rubysoloads.com Open in urlscan Pro
198.252.109.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rubysoloads.com/
Effective URL:
https://rubysoloads.com/
Submission Tags: tranco_l324
Submission: On April 09 via api (April 9th 2024, 9:53:03 am UTC) from DE — Scanned from DE

Summary HTTP 31 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 10 domains to perform 31 HTTP transactions. The main IP is 198.252.109.145, located in United States and belongs to HAWKHOST, CA. The main domain is rubysoloads.com.
TLS certificate: Issued by R3 on February 19th 2024. Valid for: 3 months.

This is the only time rubysoloads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 24	198.252.109.145 198.252.109.145	20068 (HAWKHOST) (HAWKHOST)
1	108.170.45.130 108.170.45.130	20454 (SSASN2) (SSASN2)
1	23.105.160.250 23.105.160.250	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	184.164.136.210 184.164.136.210	20454 (SSASN2) (SSASN2)
5	107.190.135.178 107.190.135.178	33182 (DIMENOC) (DIMENOC)
2 2	172.67.186.42 172.67.186.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
31	7

24 198.252.109.145 (United States) 5 redirects

ASN20068 (HAWKHOST, CA)
PTR: 198.252.109.145-static.reverse.arandomserver.com

rubysoloads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lastchancemailer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pcmu-adexchanges.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.170.45.130 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: server.lfmte1.com

truckloadofads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.160.250 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: server.bluediamondhost01.com

advertisingblowout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.164.136.210 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: server.prosperitymarketingsystem.com

trafficcodex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.190.135.178 (Orlando, United States)

ASN33182 (DIMENOC, US)
PTR: server2.trafficslider.com

healthynuliving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.186.42 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.wpcc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1081:1 (Germany) 2 redirects

ASN200325 (BUNNYCDN, SI)

cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	rubysoloads.com rubysoloads.com	607 KB
5	websitepolicies.io 2 redirects cdn.websitepolicies.io — Cisco Umbrella Rank: 133848	12 KB
5	healthynuliving.com healthynuliving.com	157 KB
5	lastchancemailer.com 5 redirects lastchancemailer.com	384 B
2	wpcc.io 2 redirects cdn.wpcc.io — Cisco Umbrella Rank: 429171	949 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 746	30 KB
1	pcmu-adexchanges.xyz pcmu-adexchanges.xyz	23 KB
1	trafficcodex.com trafficcodex.com	13 KB
1	advertisingblowout.com advertisingblowout.com	157 KB
1	truckloadofads.com truckloadofads.com	18 KB
31	10

	Domain	Requested by
18	rubysoloads.com	rubysoloads.com ajax.googleapis.com
5	cdn.websitepolicies.io	2 redirects rubysoloads.com cdn.wpcc.io
5	healthynuliving.com	rubysoloads.com
5	lastchancemailer.com	5 redirects
2	cdn.wpcc.io	2 redirects
1	ajax.googleapis.com	rubysoloads.com
1	pcmu-adexchanges.xyz	rubysoloads.com
1	trafficcodex.com	rubysoloads.com
1	advertisingblowout.com	rubysoloads.com
1	truckloadofads.com	rubysoloads.com
31	10

This site contains links to these domains. Also see Links.

Domain
pcmarketingunlimited.com
truckloadofads.com
advertisingblowout.com
trafficcodex.com
lastchancemailer.com
www.lindasgraphicdesign.com

Subject Issuer	Validity	Valid
*.letsgosolo.click R3	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.truckloadofads.com R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.advertisingblowout.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
trafficcodex.com cPanel, Inc. Certification Authority	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.pcmu-adexchanges.xyz R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
cdn.websitepolicies.io R3	`2024-04-06` - `2024-07-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rubysoloads.com/
Frame ID: 5E2340040BE1C65A2A1629DE05A1CBB4
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RUBY SOLO ADS

Page URL History Show full URLs

http://rubysoloads.com/ HTTP 307
https://rubysoloads.com/ Page URL

Detected technologies

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

77 %
HTTPS

25 %
IPv6

10
Domains

10
Subdomains

7
IPs

2
Countries

1016 kB
Transfer

1177 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://pcmarketingunlimited.com/help/
Title: SUPPORT

Search URL Search Domain Scan URL

URL: http://truckloadofads.com/?rid=6689

Search URL Search Domain Scan URL

URL: http://advertisingblowout.com/11623

Search URL Search Domain Scan URL

URL: http://trafficcodex.com/promo-codes/rubysoloads.com&ref=pinkham42

Search URL Search Domain Scan URL

URL: http://lastchancemailer.com/clicksqban.php?imgid=393595

Search URL Search Domain Scan URL

URL: http://lastchancemailer.com/clicksqban.php?imgid=442649

Search URL Search Domain Scan URL

URL: http://lastchancemailer.com/clicksqban.php?imgid=779451

Search URL Search Domain Scan URL

URL: http://lastchancemailer.com/clicksqban.php?imgid=374468

Search URL Search Domain Scan URL

URL: http://lastchancemailer.com/clicksqban.php?imgid=709415

Search URL Search Domain Scan URL

URL: https://lastchancemailer.com/?rid=2
Title: Get Yours Here

Search URL Search Domain Scan URL

URL: http://www.lindasgraphicdesign.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rubysoloads.com/ HTTP 307
https://rubysoloads.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://lastchancemailer.com/showsqban.php?imgid=393595 HTTP 302
https://healthynuliving.com/images/banner3.gif

Request Chain 5

https://lastchancemailer.com/showsqban.php?imgid=442649 HTTP 302
https://healthynuliving.com/images/banner3.gif

Request Chain 6

https://lastchancemailer.com/showsqban.php?imgid=779451 HTTP 302
https://healthynuliving.com/images/banner3.gif

Request Chain 7

https://lastchancemailer.com/showsqban.php?imgid=374468 HTTP 302
https://healthynuliving.com/images/banner3.gif

Request Chain 8

https://lastchancemailer.com/showsqban.php?imgid=709415 HTTP 302
https://healthynuliving.com/images/banner3.gif

Request Chain 15

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.css HTTP 301
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.css HTTP 301
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

Request Chain 16

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.js HTTP 301
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.js HTTP 301
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rubysoloads.com/
Redirect Chain

http://rubysoloads.com/
https://rubysoloads.com/

62 KB
10 KB

874ms
487ms

Document
text/html

198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 42800c99788950ef333c0a9ade26ccc88ba5f04bc44fd8b16bd131194e06e2e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Apr 2024 09:52:57 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://rubysoloads.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 header.png
rubysoloads.com/images/ 310 KB
310 KB 214ms
213ms Image
image/png 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/header.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 72a2bcf7810128758e44de2f2062baf88c90ac7b510ff7ba21b713d07651b863

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:50:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 317104
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H/1.1 200
OK siteownerbadge.png
truckloadofads.com/images/ 18 KB
18 KB 716ms
185ms Image
image/png 108.170.45.130
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://truckloadofads.com/images/siteownerbadge.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.170.45.130 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS: server.lfmte1.com
Software: Apache /
Resource Hash: 2e0e997fca44227d191e0ddb711a4ec5e8436d945f4824c10905310e185fc6cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 09:52:57 GMT
Last-Modified: Fri, 30 Jan 2015 10:51:42 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 18006
Content-Type: image/png

GET
H/1.1 200
OK 125.gif
advertisingblowout.com/banners/ 157 KB
157 KB 471ms
124ms Image
image/gif 23.105.160.250
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://advertisingblowout.com/banners/125.gif

Requested by

Host: rubysoloads.com
URL: https://rubysoloads.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

23.105.160.250 , United States, ASN30633 (LEASEWEB-USA-WDC, US),

Reverse DNS

server.bluediamondhost01.com

Software

Apache /

Resource Hash

314f988d57363aee31c6a1758e50ef535d90df923df1191c20e4c0eb72728ba5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 09:52:57 GMT
Content-Security-Policy: upgrade-insecure-requests;
Last-Modified: Fri, 20 May 2022 17:00:01 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=512
Content-Length: 160303
Expires: Wed, 09 Apr 2025 09:52:57 GMT

GET
H/1.1 200
OK owner-125.png
trafficcodex.com/banners/ 13 KB
13 KB 2422ms
188ms Image
image/png 184.164.136.210
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trafficcodex.com/banners/owner-125.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.164.136.210 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS: server.prosperitymarketingsystem.com
Software: Apache /
Resource Hash: 48f766996595bfee926550d710b1fccb5e78c8f5fca96c595691d012294efaa6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 09 Apr 2024 09:52:59 GMT
Last-Modified: Mon, 23 Dec 2013 20:51:29 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 13114
Content-Type: image/png

GET
H2

200

banner3.gif
healthynuliving.com/images/
Redirect Chain

https://lastchancemailer.com/showsqban.php?imgid=393595
https://healthynuliving.com/images/banner3.gif

31 KB
31 KB

945ms
432ms

Image
image/gif

107.190.135.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthynuliving.com/images/banner3.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Server: 107.190.135.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.trafficslider.com
Software: Apache /
Resource Hash: 75858864a0a362920870e50a70f139af5b7c347d630d3c0ad6dfe95eabab8aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
last-modified: Mon, 02 Jan 2023 15:16:02 GMT
server: Apache
accept-ranges: bytes
content-length: 32152
content-type: image/gif

Redirect headers

date: Tue, 09 Apr 2024 09:52:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
location: http://healthynuliving.com/images/banner3.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0

GET
H2

200

banner3.gif
healthynuliving.com/images/
Redirect Chain

https://lastchancemailer.com/showsqban.php?imgid=442649
https://healthynuliving.com/images/banner3.gif

31 KB
32 KB

796ms
282ms

Image
image/gif

107.190.135.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthynuliving.com/images/banner3.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Server: 107.190.135.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.trafficslider.com
Software: Apache /
Resource Hash: 75858864a0a362920870e50a70f139af5b7c347d630d3c0ad6dfe95eabab8aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
last-modified: Mon, 02 Jan 2023 15:16:02 GMT
server: Apache
accept-ranges: bytes
content-length: 32152
content-type: image/gif

Redirect headers

date: Tue, 09 Apr 2024 09:52:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
location: http://healthynuliving.com/images/banner3.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0

GET
H2

200

banner3.gif
healthynuliving.com/images/
Redirect Chain

https://lastchancemailer.com/showsqban.php?imgid=779451
https://healthynuliving.com/images/banner3.gif

31 KB
31 KB

946ms
432ms

Image
image/gif

107.190.135.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthynuliving.com/images/banner3.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Server: 107.190.135.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.trafficslider.com
Software: Apache /
Resource Hash: 75858864a0a362920870e50a70f139af5b7c347d630d3c0ad6dfe95eabab8aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
last-modified: Mon, 02 Jan 2023 15:16:02 GMT
server: Apache
accept-ranges: bytes
content-length: 32152
content-type: image/gif

Redirect headers

date: Tue, 09 Apr 2024 09:52:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
location: http://healthynuliving.com/images/banner3.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0

GET
H2

200

banner3.gif
healthynuliving.com/images/
Redirect Chain

https://lastchancemailer.com/showsqban.php?imgid=374468
https://healthynuliving.com/images/banner3.gif

31 KB
31 KB

944ms
431ms

Image
image/gif

107.190.135.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthynuliving.com/images/banner3.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Server: 107.190.135.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.trafficslider.com
Software: Apache /
Resource Hash: 75858864a0a362920870e50a70f139af5b7c347d630d3c0ad6dfe95eabab8aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
last-modified: Mon, 02 Jan 2023 15:16:02 GMT
server: Apache
accept-ranges: bytes
content-length: 32152
content-type: image/gif

Redirect headers

date: Tue, 09 Apr 2024 09:52:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
location: http://healthynuliving.com/images/banner3.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0

GET
H2

200

banner3.gif
healthynuliving.com/images/
Redirect Chain

https://lastchancemailer.com/showsqban.php?imgid=709415
https://healthynuliving.com/images/banner3.gif

31 KB
31 KB

797ms
284ms

Image
image/gif

107.190.135.178
DIMENOC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://healthynuliving.com/images/banner3.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Server: 107.190.135.178 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS: server2.trafficslider.com
Software: Apache /
Resource Hash: 75858864a0a362920870e50a70f139af5b7c347d630d3c0ad6dfe95eabab8aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
last-modified: Mon, 02 Jan 2023 15:16:02 GMT
server: Apache
accept-ranges: bytes
content-length: 32152
content-type: image/gif

Redirect headers

date: Tue, 09 Apr 2024 09:52:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
location: http://healthynuliving.com/images/banner3.gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0

GET
H2 200 adgem.png
rubysoloads.com/images/ 41 KB
41 KB 553ms
551ms Image
image/png 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/adgem.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: b618596e12c6727bf4dd83c86da798649d51a24a7009cf757ea37763f0a50eae

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Sun, 22 Oct 2023 16:23:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 41648
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 Over_Deliver.png
pcmu-adexchanges.xyz/images/ 23 KB
23 KB 754ms
354ms Image
image/png 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pcmu-adexchanges.xyz/images/Over_Deliver.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: b3b3589f163d088d8f8a31cec52e7d33fc43dd19819437173a34f5fd47979952

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 01 Dec 2023 21:54:01 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 23491
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 hi.gif
rubysoloads.com/images/ 24 KB
24 KB 553ms
551ms Image
image/gif 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/hi.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: cf557330925ad655197e4ca67e3c28832e309a394b0ec9423f8228b4bcdca41a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Sun, 22 Oct 2023 16:10:31 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24442
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 tick_red.gif
rubysoloads.com/images/ 651 B
705 B 553ms
551ms Image
image/gif 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/tick_red.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: ef3dc559c9aa4307e0b74d2012cd9da3911276323b765526f30dc8d5b7dd7c0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:49:47 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 651
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 jquery.js Show response
rubysoloads.com/jscripts/ 70 KB
23 KB 554ms
550ms Script
application/javascript 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rubysoloads.com/jscripts/jquery.js
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
content-encoding: br
last-modified: Fri, 20 Oct 2023 20:52:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23862
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 txt.js Show response
rubysoloads.com/jscripts/ 231 B
284 B 762ms
758ms Script
application/javascript 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rubysoloads.com/jscripts/txt.js
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 5572f7570f01ad62ec0bf9d4441279cb88cd09b1f9ea30438614629464fa2e35

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:52:57 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 231
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2

200

cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/
Redirect Chain

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.css
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.css
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

4 KB
2 KB

40ms
39ms

Stylesheet
text/css

2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

Requested by

Host: rubysoloads.com
URL: https://rubysoloads.com/

Protocol

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a5e6f8c443f2972a9dc8895ab7376db278062c4972aca7cc3957dc46bddff1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

content-encoding: br
cdn-pullzone: 403741
cdn-proxyver: 1.03
etag: W/"63654fd3-1023"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 06 Aug 2023 01:18:57 GMT
date: Tue, 09 Apr 2024 09:52:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:18:57
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Nov 2022 17:45:55 GMT
server: BunnyCDN-DE1-1081
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uR%2BUwinlEDhkq%2B1WU8mo9r8EUm0A87drrg2%2Fzm1nj7ToPRrwQKmNBbq3EYN4X%2BDSrnphKgDUxvtGfGmT5MDgwrHzX7NamDVplMqvCYYX9nCeX4KmOvjWE0g5mD35PefA%2FnjwKJfX1Ou"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 6dcf3851f15d2c84a3f10fb49f4ddaa2
cf-ray: 7e2c41a90f939030-FRA
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

expires: Tue, 09 Apr 2024 10:11:38 GMT
date: Tue, 09 Apr 2024 09:52:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1080
cdn-cachedat: 04/09/2024 09:11:38
cdn-pullzone: 403741
alt-svc: h3=":443"
content-length: 0
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0p3DK8tuRHo%2FMam06v%2FpIQYwHa12wXceiT0ifNdpb9fEHRz%2Fluc94WUvaYSHRP%2BIfhiRkK1HJtEBgolYWHeQIM%2BN6DpaYCqEFO0fpGHvWFdGwylZijclEAqtvOSuQj3KRX0qk1Gyoa7i"}],"group":"cf-nel","max_age":604800}
location: https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css
access-control-allow-origin: *
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
cdn-cache: HIT
cdn-requestid: 8ac66e730b0131abff59dc262cedefd8
cf-ray: 87195ef48e14690f-FRA
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2

200

cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/cookieconsent/
Redirect Chain

https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.js
https://cdn.websitepolicies.io/lib/1.0.2/cookieconsent.min.js
https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js

13 KB
6 KB

44ms
44ms

Script
application/javascript

2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js

Requested by

Host: rubysoloads.com
URL: https://rubysoloads.com/

Protocol

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

73c99e6dcaeb871bb0b4958181aecd48c231c639b3a61230a548d5866ba64748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rubysoloads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

content-encoding: br
cdn-pullzone: 403741
cdn-proxyver: 1.04
etag: W/"62866b77-32cc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 25 Apr 2024 20:58:51 GMT
date: Tue, 09 Apr 2024 09:52:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1079
cdn-cachedat: 03/26/2024 20:58:51
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
last-modified: Thu, 19 May 2022 16:08:23 GMT
server: BunnyCDN-DE1-1081
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08UlDsoTABrmNCGGjMKWa6ueHcI12aMQIyJP9laJGU9GFxpjG%2FsBw8Qc2MLcpl6eL709xJPkneA8hMc%2F7sHSncXlCQSnC6Bqaw%2BBx1Ygy%2BafQeCaKB7P1xJSvuBzCIsNTNjW3eLDyBIy"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 5a046a1f9051a0c579f86edfd2b4a4c2
cf-ray: 86aa0fa82ce930c0-FRA
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

expires: Tue, 09 Apr 2024 10:12:34 GMT
date: Tue, 09 Apr 2024 09:52:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1080
cdn-cachedat: 04/09/2024 09:12:34
cdn-pullzone: 403741
alt-svc: h3=":443"
content-length: 0
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 301
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EomX8ZuW82X2R107udmChwV6wswmyIJiINke4sTfj3nayNW3gdNdZe7W7y47RypOd%2FDf%2FcZmd8XeYLOBCBfBYiLgwReXrjpuKls%2FZ7tMJ9NuJFoKpv7VPBjO7i3kFTji73P1mzKPQASF"}],"group":"cf-nel","max_age":604800}
location: https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.js
access-control-allow-origin: *
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=3600
cdn-cache: HIT
cdn-requestid: 7c0782e1d3bbe0b22351e2c47ddedb86
cf-ray: 8719604fac90373b-FRA
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 301
cdn-requestpullsuccess: True

GET
H2 200 tc1.gif
rubysoloads.com/images/frontbuttons/ 2 KB
2 KB 554ms
552ms Image
image/gif 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/frontbuttons/tc1.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 167218791e4681dce7d5a4d151c045b87316b4e42953483414b2801b7e1bac8e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:51:32 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1832
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 sp1.gif
rubysoloads.com/images/frontbuttons/ 1 KB
1 KB 553ms
552ms Image
image/gif 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/frontbuttons/sp1.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 430e2204124987ff38d4f909922528d54b473c73063a7e21b71fc27c11fbfa13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:51:32 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1422
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 pp1.gif
rubysoloads.com/images/frontbuttons/ 1 KB
1 KB 757ms
756ms Image
image/gif 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/frontbuttons/pp1.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 0fdf80b60b764598ba80a5a65fea01a5ee6a37dc1d365bc0f03f83ff01323fe4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:51:33 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1477
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 au1.gif
rubysoloads.com/images/frontbuttons/ 1 KB
1 KB 758ms
757ms Image
image/gif 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/frontbuttons/au1.gif
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: bc3f4c803b550df3b18e94814f0263960102e21140660bafbea0fd3014914f0a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:51:30 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1205
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 143ms
41ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: rubysoloads.com
URL: https://rubysoloads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 22:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 22:17:27 GMT

GET
H2 200 footer.png
rubysoloads.com/images/ 166 KB
166 KB 761ms
759ms Image
image/png 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/footer.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 09e2e6de197bb24d3c7bbdf2fea18794e195c981df714c7d3500685036e64067

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:50:18 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 169755
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 background.jpg
rubysoloads.com/images/ 22 KB
22 KB 760ms
758ms Image
image/jpeg 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/background.jpg
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 2dd3f731c06e5184eba2c81a62b2d85e43f1b0d64f63c8d9109f3bd70b5675df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:50:50 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22468
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 body.png
rubysoloads.com/images/ 1 KB
1 KB 755ms
755ms Image
image/png 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/body.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 852b3763485742ab6010d871fee9018305e425e9e18f7bc8746102696ffbeab1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:57 GMT
last-modified: Fri, 20 Oct 2023 20:49:38 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1204
expires: Tue, 16 Apr 2024 09:52:57 GMT

GET
H2 200 cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/ 4 KB
2 KB 41ms
40ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/cookieconsent.min.css

Requested by

Host: cdn.wpcc.io
URL: https://cdn.wpcc.io/lib/1.0.2/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

a5e6f8c443f2972a9dc8895ab7376db278062c4972aca7cc3957dc46bddff1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
cdn-pullzone: 403741
cdn-proxyver: 1.03
etag: W/"63654fd3-1023"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=2592000
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Sun, 06 Aug 2023 01:18:57 GMT
date: Tue, 09 Apr 2024 09:52:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:18:57
alt-svc: h3=":443"
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Nov 2022 17:45:55 GMT
server: BunnyCDN-DE1-1081
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uR%2BUwinlEDhkq%2B1WU8mo9r8EUm0A87drrg2%2Fzm1nj7ToPRrwQKmNBbq3EYN4X%2BDSrnphKgDUxvtGfGmT5MDgwrHzX7NamDVplMqvCYYX9nCeX4KmOvjWE0g5mD35PefA%2FnjwKJfX1Ou"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: fb566fc2e8c7463d12d7a08aea8f7c4f
cf-ray: 7e2c41a90f939030-FRA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 check.php Show response
rubysoloads.com/inc/ 0
198 B 190ms
190ms XHR
text/html 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rubysoloads.com/inc/check.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://rubysoloads.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 check2.php Show response
rubysoloads.com/inc/ 0
9 B 198ms
198ms XHR
text/html 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rubysoloads.com/inc/check2.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html, */*; q=0.01
Referer: https://rubysoloads.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
server: LiteSpeed
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 up.png
rubysoloads.com/images/arrows/ 1 KB
1 KB 186ms
185ms Image
image/png 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubysoloads.com/images/arrows/up.png
Requested by: Host: rubysoloads.com
URL: https://rubysoloads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: 67813237b9756d7c58b92e4524baedfd300196f7f67cb50f2929f836e13866c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:58 GMT
last-modified: Fri, 20 Oct 2023 20:51:22 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1146
expires: Tue, 16 Apr 2024 09:52:58 GMT

GET
H3 200 favicon.ico
rubysoloads.com/ 1 KB
1 KB 187ms
186ms Other
image/x-icon 198.252.109.145
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://rubysoloads.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 198.252.109.145 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 198.252.109.145-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: e3b21e678279cba0c663037b68c9e092aba6126295f0154d7f18209e24fad6a0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rubysoloads.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 09:52:59 GMT
last-modified: Fri, 20 Oct 2023 20:48:55 GMT
server: LiteSpeed
content-type: image/x-icon
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1150
expires: Tue, 16 Apr 2024 09:52:59 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://truckloadofads.com/images/siteownerbadge.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://advertisingblowout.com/banners/125.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=393595'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=442649'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=779451'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=374468'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/ Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=709415'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://truckloadofads.com/images/siteownerbadge.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://advertisingblowout.com/banners/125.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=393595'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=442649'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=779451'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=374468'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://rubysoloads.com/(Line 494) Message: Mixed Content: The page at 'https://rubysoloads.com/' was loaded over HTTPS, but requested an insecure element 'http://lastchancemailer.com/showsqban.php?imgid=709415'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation	verbose	URL: https://rubysoloads.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advertisingblowout.com
ajax.googleapis.com
cdn.websitepolicies.io
cdn.wpcc.io
healthynuliving.com
lastchancemailer.com
pcmu-adexchanges.xyz
rubysoloads.com
trafficcodex.com
truckloadofads.com
107.190.135.178
108.170.45.130
172.67.186.42
184.164.136.210
198.252.109.145
23.105.160.250
2400:52e0:1e00::1081:1
2a00:1450:4001:82b::200a
09e2e6de197bb24d3c7bbdf2fea18794e195c981df714c7d3500685036e64067
0fdf80b60b764598ba80a5a65fea01a5ee6a37dc1d365bc0f03f83ff01323fe4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
167218791e4681dce7d5a4d151c045b87316b4e42953483414b2801b7e1bac8e
2dd3f731c06e5184eba2c81a62b2d85e43f1b0d64f63c8d9109f3bd70b5675df
2e0e997fca44227d191e0ddb711a4ec5e8436d945f4824c10905310e185fc6cf
314f988d57363aee31c6a1758e50ef535d90df923df1191c20e4c0eb72728ba5
42800c99788950ef333c0a9ade26ccc88ba5f04bc44fd8b16bd131194e06e2e7
430e2204124987ff38d4f909922528d54b473c73063a7e21b71fc27c11fbfa13
48f766996595bfee926550d710b1fccb5e78c8f5fca96c595691d012294efaa6
5572f7570f01ad62ec0bf9d4441279cb88cd09b1f9ea30438614629464fa2e35
67813237b9756d7c58b92e4524baedfd300196f7f67cb50f2929f836e13866c3
72a2bcf7810128758e44de2f2062baf88c90ac7b510ff7ba21b713d07651b863
73c99e6dcaeb871bb0b4958181aecd48c231c639b3a61230a548d5866ba64748
75858864a0a362920870e50a70f139af5b7c347d630d3c0ad6dfe95eabab8aa1
852b3763485742ab6010d871fee9018305e425e9e18f7bc8746102696ffbeab1
a5e6f8c443f2972a9dc8895ab7376db278062c4972aca7cc3957dc46bddff1ae
b3b3589f163d088d8f8a31cec52e7d33fc43dd19819437173a34f5fd47979952
b618596e12c6727bf4dd83c86da798649d51a24a7009cf757ea37763f0a50eae
bc3f4c803b550df3b18e94814f0263960102e21140660bafbea0fd3014914f0a
cf557330925ad655197e4ca67e3c28832e309a394b0ec9423f8228b4bcdca41a
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b21e678279cba0c663037b68c9e092aba6126295f0154d7f18209e24fad6a0
ef3dc559c9aa4307e0b74d2012cd9da3911276323b765526f30dc8d5b7dd7c0b

rubysoloads.com Open in urlscan Pro 198.252.109.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

77 %HTTPS

25 %IPv6

10 Domains

10 Subdomains

7 IPs

2 Countries

1016 kBTransfer

1177 kBSize

0 Cookies

11 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rubysoloads.com Open in urlscan Pro
198.252.109.145 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

77 %
HTTPS

25 %
IPv6

10
Domains

10
Subdomains

7
IPs

2
Countries

1016 kB
Transfer

1177 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions