b5:-420&@a-_0.2.1&@vhttps%3A%2F%2Fwww.grinningface.ca%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:28 GMT
x-t
0.231
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pxGJneJ4VO2O%2F3YbFLJ0zVf8sJd0rFRvOW4SGqkSFzZoK4Pte4WlE%2BBbuNBzjib5iX147G0L0hqsTY4Nmc75MesYwM%2FXsxGX8c1rmvzgXCb8Vb6UVh7Cx4VXQVd%2BglWBjYBNXGyHJuoyec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
ger1
cf-ray
88f1d0fe2f4e10b8-ORD
expires
Wed, 05 Jun 2024 17:17:27 GMT
Primary Request /
alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/
Redirect Chain
  • https://go.redditrace.com/aMoXLw/?utm_source=93480&utm_campaign=16205792&cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
  • https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
33 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Requested by
Host: www.grinningface.ca
URL: https://www.grinningface.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df02baf0b9e96947b6383e21c1196b1fae05226b6fe84744e442fc18728f127a

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://www.grinningface.ca/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f1d103296936a8-YYZ
content-encoding
br
content-type
text/html
date
Wed, 05 Jun 2024 17:17:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6MY9aS4fwJLtwAzUUu5WApwBG%2BN8m7EKW9TrWFJuPmy6bR2yxUd0zZWD7FsDOrSTm2335v4uzOybRP10S8zixN7x1cXvxfHGbyrUZpbm0cLCixMyfbH990X5hZMq517NjM6NEBQttHUhDyKHu0E"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88f1d1002b1ca238-YYZ
content-type
text/html
date
Wed, 05 Jun 2024 17:17:29 GMT
location
https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ryU1P1ovn%2BhbpDujCsQLyCM%2F8BQXEn0H7Nq0LLtADU%2FRgcf81NvoI777%2BIt5No0D91ob5izhLzNcUnhbT0%2BdIXDD%2FlD6ehUgUJhNNgVWaHn5oGpNyhdqOvLupqATviOnhq8px4eerC74xsvJXc%2BDXw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/idg/ Frame 56DC 		0
0
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.grinningface.ca%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-87.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Pe6GIZEM6dgqeqUvm6LottgOapPgk7ue
content-encoding
gzip
via
1.1 acbc16f609c0c9804b8a2c3d38d3023e.cloudfront.net (CloudFront)
date
Wed, 05 Jun 2024 08:28:42 GMT
last-modified
Tue, 27 Feb 2024 18:38:56 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
age
31728
x-amz-server-side-encryption
AES256
etag
W/"20ad935553b73dd8a08c669492e0a0a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
poWmkDqX4Ki-f9xpCLHUHXJGaqDzT1SmohKOOcfAw0jlttPYubrGkw==
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.grinningface.ca%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.219.242.184 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-219-242-184.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:29 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.grinningface.ca%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
server
cloudflare
age
94326
etag
W/"651ed188-4c00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
88f1d1024ad8aaaa-YYZ
expires
Sat, 08 Jun 2024 17:17:29 GMT
/
t.dtscout.com/pv/ 		51 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=grinningface.ca&_ss=73u41dls3t&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=filv&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.grinningface.ca%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.grinningface.ca/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:29 GMT
x-t
0.149
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwrekmiNS2aVvHrpMh8yg54Z1wDfoTeQOqE9S%2BkqkRwsobMQTbLt5YR818ZufvF1dZc6rp3xG2Em2RgEsX5WUcL94wlaxZy0%2F%2BDxm5CbgwfzK5peWhmglnvPj3zNO3EsbNC4nS2eVqGj8DE%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
88f1d1009b5210b8-ORD
expires
Wed, 05 Jun 2024 17:17:28 GMT
p
ic.tynt.com/b/ 		0
0
/
onetag-geo.s-onetag.com/ 		0
0
/
onetag-geo.s-onetag.com/ 		0
0
t.dhj
t.sharethis.com/1/k/ 		0
0
dtscout
pd.sharethis.com/pd/ 		0
0
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.rtbadshubmy.com/v1/native/ 		871 B
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.rtbadshubmy.com/v1/native/AFU1kAAPatM?subid=75728&uid=685fbcf9-2c59-48be-a9e6-d02018c0cf74&kw=download%20install&ud_tpcid=7ATEfVsY4SwMmwaaY2HywKUDl4pQqubj
Requested by
Host: alludesgroup.com
URL: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240e490771231083887fe6ae3e8c01039a517307ec66777fbb67891a4a6ad56d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtwyPTi0RDXJIjsWCKyuOBi2gBJ2p%2FfJ%2BmWMhXmRHnEd1ksJr6EA0JsrfKxT6XSNp%2BQq%2BaFBdQP0Vh98XNhEuAuGUdMOHocc%2Fu%2F78F0ByhYpAfdizi7ryMUJzDo0dvev0YCCIc6rgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
88f1d105edfc39c3-YYZ
alt-svc
h3=":443"; ma=86400
conf.json
alludesgroup.com/hood/YWxsdWRlc2dyb3VwLmNvbQ==/ 		49 B
511 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://alludesgroup.com/hood/YWxsdWRlc2dyb3VwLmNvbQ==/conf.json
Requested by
Host: alludesgroup.com
URL: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8267 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2058ae04a43f3109e5a5f87e932344633e8626b539204289a05cafb411e81ba

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform-version
"10.0.0"
Referer
https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 22 Mar 2024 14:20:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fd93c3-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ikLo%2F%2FXDZqy263jW8Ml38XugpwwuhzlfAs0wLyffsYcycJK3hiMuR8XfZeNHGBdL%2Blc%2BgaBfMNHuEHCALKLWRE9X2u%2FoYQfWl7YYo8VPog113BPsEPxjWraawPAH3XjYaUqw2VAjmO8i%2BrwZttA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
88f1d1046a6d36a8-YYZ
alt-svc
h3=":443"; ma=86400
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
ht.js
sdk.ocmhood.com/sdk/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn
Requested by
Host: alludesgroup.com
URL: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://alludesgroup.com/
Origin
https://alludesgroup.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6476
alt-svc
h3=":443"; ma=86400
content-length
12460
service-worker-allowed
/
last-modified
Tue, 09 Apr 2024 11:24:49 GMT
server
cloudflare
etag
"66152581-30ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z1VGWL1D%2FY6yalWaJ2Ae61Q7b1tYfpPFoP5OCiQcRo2wk9JvGnyPxFvYEVMZ9BODX1l1dUlPIvhQwPpqVBIHNXbFSoeWfliOL5NJtfxXFz0Exil%2FLFXRDwW31vnuSlzD2vcGH6VFMQITd52OWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88f1d1080af85467-YYZ
imp
t.rtbadshubmy.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.rtbadshubmy.com/imp?l2=9LbniyWMN6mDdbWVDYW59y-JCcnVzOsy5A829aHo_JIjTDTYUrAkaHVWWxEPTJisMxRXJxYmTHwHrQJsj-M4a-lw9E2EFh1UYeCc7_U_srCIsqGuN8C4tKkalhDQaidWQkRU9wZ8CQtqhA5PVqfeCh7GvHb5OvFR2Of_HDBRrXAw4s5EycjXsXmqjOCegsFvPbsgHH2nbiJZK8rkBpGhV41p2mcqEhniut_D720jU6-9tjn9qYcJc1m6izkTu2Wl
Requested by
Host: alludesgroup.com
URL: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c44wafoA8XtdPnc4CL25q1B6EBv6z8%2BP5KcSbShTPzvBRoMkUY%2BcKEXGfqygbsr%2B1eKLiFOKAsg8ejY%2BgGhV865DEOBj5DEgScd4dRkEE%2FrvyqnVbh8oPY3iYNzhNk5ZbcnkYg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
88f1d108d88a39c3-YYZ
alt-svc
h3=":443"; ma=86400
pixel
xml-v4.mpds-smart1.online/ 		42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xml-v4.mpds-smart1.online/pixel?i=hMGVDrpJFeg_0&p=1717607849.323819
Requested by
Host: alludesgroup.com
URL: https://alludesgroup.com/IjoHRLzw2nKPWdoI1IbtiDREt35o4CzidvXrY-H9gRo/?cid=3b9139a1e284254334dde468599a8eaf&sid=22609139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.239.53.32 New York, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 17:17:30 GMT
Server
nginx
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Content-Type
image/gif
Access-Control-Allow-Origin
https://alludesgroup.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
42
NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn.js
cdn.ocmtag.com/tag/ 		423 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6184e1c4e23e6489fa8187465c32613b697df05cdaa57ca312ecf5d251d9e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 17:17:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4204
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Fri, 22 Mar 2024 14:04:48 GMT
server
cloudflare
etag
W/"65fd9000-1a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9rdyHmgY0qdjiHrX6wOoqSSeS2YoJYRVZGdIEk%2F2cqTzUg0OfGcVw3%2BAaZeiXyfzAk%2BOFIER4GdgPtZTzfy%2BXsSWIf3mDWHxpnc0M1%2BeK3DjfON9TS6GEWFEEi7jbSPiBSl4Z42vQZXsIsORw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
88f1d10b6af6ac54-YYZ
activity
t.ocmhood.com/v2/ 		0
409 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jun 2024 17:17:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjrCY83jFrDIj2jVcKk4ALTBSZJ%2FZrhkQNAISOJL4vi91fB9WkenbUHEbkDm%2BThV1QYiye2Sfo8qKmuPtYhcmzUNV7neD4Tq%2BY6U94fURW2Gie%2B3lEKF01FAJ0PxA9iyDzwWlCA11OrcaJU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
88f1d10e2cd253f5-YYZ
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
449 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jun 2024 17:17:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwn%2Bfk0atv3RP9npODALTbVJgxioyTrt1mmUTLMyqk6gE8RnGVBTGSvtAg%2FhMTv0Fi%2BqVfOTQ%2Fv0wtl7vqZh5uiJxKfMc6YZBVxhkipbtIskrlZKQg15dOOR%2Bc0%2BRDfnws%2BKIY93PHe7Mlo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
88f1d10e2cd153f5-YYZ
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
406 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://alludesgroup.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jun 2024 17:17:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFzGpUMguOPShJtIQ5r9PUwi9xgH6xE6PfEPBbefseDaogEn5ZeG0UVejXoJQThagFnEaJ7YXHuWxoPVqCuDljrMMVThuT2ESOWc9SqbLpwbwqdBG571%2B5ETDywXP2QUrp4RGj5bL15LBgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
88f1d116cc4253f5-YYZ
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.dtscout.com
URL
https://t.dtscout.com/idg/?su=51A01717607848BA8134181410EE37D1
Domain
ic.tynt.com
URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1717607849436&dn=AFWU&iso=0&pu=https%3A%2F%2Fwww.grinningface.ca%2F&t=Page%20not%20found%20%E2%80%93%20Grinning%20Face&chpv=10.0.0&chuav=Google%20Chrome%3Bv%3D125.0.6422.141%2C%20Chromium%3Bv%3D125.0.6422.141%2C%20Not.A%2FBrand%3Bv%3D24.0.0.0&chp=Win32&chmob=0&chua=Google%20Chrome%3Bv%3D125%2C%20Not%3AA-Brand%3Bv%3D8%2C%20Chromium%3Bv%3D125
Domain
onetag-geo.s-onetag.com
URL
https://onetag-geo.s-onetag.com/
Domain
onetag-geo.s-onetag.com
URL
https://onetag-geo.s-onetag.com/
Domain
t.sharethis.com
URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.22301944886552616&stid=ZGMACmZgnakAAAAIDmlWAw%3D%3D
Domain
pd.sharethis.com
URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fwww.grinningface.ca%2F&event_source=dtscout&rnd=0.22301944886552616&exptid=ZGMACmZgnakAAAAIDmlWAw%3D%3D&fcmp=false

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block object| sParams string| cc function| Hood function| NjY4ZwSkNAFfmDQ2eCMxNDY4MjE0NpSn

33 Cookies

Domain/Path Name / Value
www.grinningface.ca/ Name: HstCfa4615567
Value: 1717607847829
www.grinningface.ca/ Name: HstCla4615567
Value: 1717607847829
www.grinningface.ca/ Name: HstCmu4615567
Value: 1717607847829
www.grinningface.ca/ Name: HstPn4615567
Value: 1
www.grinningface.ca/ Name: HstPt4615567
Value: 1
www.grinningface.ca/ Name: HstCnv4615567
Value: 1
www.grinningface.ca/ Name: HstCns4615567
Value: 1
proftrafficcounter.com/ Name: uid_id2
Value: d431893e-25a2-417b-9dff-e7a498bce017:1:1
www.grinningface.ca/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: d431893e-25a2-417b-9dff-e7a498bce017%3A1%3A1
differsassassin.com/ Name: u_pl
Value: 22784088
differsassassin.com/ Name: pdhtkv
Value: true
differsassassin.com/ Name: uncs
Value: 1
differsassassin.com/ Name: pdhtkv49
Value: true
differsassassin.com/ Name: uncs49
Value: 1
www.grinningface.ca/ Name: m5a4xojbcp2nx3gptmm633qal3gzmadn
Value: differsassassin.com
disclosestockingsprestigious.com/ Name: u_pl
Value: 22609139
disclosestockingsprestigious.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjYwOTEzOSwiayI6ImQxYTVlNTAwZWQyNTVjYzRlYmY4MjJmZjJhZTQ4MjI5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjM2MDIzLCJwaWQiOjI0Njc3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6Img1MjBmMWJneXMiLCJjcGtzIjp7IjI4IjoiNjllNzllMjQ4Y2Y2YzY0OTE3YmQwZDE3MDhiNzEzOTIifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI0NDc1NDMzNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMjk4NSwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNSIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjM5LCJjIjoiQ0EiLCJuIjoiQ2FuYWRhIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmVsbCBDYW5hZGEifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5ncmlubmluZ2ZhY2UuY2EvIiwiYXIiOltdfX0.s3-OPsEkwz5xJlH9CZLF40Agra6egCAuILkkJdksURs
disclosestockingsprestigious.com/ Name: uid_id2
Value: 745ff19a-f857-43ef-928e-e25fa95d0b76:1:1
disclosestockingsprestigious.com/ Name: iprc514616d87b8184b7a3fd99f1e4afba3b
Value: 5263114
disclosestockingsprestigious.com/ Name: pdhtkv
Value: true
disclosestockingsprestigious.com/ Name: uncs
Value: 1
disclosestockingsprestigious.com/ Name: pdhtkv5
Value: true
disclosestockingsprestigious.com/ Name: uncs5
Value: 1
www.grinningface.ca/ Name: pp_main_de40747527625eb4f2cfd573cb92ac16
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1717607848
.dtscout.com/ Name: l
Value: 51A01717607848BA8134181410EE37D1
.sharethis.com/ Name: __stid
Value: ZGMACmZgnakAAAAIDmlWAw==
.sharethis.com/ Name: __stidv
Value: 2
alludesgroup.com/ Name: session
Value: 7ATEfVsY4SwMmwaaY2HywKUDl4pQqubj
.alludesgroup.com/ Name: _ht_v
Value: 1717607850.9728835928
.alludesgroup.com/ Name: _ht_s
Value: 1717607850.2

43 Console Messages

Source Level URL
Text
network error URL: https://www.grinningface.ca/
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.grinningface.ca/(Line 192)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.grinningface.ca/(Line 192)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://noisesperusemotel.com/d1a5e500ed255cc4ebf822ff2ae48229/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.grinningface.ca/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alludesgroup.com
cdn.cloudimagesb.com
cdn.ocmtag.com
cdn.tynt.com
differsassassin.com
disclosestockingsprestigious.com
e.dtscout.com
feed.rtbadshubmy.com
get.s-onetag.com
go.redditrace.com
ic.tynt.com
noisesperusemotel.com
onetag-geo.s-onetag.com
pd.sharethis.com
proftrafficcounter.com
recordedthereby.com
s10.histats.com
s4.histats.com
sdk.ocmhood.com
sneezeboring.com
t.dtscout.com
t.ocmhood.com
t.rtbadshubmy.com
t.sharethis.com
www.grinningface.ca
xml-v4.mpds-smart1.online
ic.tynt.com
onetag-geo.s-onetag.com
pd.sharethis.com
t.dtscout.com
t.sharethis.com
104.18.34.83
104.21.76.3
149.56.240.31
172.240.108.68
172.240.127.234
173.239.53.32
18.219.242.184
18.238.55.87
192.243.59.20
192.243.61.227
2606:4700:10::6814:1247
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700:21::8d65:780a
2606:4700:3032::ac43:8267
2606:4700:3033::ac43:cb94
2606:4700:3033::ac43:d0d9
2606:4700:3034::6815:513
2606:4700:3035::6815:4b42
3.226.151.86
45.133.44.10
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
1a6184e1c4e23e6489fa8187465c32613b697df05cdaa57ca312ecf5d251d9e8
240e490771231083887fe6ae3e8c01039a517307ec66777fbb67891a4a6ad56d
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
2ddaa8fe6863895e243d209d452ab9deff63a6a462ad6c29bd311265c33f9528
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61899980084487b44abf4c258961864d36bf0232dfc259e0c931625a98d3a6e6
654c93cbd3b3ca3d35f44b2665b4a6f57ed8f0aef01ac6c56bce39638dfab076
69aa3981c7f2bd873656c9afc2a5a3853a275601acd4b7f061a71e49e36eea32
6f96672bed1f6fe66e4122e7285718e8f997a5b3cde6136d5b60354a63acc3d7
7ad4364136812445867e91fa2aed3f2894df8e5aa9227d4736b5d8d3b1a46d66
81195ecef1ef260cddab7b3ab6123888768242882b856b5fab360f25850a9fa1
87f5def74fb8833eceda4049ae5c855bdc0d0e5f755f3495918d6e55ffcdc2c0
b318eab5dc3e56b60c1b9c8ffdd8fcaa8e765378c31476899397ab180a3ffa72
c077b3497f18826911b4ebac573977e24e1b3f3d3417f184f693bf5154ac6641
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cea7c87bc23f00deaf7d1f7fe6d8d81820b139236849d33e41eefc9605855903
cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24
d7f0b7f2570f2f28b504da1181b4d71b1420b10be2c4fd690927f1c8ee3b19c3
da9b5fef9e81d27b0e376af6e691b6e0d59df8953373285c1a0e9f0efb57f4a2
de3acfcd271af09cfaa6a773393ce26c6d139247f40de237019d4ce8afad9136
df02baf0b9e96947b6383e21c1196b1fae05226b6fe84744e442fc18728f127a
df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e82542aed8293f49fc83c4aaea566b1f6b4fc7a9ab5da11e6fb9bc0973b5324b
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
f2058ae04a43f3109e5a5f87e932344633e8626b539204289a05cafb411e81ba