daffodil-ruddy-run.glitch.me Open in urlscan Pro
52.3.60.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://daffodil-ruddy-run.glitch.me/
Submission: On December 31 via manual (December 31st 2020, 10:41:12 pm UTC) from US

Summary HTTP 120 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 48 domains to perform 120 HTTP transactions. The main IP is 52.3.60.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is daffodil-ruddy-run.glitch.me.

This is the only time daffodil-ruddy-run.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.3.60.128 52.3.60.128	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:8916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.68.161.17 51.68.161.17	16276 (OVH) (OVH)
1	51.68.161.20 51.68.161.20	16276 (OVH) (OVH)
10	139.45.196.201 139.45.196.201	9002 (RETN-AS) (RETN-AS)
3	139.45.196.200 139.45.196.200	9002 (RETN-AS) (RETN-AS)
1	139.45.195.242 139.45.195.242	9002 (RETN-AS) (RETN-AS)
1	2600:9000:21f... 2600:9000:21f3:2a00:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
1	2600:9000:214... 2600:9000:214f:3a00:1d:bf0d:abc0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.224.195.73 13.224.195.73	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.197.10 139.45.197.10	9002 (RETN-AS) (RETN-AS)
1 3	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1	37.59.184.172 37.59.184.172	16276 (OVH) (OVH)
3	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2)
1	172.255.6.232 172.255.6.232	7979 (SERVERS-COM) (SERVERS-COM)
2 6	104.19.133.80 104.19.133.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:1141	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	213.239.209.209 213.239.209.209	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:20a... 2600:9000:20a5:ae00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	50.18.199.66 50.18.199.66	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77) (CDN77)
11	54.230.183.59 54.230.183.59	16509 (AMAZON-02) (AMAZON-02)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 3	2606:4700:20:... 2606:4700:20::ac43:4a21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.195.106 139.45.195.106	9002 (RETN-AS) (RETN-AS)
4	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
2 2	52.46.129.238 52.46.129.238	16509 (AMAZON-02) (AMAZON-02)
1	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
1	68.183.0.10 68.183.0.10	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	104.19.132.80 104.19.132.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1	104.28.10.139 104.28.10.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	94.31.29.128 94.31.29.128	6461 (ZAYO-6461) (ZAYO-6461)
1	68.183.5.87 68.183.5.87	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	78.140.188.188 78.140.188.188	35415 (WEBZILLA) (WEBZILLA)
1	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
2	35.190.74.92 35.190.74.92	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.80.103 13.225.80.103	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	216.21.13.16 216.21.13.16	53334 (TUT-AS) (TUT-AS)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:46b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	139.45.196.73 139.45.196.73	9002 (RETN-AS) (RETN-AS)
1	184.24.7.88 184.24.7.88	16625 (AKAMAI-AS) (AKAMAI-AS)
120	54

1 52.3.60.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-60-128.compute-1.amazonaws.com

daffodil-ruddy-run.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8916 (United States)

ASN13335 (CLOUDFLARENET, US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.161.17 (France)

ASN16276 (OVH, FR)
PTR: ip17.ip-51-68-161.eu

onegalact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.161.20 (France)

ASN16276 (OVH, FR)
PTR: ip20.ip-51-68-161.eu

waxtamnit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.201 (Ascension Island)

ASN9002 (RETN-AS, GB)

kumteerg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.200 (Ascension Island)

ASN9002 (RETN-AS, GB)

choupsee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.242 (Ascension Island)

ASN9002 (RETN-AS, GB)

choogeet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2a00:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:3a00:1d:bf0d:abc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2sbzwmcg5amr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-73.fra2.r.cloudfront.net

djv99sxoqpv11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c1a (United States)

ASN13335 (CLOUDFLARENET, US)

coinpayu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.10 (Ascension Island)

ASN9002 (RETN-AS, GB)

stawhoph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.192.101.24 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p405661.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.59.184.172 (France)

ASN16276 (OVH, FR)
PTR: ip172.ip-37-59-184.eu

duetgypsyantis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.232 (Netherlands)

ASN7979 (SERVERS-COM, US)

seaboblit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.133.80 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1141 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.239.209.209 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20a5:ae00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.18.199.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-199-66.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Germany)

ASN60068 (CDN77, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.230.183.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)

ssionsupre.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4a21 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.106 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

rrlivmkcc4nz.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.129.238 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

rcm-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.0.10 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.132.80 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.28.10.139 (United States)

ASN13335 (CLOUDFLARENET, US)

ssp.zryydi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 94.31.29.128 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p405661.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.5.87 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.188.188 (Netherlands)

ASN35415 (WEBZILLA, NL)

api.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN6461 (ZAYO-6461, US)

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.74.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)

www.tradeadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)

ueaggress.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.16 (United States)

ASN53334 (TUT-AS, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:46b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ads.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.73 (Ascension Island) 1 redirects

ASN9002 (RETN-AS, GB)

shorteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.7.88 (United States)

ASN16625 (AKAMAI-AS, US)

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ssionsupre.fun ssionsupre.fun	4 KB
10	yandex.ru 2 redirects mc.yandex.ru	97 KB
10	shorte.st 2 redirects cdn.shorte.st api.shorte.st ads.shorte.st	49 KB
10	kumteerg.com kumteerg.com	88 KB
8	adsco.re c.adsco.re adsco.re 6.adsco.re rrlivmkcc4nz.l.adsco.re rrlivmkcc4nz.n.adsco.re Failed rrlivmkcc4nz.s.adsco.re Failed	16 KB
8	adskeeper.com jsc.adskeeper.com servicer.adskeeper.com cm.adskeeper.com s-img.adskeeper.com c.adskeeper.com	125 KB
7	adskeeper.co.uk 3 redirects cdn.adskeeper.co.uk jsc.adskeeper.co.uk c.adskeeper.co.uk	60 KB
5	mycdn.co p405661.mycdn.co	66 KB
4	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	116 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	a-ads.com ad.a-ads.com
3	bidvertiser.com bdv.bidvertiser.com	11 KB
3	choupsee.com choupsee.com	67 KB
3	onegalact.com onegalact.com	1 KB
2	tradeadexchange.com www.tradeadexchange.com	16 KB
2	amazon-adsystem.com 2 redirects rcm-na.amazon-adsystem.com	765 B
2	popads.net c1.popads.net serve.popads.net	10 KB
2	infopicked.com infopicked.com	14 KB
2	googlesyndication.com pagead2.googlesyndication.com	135 KB
2	cloudfront.net d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net	209 KB
2	exosrv.com a.exosrv.com syndication.exosrv.com	39 KB
2	mellowads.com mellowads.com	41 KB
1	gearbest.com www.gearbest.com
1	shorteh.com 1 redirects shorteh.com	1 KB
1	ueaggress.top ueaggress.top	501 B
1	gstatic.com fonts.gstatic.com	16 KB
1	buysellads.net cdn4.buysellads.net	11 KB
1	carbonads.net srv.carbonads.net	982 B
1	zryydi.com ssp.zryydi.com
1	adtelligent.com s.adtelligent.com
1	buysellads.com srv.buysellads.com	729 B
1	assoc-amazon.com ws-na.assoc-amazon.com
1	rtmark.net my.rtmark.net	785 B
1	ipfind.co ipfind.co	586 B
1	consensu.org quantcast.mgr.consensu.org
1	googleapis.com ajax.googleapis.com	33 KB
1	seaboblit.com seaboblit.com	1 KB
1	servedby-buysellads.com m.servedby-buysellads.com	16 KB
1	carbonads.com cdn.carbonads.com	6 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	duetgypsyantis.com duetgypsyantis.com	1 KB
1	clksite.com 1 redirects p405661.clksite.com	304 B
1	stawhoph.com stawhoph.com
1	coinpayu.com coinpayu.com	149 KB
1	thisiswaldo.com cdn.thisiswaldo.com	81 KB
1	choogeet.net choogeet.net	38 KB
1	waxtamnit.com waxtamnit.com	1 KB
1	glitch.me daffodil-ruddy-run.glitch.me	10 KB
120	48

	Domain	Requested by
11	ssionsupre.fun	d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net
10	mc.yandex.ru	2 redirects daffodil-ruddy-run.glitch.me mc.yandex.ru
10	kumteerg.com	daffodil-ruddy-run.glitch.me kumteerg.com
6	api.shorte.st	cdn.shorte.st
5	p405661.mycdn.co	p405661.clksite.com p405661.mycdn.co daffodil-ruddy-run.glitch.me
3	www.google-analytics.com	daffodil-ruddy-run.glitch.me www.google-analytics.com
3	s-img.adskeeper.com	daffodil-ruddy-run.glitch.me
3	adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
3	cdn.shorte.st	1 redirects daffodil-ruddy-run.glitch.me cdn.shorte.st
3	securepubads.g.doubleclick.net	1 redirects daffodil-ruddy-run.glitch.me securepubads.g.doubleclick.net
3	ad.a-ads.com	daffodil-ruddy-run.glitch.me
3	cdn.adskeeper.co.uk	1 redirects daffodil-ruddy-run.glitch.me
3	bdv.bidvertiser.com	daffodil-ruddy-run.glitch.me bdv.bidvertiser.com
3	choupsee.com	daffodil-ruddy-run.glitch.me choupsee.com
3	onegalact.com	daffodil-ruddy-run.glitch.me
2	c.adskeeper.co.uk	1 redirects
2	cm.adskeeper.com	jsc.adskeeper.com
2	www.tradeadexchange.com	cdn.shorte.st www.tradeadexchange.com
2	jsc.adskeeper.co.uk	1 redirects daffodil-ruddy-run.glitch.me
2	rcm-na.amazon-adsystem.com	2 redirects
2	6.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
2	c.adsco.re	c1.popads.net c.adsco.re
2	infopicked.com	daffodil-ruddy-run.glitch.me p405661.mycdn.co
2	pagead2.googlesyndication.com	daffodil-ruddy-run.glitch.me pagead2.googlesyndication.com
2	mellowads.com	daffodil-ruddy-run.glitch.me mellowads.com
1	c.adskeeper.com	daffodil-ruddy-run.glitch.me
1	www.gearbest.com	cdn.shorte.st
1	shorteh.com	1 redirects
1	ads.shorte.st	1 redirects
1	serve.popads.net	c1.popads.net
1	ueaggress.top	daffodil-ruddy-run.glitch.me
1	servicer.adskeeper.com	jsc.adskeeper.com
1	fonts.gstatic.com	daffodil-ruddy-run.glitch.me
1	cdn4.buysellads.net	daffodil-ruddy-run.glitch.me
1	srv.carbonads.net	cdn.carbonads.com
1	ssp.zryydi.com	cdn.shorte.st
1	s.adtelligent.com	cdn.thisiswaldo.com
1	srv.buysellads.com	m.servedby-buysellads.com
1	ws-na.assoc-amazon.com	daffodil-ruddy-run.glitch.me
1	rrlivmkcc4nz.l.adsco.re	c.adsco.re
1	my.rtmark.net	daffodil-ruddy-run.glitch.me
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	syndication.exosrv.com	a.exosrv.com
1	c1.popads.net	daffodil-ruddy-run.glitch.me
1	ipfind.co	cdn.thisiswaldo.com
1	quantcast.mgr.consensu.org	cdn.thisiswaldo.com
1	jsc.adskeeper.com	daffodil-ruddy-run.glitch.me
1	ajax.googleapis.com	daffodil-ruddy-run.glitch.me
1	seaboblit.com	daffodil-ruddy-run.glitch.me
1	m.servedby-buysellads.com	daffodil-ruddy-run.glitch.me
1	cdn.carbonads.com	daffodil-ruddy-run.glitch.me
1	cdnjs.cloudflare.com	daffodil-ruddy-run.glitch.me
1	duetgypsyantis.com	daffodil-ruddy-run.glitch.me
1	p405661.clksite.com	1 redirects
1	stawhoph.com	daffodil-ruddy-run.glitch.me
1	coinpayu.com	daffodil-ruddy-run.glitch.me
1	djv99sxoqpv11.cloudfront.net	daffodil-ruddy-run.glitch.me
1	d2sbzwmcg5amr3.cloudfront.net	daffodil-ruddy-run.glitch.me
1	a.exosrv.com	daffodil-ruddy-run.glitch.me
1	cdn.thisiswaldo.com	daffodil-ruddy-run.glitch.me
1	choogeet.net	daffodil-ruddy-run.glitch.me
1	waxtamnit.com	daffodil-ruddy-run.glitch.me
1	daffodil-ruddy-run.glitch.me
0	rrlivmkcc4nz.s.adsco.re Failed	c.adsco.re
0	rrlivmkcc4nz.n.adsco.re Failed	c.adsco.re
120	65

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.coinpayu.com
srv.carbonads.net
carbonads.net
widgets.adskeeper.com
www.adskeeper.com
shorte.st

Subject Issuer	Validity	Valid
kumteerg.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
choupsee.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
choogeet.net R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-07` - `2021-08-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.infopicked.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
ssionsupre.fun Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.l.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-14`	2 years	crt.sh
ws-na.assoc-amazon.com Amazon	`2020-04-10` - `2021-03-16`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
s.adtelligent.com Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
*.shorte.st Sectigo RSA Domain Validation Secure Server CA	`2019-10-18` - `2020-12-16`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
tradeadexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-16` - `2022-07-01`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-10-22`	a year	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2020-04-13` - `2021-07-13`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://daffodil-ruddy-run.glitch.me/
Frame ID: 37BA21D48CC1D7C260DABE40DACCA010
Requests: 97 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90
Frame ID: 2260C40E46AA6D7FAEDF1928A4D34D73
Requests: 1 HTTP requests in this frame

Frame: http://ssionsupre.fun/TzZrWmYuVAg3WS4LCXwTPVpWf1QJE1kcAn1FCSARIlUMbwciRFh0BSNZHj4APVkFLkghUx9/VAlsCWsWGmEBOSsBYgRiJQ1FERchLGYzDQ4nVyoULAJ1CGsxHQ8FFTIZVSo9DiJ7PTFXA2UyFQUND1MTJQ1iPjcSNngHAyQfYQdiMyhzXjsxPGQvMFJ9bBwULANfOms+CX9fEA8BUyoZK3d7AG4gKXUubSUof1oWDAFUKiASN1cjHAcrcTl/VAl0PWMfAGIfDyQlZwwUMx5+DWgFFnMHaxcfYjkeJSVsEzsnLHUkIAJqBC0YMHcHIWleCW4SEB4udw8/BygbHygnNXQdPD53cDMgFSR9ByktA2Iubj4Obx45MSdOPDcKJVIqCDwpBDErLjhnEhMiK1Q4NwEXUBwMAAFcWyIzJEYEACJ+ZS8eI3hVExACLlwIIzQed1gXPndwIA0sIVIqPiQtWz0rJApwGAA+d3AzIw1+Zi0DAgIFLTUFGUYbA1UeczwCESdsHHwMPFkFKlsiWQA3NH1dBQARPWIsKg
Frame ID: 74AD1197C2EC6F97B3CCB6466E8ABC61
Requests: 1 HTTP requests in this frame

Frame: http://ssionsupre.fun/QnE4dzAjE1saDyNMWlFFMB0FUgIEVAoxVHACWg1HLxJfQlEvAwtZUy4eTRNWMB5WAx4sFExSAgQ4W0cJdyAIOmELM1sbVgMSVT9od0ZrGVQIEnATZgggVwR8Ez9BNmF2HmgeR3QyehRRCB0ARH8QFUEkdxcHfR51JxdVImcLI0hSAgASVCJFCiJ+UgIAIwocfg8ITy5TKgJAOFgtFnk0QzAyUSFWDBhyOHkqKA08WHobfzBqOj9gB2ghQ2I1VnM0TT5YAxx+DVMxMHsTUyEwfiBWFxpJO2EhAH4gajogQT5pCzZiNVY6KE8tWwRUCjFxFStAJgN3O3A/ego0fVpIMytTMRVwN38zfTg5QRh/CBh9LnolQFUUZBRHaxliNiBwG1MhKXYVegA0CztYewBrAHIvIGBPZgkYXyBRKQVCPXIbAn0eSDMnVkZ6CzJLNXkAIFUtWwc7aS9yNiAKMX4hH3Y2aRdIQS1bBFQKMXMrOFQyWnIgYhl1cxRTBwAgJHpCaDgrHUVyEAhLFVQKAmsRdQAJWzJxNyULIQYRQlMUUywCYDtlLgZbNVRxIlYxSQQpYVFaMR5WBw06PFM6UwE6bB5Z
Frame ID: D81D245BB2C11F50B12FC60E63FE93B5
Requests: 1 HTTP requests in this frame

Frame: http://ssionsupre.fun/d3NGU0UWESU+ehZOJHUwBR97dncxVnQVIUUAJCkyGhAhZiQaAXV9JhscMzcjBRwoJ2sZFjJ2dzE0IwsHISkACiQ/CTUQJCZDHB4TGwYXBikfKxEZIzAaHx8KNh8IHhRPAAI0FxomPh0IJyExFwcjJREaF0MKFBYDDTACMB0xQS4QCA8QEjIDIQQBERREJBEZIzUwEx8VIiIVGT1HVnQVAxAYfxcGTycQOgQxEj4CIzsEdmUDJTUxBS01Ph4+EzUpAz8cODITYgA1Ry4QPCIhEAQcGhB2JwQnMik6DTULMQUoLiYDBx81KQM4Iz0YADgWJhsxBSgtOhcSaAclHzofMRUDFS4kIQM/AzMcJRE/NjQWAQQyEAAKFCM2CDoWGiUWBRITJiA7DC46FzhzLzYPBBQgIQwbAQAjC2I9NCkXHj8wGzVlES89CgIBLj4MERwTPgMVLidDLj4WGikeAQIlJhwFITApAxUuJCILYwQdEAoUHTUkAxY9MyotIykjQh80EiA6IhYoPRAIYzU9KXc3KTA2HDkdIEYWFRIlEAs7MTYpKjA8JiYIPRMjMQd1LwQcKCN4Exg8JDFERANmCD4UFR8
Frame ID: AFEEBC8C31CFA4F620EF4B1DF89A4709
Requests: 1 HTTP requests in this frame

Frame: http://ssionsupre.fun/YmlyeDQDCxEVCwNUEF5BEAVPXQYkTEA+UFAaEAJDDwoVTVUPG0FWVw4GBxxSEAYcDBoMDAZdBiQ6IUgNJT0fSFsrKhUXYQhRHzFaLD8US0xSDDQAQCg9JxB1GB0LNmYBKzY5ABYPCh8NAz07SHc6M1dKdjsqOzV+MQFFGXUFBT4wQEdbNCtNDRs4MHo4CyYXWgEeMxN6MVEbOWcSGBY5XDszKkFeBC9DEn0LCgY6dzdeOSwEJAscD3EDWEtPfgsORDt3BhgWMAAjIhsAXgQvQhNkJSdKIGAsGBYwAQEMCjoHBwM4XQYgMx82DDo6HV0GJCcbMX0yKh0TfjM4V0pyAwdfKX01IRpMVSpYEBpaU1soH20IJgsLXTEhGTVtUREWMk07HTlIXFcPCz1GJgAzH1ZQHRQdTRUcIjl9DyIfNgwpWjxAVSpcNh4HV1sULXpbDx82DDo9FQ19IVEUMVkSWTE+XFYMNRANNVtCTlFRBjgzbApMQDp4U1wLHmw0UDYwBVcPQSJWLgdHXQYgIhVBAwQhJwliOgFLHE0KPFQSRw0HAkVHOwU1OV9THAQ
Frame ID: 7BEA1EFE57B2192D6EAC08241DE69846
Requests: 1 HTTP requests in this frame

Frame: http://ssionsupre.fun/aHExMzQJE1JeCwlMUxVBGh0MFgYuVAN1UAIHCApHEB5AQ0JZQB9QWAcEVVVGBx9FHVoNBRQBcgEkXVtkMRxoS3oRNHRkZzEJegINOihmCgw9NwgDeQIGf3B3Ih17ckM9P2IDXyYifGpzMAJoYncxGHoCDTAVdWJBLDB3RVIBHnxxY1EBUGJ5Kzx2ZQM6M3haehEjV3dNPVQDdX4PRXV6YFgCc1h1Bj5pemQrIlZLfR9FeVcGBztnA1wBF2kCZzwbCQZ4KQJ4eV4LSXJYegA2XENlPhtCAXsfEnpXBhhUA3VwHxJJVWxZInJgclEXZ3pRDENBFgYuJABqegkpHEANPUJFClI+OHl6XQ8bc0txWz5YYngtH1VCdz4VZ2lsMklndnoPEHZQfiwYaAJ9WBVkdmxZSGRUW188SEN8PjZ4FgYuOlZ2ejgpd0JhLihJfnBYP3JJUFEXYmFRMSlrFgYuJXd5Xgk5SX5hLz8IVWIhJ3xJAB00cAoHCRZda2I/JwNVcjowewFiXzNWYVgxMgRhbFozQ1V1JiBrdHJbJ3B9XjEyQnJiBTdDeAUYJ2h0XxgmRhVeGx5fQwkDH0NUQQMmdHl1XAs
Frame ID: 7D913EB7489471ED724A53CBA41A6342
Requests: 1 HTTP requests in this frame

Frame: http://ssionsupre.fun/R2RXY1EmBjQObiZZNUUkNQhqRmMBQWUlNS0SbloiPwsmEyd2VXkAPSgRMwUjKAojTT8iEHJRFwAzESEGJQ88VAE9Ax4HODBRGg8fYlYVAmMjCA87PWJWFSw4EiYdGjkzIGYMASUDDjkSPykvKQUkAhUUKSAlAgRoDg4FEQl1XGcuBSAuMytldisWUmEmPA5QEi4QOzkZBgYcJAR+KwUyNgkgIFACdBcyOQkvATUkISACMC4+CB48VxYuPSUsGQkAFFBgLj4wAD8LIAJVAnQQODMFJCo1JCEgKwVSIiYJFhYCdBA4OgYeHDIkJhc9ZwciJgkWUBktD2ctAmohGygrClEeCCVwLDo1PRAzMxELKSo0BgkGUwcLPiwqHzU6CzMvEggDCx8qO3ZVDSVlMjQDLmgGMxVaCCo9GSoCKEFlJR4wECQCOR0RDzQ1KAI6KTciMyNGYwU9EVoiJgkWDxU+XGIqO34oMhtkKz4BDz8mVg0UFnQ2JC0VFT40Nz0tBmYbZyYeEQQGDyYwOTsJAjQ3Jj4+O1JnFyM/DwkPA3JREyY1cQkiKAonXghzImE1HiI+PhYwNioDUwY
Frame ID: 98AC43CAE998B7D7CEE5593289B91187
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111
Frame ID: 26A280C8D09B7096F2B2685C58E92D9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 274E34CFEED5BB8546F0AA333A454BA1
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: BADBD54726D2B9E031D822B0E981D5E6
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Frame ID: 9F3A06A96A91733B21ADCD21D51BE98A
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1120283?size=120x90
Frame ID: 7766FB9B64E28644018AFC93C702CD05
Requests: 1 HTTP requests in this frame

Frame: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=4043314041894&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=4043314041894&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Frame ID: 42261E7C4D22AF946EBC3C0D0625A2B0
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: 0C39277F216BA4D22FA6C3AE5C02C27E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8FCE4FE4C6EA00E61C52C39032AE648D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1609454447680421622745
Frame ID: 452E2286CE8634222546F195A5811D17
Requests: 1 HTTP requests in this frame

Frame: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 3EB9C1F2E58519ADA1F1ED322D6F3168
Requests: 2 HTTP requests in this frame

Frame: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=368641270882513091
Frame ID: 38094889721FF31D45406FAD3A1F71D5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0C6F60EB80B36C18A13ABEF3235C197A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

120
Requests

58 %
HTTPS

35 %
IPv6

48
Domains

65
Subdomains

54
IPs

7
Countries

1544 kB
Transfer

4182 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v
Title: Click Here

Search URL Search Domain Scan URL

URL: https://www.coinpayu.com/?r=tteggeufgy

Search URL Search Domain Scan URL

URL: https://srv.carbonads.net/ads/click/x/GTND42JEF6BDV2JICVYLYKQNCTAIPKJUCYBD5Z3JCYYDLK7MFTAI55QKCWAIC27WCWBDKK7ICWSI4K3NCEBDKK7KC6SDT5QWCW7DTK3EHJNCLSIZ?segment=placement:dsawrewreafera;

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=dsawrewreafera&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1056221

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/5094911/i/57390646/2/pp/1/1?h=mgAWTvZUnU2JjBvK6xWc8Kbo-Q1LxDsJO5rVFE4RjYW5Q0XVrl7xJJ7tjf2qo5ZW&rid=39c318b0-4bb9-11eb-b55a-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/6613148/i/57390646/2/pp/2/1?h=1V5neAmrdEbouP9BPWraCQzfAh9otto3uk91yl9ZaexYgk8GA44KCNCNnhv4tkyL&rid=39c318b0-4bb9-11eb-b55a-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7753662/i/57390646/2/pp/3/1?h=rCGHSfxkm2yZysReAFYYrv5rucbwPBPBkTiPuYORzkQxa-UnKo33BmIKUu3YcPIq&rid=39c318b0-4bb9-11eb-b55a-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://shorte.st/?utm_source=daffodil-ruddy-run.glitch.me&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom HTTP 301
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

Request Chain 21

http://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000 HTTP 301
https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000

Request Chain 28

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 46

http://cdn.shorte.st/link-converter.min.js HTTP 301
https://cdn.shorte.st/link-converter.min.js

Request Chain 63

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 301
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

Request Chain 68

http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120114234047 HTTP 301
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120114234047

Request Chain 89

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234047%3Aet%3A1609454448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A574500606273%3Arqn%3A1%3Arn%3A838094563%3Ahid%3A840679631%3Ads%3A7%2C14%2C313%2C1%2C0%2C0%2C0%2C2358%2C15%2C%2C%2C%2C2696%3Afp%3A350%3Awn%3A56508%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454448%3Au%3A1609454448103293572%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020 HTTP 302
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234047%3Aet%3A1609454448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A574500606273%3Arqn%3A1%3Arn%3A838094563%3Ahid%3A840679631%3Ads%3A7%2C14%2C313%2C1%2C0%2C0%2C0%2C2358%2C15%2C%2C%2C%2C2696%3Afp%3A350%3Awn%3A56508%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454448%3Au%3A1609454448103293572%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Request Chain 100

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 107

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=2&cp.enc_url=&cp.type=overlay&cp.asid=12e776fc80396dc3394c54fb101786e066ea5b1b HTTP 302
https://shorteh.com/afu.php?zoneid=1241630 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=368641270882513091

Request Chain 116

http://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4zMTQsImRvbUNvbXBsZXRlIjoxMC44MTksInBhZ2VMb2FkVGltZSI6MTAuODI0LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyMiwicmVzcG9uc2VFbmRUaW1lIjowLjMzNn19 HTTP 301
https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4zMTQsImRvbUNvbXBsZXRlIjoxMC44MTksInBhZ2VMb2FkVGltZSI6MTAuODI0LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyMiwicmVzcG9uc2VFbmRUaW1lIjowLjMzNn19

Request Chain 121

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234102%3Aet%3A1609454463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A114%3Als%3A574500606273%3Arqn%3A2%3Arn%3A406082546%3Ahid%3A840679631%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C10819%2C10819%2C5%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454463%3Au%3A1609454448103293572 HTTP 302
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234102%3Aet%3A1609454463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A114%3Als%3A574500606273%3Arqn%3A2%3Arn%3A406082546%3Ahid%3A840679631%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C10819%2C10819%2C5%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454463%3Au%3A1609454448103293572

120 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
daffodil-ruddy-run.glitch.me/ 10 KB
10 KB 335ms
313ms Document
text/html 52.3.60.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 52.3.60.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-60-128.compute-1.amazonaws.com
Software: /
Resource Hash: 13332c9d8032d23d6094327fe6d4ab8fc561613da9f640e57b92046d82e0eed4

Request headers

Host: daffodil-ruddy-run.glitch.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 10381
Connection: keep-alive
vary: Origin
accept-ranges: bytes
last-modified: Thu, 31 Dec 2020 22:38:17 GMT
cache-control: max-age=0
etag: W/"288d-176baf39fa8"

GET
H/1.1 200
OK pop.js Show response
mellowads.com/ 423 B
1 KB 262ms
252ms Script
application/javascript 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1e3d80cdb230733b5fe84893fc1ad2a202451055cbfd3bf90fd7810fe420cc0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
CF-RAY: 60a781085b981f3d-FRA
Content-Length: 497
cf-request-id: 075c8ef93900001f3d58a2f000000001
Expires: -1

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 65ms
30ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21431 Show response
waxtamnit.com/fGZK1mdRMO3Lzx3/ 0
1 KB 71ms
34ms Script
text/html 51.68.161.20
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://waxtamnit.com/fGZK1mdRMO3Lzx3/21431
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.20 , France, ASN16276 (OVH, FR),
Reverse DNS: ip20.ip-51-68-161.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21432 Show response
onegalact.com/pFFQARKPePsD/ 0
1 KB 71ms
37ms Script
application/javascript 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/pFFQARKPePsD/21432
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK tag.min.js Show response
kumteerg.com/pfe/current/ 42 KB
12 KB 128ms
54ms Script
application/javascript 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK tag.min.js Show response
choupsee.com/pfe/current/ 42 KB
12 KB 114ms
57ms Script
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK micro.tag.min.js Show response
choogeet.net/pfe/current/ 129 KB
38 KB 87ms
36ms Script
application/javascript 139.45.195.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=3461354
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.195.242 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-20534"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 8636.js Show response
cdn.thisiswaldo.com/static/js/ 269 KB
81 KB 138ms
100ms Script
application/javascript 2600:9000:21f3:2a00:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.thisiswaldo.com/static/js/8636.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2600:9000:21f3:2a00:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

5e0a9e9b6a8061cb91728a76e9421f4ccfa71eb1e0e6569e69ac317d272eb712

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 15:19:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 112882
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 18 Dec 2020 20:04:43 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "435d5-5b6c29e916f57-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: bdJWdSg5MD83IyaZTpqpCAbH-mZoNEk8fG8ZmyjQ4AJHYgIqjKrKRA==

GET
H2 200 popunder1000.js Show response
a.exosrv.com/ 88 KB
38 KB 33ms
7ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exosrv.com/popunder1000.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:44 GMT
content-encoding: gzip
last-modified: Thu, 31 Dec 2020 22:26:51 GMT
server: ECS (fcn/40B0)
age: 833
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 39122
expires: Fri, 01 Jan 2021 01:40:44 GMT

GET
H/1.1 200
OK / Show response
d2sbzwmcg5amr3.cloudfront.net/ 434 KB
141 KB 190ms
173ms Script
text/plain 2600:9000:214f:3a00:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2600:9000:214f:3a00:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 98d5dd7cc6ab426d1133b936c32ba0f65c2213603ececcd0c03f17b8e5ba7443

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 144077
Via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ELylcJq1Rt9-dAn0OnGfxtXU5nhxpoT6DV-6QIp-BHzgZCWqyXjgIQ==

GET
H/1.1 200
OK / Show response
djv99sxoqpv11.cloudfront.net/ 205 KB
67 KB 206ms
181ms Script
text/plain 13.224.195.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.224.195.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-73.fra2.r.cloudfront.net
Software: /
Resource Hash: d236a22714ff1a245799617bfce64c211df93f03adb3396b8bf6fecbaab86d24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:45 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 68631
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
X-Amz-Cf-Id: kOGwZEAJRNIxxoLsLwzyd_VMBsERtGcKPNfQIxg5WQ6aRk3uQno4uA==

GET
H2 200 468X60.gif
coinpayu.com/static/advertiser_banner/ 148 KB
149 KB 43ms
20ms Image
image/gif 2606:4700:20::681a:c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coinpayu.com/static/advertiser_banner/468X60.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 144142
cf-polished: status=not_needed
content-length: 151259
cf-request-id: 075c8ef96100004aaf418f8000000001
last-modified: Wed, 30 Dec 2020 12:52:16 GMT
server: cloudflare
etag: "5fec7800-24edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iUv%2FG5z6Mk%2BbCSavs9dcKJp4kzwounNoMTlzwUtM1%2FwURIcImR9nOzOloIu%2BxnqCMwJeGTVLBFQBh8BCz1dbvWJN7BKrDY%2FTi7uDCsjfcpmUZRi2b8HTf%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
expires: Fri, 29 Jan 2021 06:38:22 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60a78108997a4aaf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 79ms
58ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47107
x-xss-protection: 0
server: cafe
etag: 13290078405355148527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Dec 2020 22:40:44 GMT

GET
H/1.1 200
OK afu.php Show response
stawhoph.com/ 0
0 51ms
26ms Script
text/html 139.45.197.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://stawhoph.com/afu.php?zoneid=3807985
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 139.45.197.10 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

35 KB
13 KB

431ms
146ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 5b75fff20db6cffa171ba455d4cfbf358906881cf7684cb74fe8ed96bdf30da1

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Date: Thu, 31 Dec 2020 22:40:45 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK 16229 Show response
duetgypsyantis.com/txrerrgoIMFbsRz8/ 0
1 KB 93ms
52ms Script
text/html 37.59.184.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://duetgypsyantis.com/txrerrgoIMFbsRz8/16229

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

37.59.184.172 , France, ASN16276 (OVH, FR),

Reverse DNS

ip172.ip-37-59-184.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK BidVertiser.dbm Show response
bdv.bidvertiser.com/ 10 KB
10 KB 456ms
300ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-store
Connection: close
Content-Length: 10318
Content-Type: text/javascript

GET
H2 200 dataTables.bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/ 4 KB
1 KB 22ms
19ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/dataTables.bootstrap.min.css

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 499301
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 757
cf-request-id: 075c8ef936000063476a21b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-10c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e28Yq%2F%2FsLrpO%2BRW4IjUVFNFwHk9NbYeEdkze%2BqaMmDhvTRBA8WVFuzQmF53i6Npl9RSVkzDt6ZZSiDrUFtcEgxnF%2BtheNBEkXoVTUzrpm7Hp2zFvFYF%2FwumxyYpYUhWA5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60a781085dea6347-FRA
expires: Tue, 21 Dec 2021 22:40:44 GMT

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 15 KB
6 KB 241ms
167ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Oct 2020 20:53:30 GMT
Server: NetDNA-cache/2.2
ETag: W/"3d43-5b2ad3d436e46"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 61 KB
16 KB 75ms
37ms Script
application/javascript 108.161.189.78
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://m.servedby-buysellads.com/monetization.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c36d0137fae67049d8ed418abfca53f793ad4532fbbbea0d0479e04ec94ca5c0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Sep 2020 16:42:42 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: DE41AD8C66CA3DA3
ETag: W/"9f6e8e31f2c6d5c51d33f86a6cdf4b3c"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: AtuwevFWB8QMHu+7y84tFLWDHk8zU9pbl9CbotPO+FiHjNaOJxzFACDtlVrQeYX11Thk5iSE0zQ=
Expires: Fri, 01 Jan 2021 22:40:44 GMT

GET
H/1.1 200
OK 21435 Show response
seaboblit.com/1clkn/ 0
1 KB 97ms
28ms Script
application/javascript 172.255.6.232
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://seaboblit.com/1clkn/21435
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 172.255.6.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2

200

tracking.js Show response
cdn.adskeeper.co.uk/transit/
Redirect Chain

http://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000

2 KB
1 KB

309ms
211ms

Script
application/javascript

104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: F1701AB270E55398
cf-polished: origSize=3494
last-modified: Mon, 04 May 2020 12:18:45 GMT
x-amz-id-2: ahjf8bOEwwVa3SEgnUgssjGfRNI2uh9oMq687FW5U3E2b7/1AXr+4HxNYFkIHLH+N3eN5G8EyAI=
cf-bgj: minify
server: cloudflare
etag: W/"1c5cadbe93778de01d8453e269cb0be3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-request-id: 075c8ef9d700000c85952ea000000001
cf-ray: 60a781095ec50c85-AMS
expires: Fri, 01 Jan 2021 02:40:45 GMT

Redirect headers

Date: Thu, 31 Dec 2020 22:40:44 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60a781089b0d2056-AMS
cf-request-id: 075c8ef95e000020564516c000000001
Expires: Thu, 31 Dec 2020 23:40:44 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 17:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104146
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Dec 2021 17:44:58 GMT

GET
H2 200 pastebin.com.1056221.js Show response
jsc.adskeeper.com/p/a/ 203 KB
60 KB 79ms
13ms Script
text/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83093a54a6a75a140c2d6acc919a5b554b00157643187e1c0867309f0be16aa

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6114
cf-ray: 60a781094a3e4abc-FRA
content-length: 60936
x-amz-id-2: ILXWeGx9EdQivMS+2UBXUj2Xrc2wnEiAOgX8ailgmAjEuJxRvNDYi8hqnTbna2rRLwX2pppGmyY=
last-modified: Mon, 21 Dec 2020 15:07:01 GMT
server: cloudflare
etag: "7ab2655fb585b8996a339eda5e9fd5e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6F8C64661D2F8AC3
cache-control: public, max-age=14400
cf-request-id: 075c8ef9d100004abc05b9a000000001
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 01 Jan 2021 02:40:45 GMT

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 2260 0
0 62ms
46ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

213.239.209.209 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 31 Dec 2020 22:40:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK wrez Show response
mellowads.com/js/ 81 KB
40 KB 255ms
254ms Script
text/javascript 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1
Requested by: Host: mellowads.com
URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Protocol: HTTP/1.1
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Thu, 31 Dec 2020 22:40:52 GMT
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 60a78109fd8f1f3d-FRA
Content-Length: 40288
cf-request-id: 075c8efa3900001f3d172b6000000001
Expires: Fri, 31 Dec 2021 22:40:52 GMT

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 22ms
22ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/ 0
0 239ms
166ms Script
text/html 2600:9000:20a5:ae00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a5:ae00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:28:19 GMT
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 758
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-type: text/html
cache-control: public, max-age=7200
x-amz-cf-pop: OSL50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 38HeZ2OAbc1D1J6XHXhPBIKF5fXZXCu2HPqciGEqtVubRyMA_OGN9g==

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

54 KB
19 KB

83ms
31ms

Script
text/javascript

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

53356d4b971e64c07518673224e84d3693009b5511ef2010c1e3bf7aacc8c254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "741 / 590 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Thu, 31 Dec 2020 22:40:46 GMT

Redirect headers

Date: Thu, 31 Dec 2020 22:29:46 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 659
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Thu, 31 Dec 2020 22:59:46 GMT

GET
H/1.1 200
OK me Show response
ipfind.co/ 366 B
586 B 357ms
337ms XHR
application/json 50.18.199.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Server: 50.18.199.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-199-66.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b0b6255cbe6c6cba882a1465cf9d4d89996d4ad5ab6de0828efbbf1a1d6bc13c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 234

GET
H/1.1 200
OK pop.js Show response
c1.popads.net/ 31 KB
10 KB 69ms
30ms Script
application/javascript 2a02:6ea0:c700::4
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: http://c1.popads.net/pop.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::4 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:45 GMT
Content-Encoding: gzip
X-77-NZT-Ray: nR9G3o6fCbw=
X-Edge-POP: frankfurtDE
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
X-77-NZT: AcO1rzUYsHDv3BMAAA==
Last-Modified: Sun, 22 Nov 2020 20:51:03 GMT
Server: CDN77-Turbo
ETag: W/"5fbacf37-7a55"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-Edge-IP: 195.181.175.53
X-Age: 5084
Expires: Fri, 01 Jan 2021 01:16:01 GMT

GET
H2 204 utx Show response
ssionsupre.fun/ 0
423 B 177ms
121ms XHR
text/plain 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssionsupre.fun/utx?cb=2Z1xY0E4yfqt&top=daffodil-ruddy-run.glitch.me&tid=822524
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:45 GMT
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: B8m2rQLZLg1-xNTqi75ltfLnKd9QjBERhw9AZhiVsodk3r0tld1Q-A==

GET
H/1.1 200
OK BygbHygnNXQdPD53cDMgFSR9ByktA2Iubj4Obx45MSdOPDcKJVIqCDwpBDErLjhnEhMiK1Q4NwEXUBwMAAFcWyIzJEYEACJ+ZS8eI3hVExACLlwIIzQed1gXPndwIA0sIVIqPiQtWz0rJApwGAA+d3AzIw1+Zi0DAgIFLTUFGUYbA1UeczwCESdsHHwMPFkFKlsiW...
ssionsupre.fun/TzZrWmYuVAg3WS4LCXwTPVpWf1QJE1kcAn1FCSARIlUMbwciRFh0BSNZHj4APVkFLkghUx9/VAlsCWsWGmEBOSsBYgRiJQ1FERchLGYzDQ4nVyoULAJ1CGsxHQ8FFTIZVSo9DiJ7PTFXA2UyFQUND1MTJQ1iPjcSNngHAyQfYQdiMyhzXjsxPG... Frame 74AD 0
0 148ms
132ms Document
text/html 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ssionsupre.fun/TzZrWmYuVAg3WS4LCXwTPVpWf1QJE1kcAn1FCSARIlUMbwciRFh0BSNZHj4APVkFLkghUx9/VAlsCWsWGmEBOSsBYgRiJQ1FERchLGYzDQ4nVyoULAJ1CGsxHQ8FFTIZVSo9DiJ7PTFXA2UyFQUND1MTJQ1iPjcSNngHAyQfYQdiMyhzXjsxPGQvMFJ9bBwULANfOms+CX9fEA8BUyoZK3d7AG4gKXUubSUof1oWDAFUKiASN1cjHAcrcTl/VAl0PWMfAGIfDyQlZwwUMx5+DWgFFnMHaxcfYjkeJSVsEzsnLHUkIAJqBC0YMHcHIWleCW4SEB4udw8/BygbHygnNXQdPD53cDMgFSR9ByktA2Iubj4Obx45MSdOPDcKJVIqCDwpBDErLjhnEhMiK1Q4NwEXUBwMAAFcWyIzJEYEACJ+ZS8eI3hVExACLlwIIzQed1gXPndwIA0sIVIqPiQtWz0rJApwGAA+d3AzIw1+Zi0DAgIFLTUFGUYbA1UeczwCESdsHHwMPFkFKlsiWQA3NH1dBQARPWIsKg
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ssionsupre.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1238
Connection: keep-alive
Date: Thu, 31 Dec 2020 22:40:45 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: -W6HQ5zKeBpON4IRGqu6pLVThHjOE5QLGno9YwXlr0I9-W25FD2uUA==

GET
H2 204 utx Show response
ssionsupre.fun/ 0
424 B 121ms
121ms XHR
text/plain 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssionsupre.fun/utx?cb=0KzrCAsAa46t&top=daffodil-ruddy-run.glitch.me&tid=898034
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:46 GMT
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 8YoHMja7viTASnQJiB2R6IgLD3F0R3OakRJT5eM9Uqg3Oxis36LLJA==

GET
H/1.1 200
OK CBh9LnolQFUUZBRHaxliNiBwG1MhKXYVegA0CztYewBrAHIvIGBPZgkYXyBRKQVCPXIbAn0eSDMnVkZ6CzJLNXkAIFUtWwc7aS9yNiAKMX4hH3Y2aRdIQS1bBFQKMXMrOFQyWnIgYhl1cxRTBwAgJHpCaDgrHUVyEAhLFVQKAmsRdQAJWzJxNyULIQYRQlMUUywCY...
ssionsupre.fun/QnE4dzAjE1saDyNMWlFFMB0FUgIEVAoxVHACWg1HLxJfQlEvAwtZUy4eTRNWMB5WAx4sFExSAgQ4W0cJdyAIOmELM1sbVgMSVT9od0ZrGVQIEnATZgggVwR8Ez9BNmF2HmgeR3QyehRRCB0ARH8QFUEkdxcHfR51JxdVImcLI0hSAgASVCJFCi... Frame D81D 0
0 122ms
122ms Document
text/html 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ssionsupre.fun/QnE4dzAjE1saDyNMWlFFMB0FUgIEVAoxVHACWg1HLxJfQlEvAwtZUy4eTRNWMB5WAx4sFExSAgQ4W0cJdyAIOmELM1sbVgMSVT9od0ZrGVQIEnATZgggVwR8Ez9BNmF2HmgeR3QyehRRCB0ARH8QFUEkdxcHfR51JxdVImcLI0hSAgASVCJFCiJ+UgIAIwocfg8ITy5TKgJAOFgtFnk0QzAyUSFWDBhyOHkqKA08WHobfzBqOj9gB2ghQ2I1VnM0TT5YAxx+DVMxMHsTUyEwfiBWFxpJO2EhAH4gajogQT5pCzZiNVY6KE8tWwRUCjFxFStAJgN3O3A/ego0fVpIMytTMRVwN38zfTg5QRh/CBh9LnolQFUUZBRHaxliNiBwG1MhKXYVegA0CztYewBrAHIvIGBPZgkYXyBRKQVCPXIbAn0eSDMnVkZ6CzJLNXkAIFUtWwc7aS9yNiAKMX4hH3Y2aRdIQS1bBFQKMXMrOFQyWnIgYhl1cxRTBwAgJHpCaDgrHUVyEAhLFVQKAmsRdQAJWzJxNyULIQYRQlMUUywCYDtlLgZbNVRxIlYxSQQpYVFaMR5WBw06PFM6UwE6bB5Z
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ssionsupre.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1261
Connection: keep-alive
Date: Thu, 31 Dec 2020 22:40:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: Vul54MYsUCJ5fZ1J-UqdttCz2ej52JSW4Gu2BhBddIQHCE7rsEKSVw==

GET
H2 204 utx Show response
ssionsupre.fun/ 0
424 B 123ms
123ms XHR
text/plain 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssionsupre.fun/utx?cb=PAMQshJb0qTZ&top=daffodil-ruddy-run.glitch.me&tid=889494
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:46 GMT
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: cK_RzVQ_BA-u-I8vPavDB2cb_5jrjKUCEgnbW6rXB0pUv3Czp6MUtQ==

GET
H/1.1 200
OK NjQWAQQyEAAKFCM2CDoWGiUWBRITJiA7DC46FzhzLzYPBBQgIQwbAQAjC2I9NCkXHj8wGzVlES89CgIBLj4MERwTPgMVLidDLj4WGikeAQIlJhwFITApAxUuJCILYwQdEAoUHTUkAxY9MyotIykjQh80EiA6IhYoPRAIYzU9KXc3KTA2HDkdIEYWFRIlEAs7MTYpK...
ssionsupre.fun/d3NGU0UWESU+ehZOJHUwBR97dncxVnQVIUUAJCkyGhAhZiQaAXV9JhscMzcjBRwoJ2sZFjJ2dzE0IwsHISkACiQ/CTUQJCZDHB4TGwYXBikfKxEZIzAaHx8KNh8IHhRPAAI0FxomPh0IJyExFwcjJREaF0MKFBYDDTACMB0xQS4QCA8QEjIDIQ... Frame AFEE 0
0 151ms
138ms Document
text/html 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ssionsupre.fun/d3NGU0UWESU+ehZOJHUwBR97dncxVnQVIUUAJCkyGhAhZiQaAXV9JhscMzcjBRwoJ2sZFjJ2dzE0IwsHISkACiQ/CTUQJCZDHB4TGwYXBikfKxEZIzAaHx8KNh8IHhRPAAI0FxomPh0IJyExFwcjJREaF0MKFBYDDTACMB0xQS4QCA8QEjIDIQQBERREJBEZIzUwEx8VIiIVGT1HVnQVAxAYfxcGTycQOgQxEj4CIzsEdmUDJTUxBS01Ph4+EzUpAz8cODITYgA1Ry4QPCIhEAQcGhB2JwQnMik6DTULMQUoLiYDBx81KQM4Iz0YADgWJhsxBSgtOhcSaAclHzofMRUDFS4kIQM/AzMcJRE/NjQWAQQyEAAKFCM2CDoWGiUWBRITJiA7DC46FzhzLzYPBBQgIQwbAQAjC2I9NCkXHj8wGzVlES89CgIBLj4MERwTPgMVLidDLj4WGikeAQIlJhwFITApAxUuJCILYwQdEAoUHTUkAxY9MyotIykjQh80EiA6IhYoPRAIYzU9KXc3KTA2HDkdIEYWFRIlEAs7MTYpKjA8JiYIPRMjMQd1LwQcKCN4Exg8JDFERANmCD4UFR8
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ssionsupre.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1270
Connection: keep-alive
Date: Thu, 31 Dec 2020 22:40:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: PsGoWcBjaOqqP6v8yReyFwAtmZY7xsyTF4eCnu2IZ-wGVlR4w2QIBA==

GET
H/1.1 200
OK YmlyeDQDCxEVCwNUEF5BEAVPXQYkTEA+UFAaEAJDDwoVTVUPG0FWVw4GBxxSEAYcDBoMDAZdBiQ6IUgNJT0fSFsrKhUXYQhRHzFaLD8US0xSDDQAQCg9JxB1GB0LNmYBKzY5ABYPCh8NAz07SHc6M1dKdjsqOzV+MQFFGXUFBT4wQEdbNCtNDRs4MHo4CyYXWgEeM...
ssionsupre.fun/ Frame 7BEA 0
0 122ms
122ms Document
text/html 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ssionsupre.fun/YmlyeDQDCxEVCwNUEF5BEAVPXQYkTEA+UFAaEAJDDwoVTVUPG0FWVw4GBxxSEAYcDBoMDAZdBiQ6IUgNJT0fSFsrKhUXYQhRHzFaLD8US0xSDDQAQCg9JxB1GB0LNmYBKzY5ABYPCh8NAz07SHc6M1dKdjsqOzV+MQFFGXUFBT4wQEdbNCtNDRs4MHo4CyYXWgEeMxN6MVEbOWcSGBY5XDszKkFeBC9DEn0LCgY6dzdeOSwEJAscD3EDWEtPfgsORDt3BhgWMAAjIhsAXgQvQhNkJSdKIGAsGBYwAQEMCjoHBwM4XQYgMx82DDo6HV0GJCcbMX0yKh0TfjM4V0pyAwdfKX01IRpMVSpYEBpaU1soH20IJgsLXTEhGTVtUREWMk07HTlIXFcPCz1GJgAzH1ZQHRQdTRUcIjl9DyIfNgwpWjxAVSpcNh4HV1sULXpbDx82DDo9FQ19IVEUMVkSWTE+XFYMNRANNVtCTlFRBjgzbApMQDp4U1wLHmw0UDYwBVcPQSJWLgdHXQYgIhVBAwQhJwliOgFLHE0KPFQSRw0HAkVHOwU1OV9THAQ
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ssionsupre.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1242
Connection: keep-alive
Date: Thu, 31 Dec 2020 22:40:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: sHDDplDbyUk2AbiiiFfjrRaXN1i3ij3TTB2NQA9Fgw_Ef606ppJLCw==

GET
H/1.1 200
OK zone Show response
kumteerg.com/ 716 B
1 KB 21ms
20ms Fetch
application/json 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c3b93b2a749e6b0380ce5c25ebd3f686c01ad27494a014117ae8831e1c9b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f6ce85dc18ec4bcd17257fc63385a186
Date: Thu, 31 Dec 2020 22:40:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
kumteerg.com/pfe/current/ 188 KB
54 KB 72ms
34ms Fetch
application/javascript 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK zone Show response
choupsee.com/ 716 B
1 KB 23ms
22ms Fetch
application/json 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c3b93b2a749e6b0380ce5c25ebd3f686c01ad27494a014117ae8831e1c9b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 316449ed1749b864d1779d53e6945d9a
Date: Thu, 31 Dec 2020 22:40:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
choupsee.com/pfe/current/ 188 KB
54 KB 71ms
35ms Fetch
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK ads-priv.php Show response
syndication.exosrv.com/ 0
314 B 41ms
26ms Script
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exosrv.com/ads-priv.php?i=0
Requested by: Host: a.exosrv.com
URL: https://a.exosrv.com/popunder1000.js
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 utx Show response
ssionsupre.fun/ 0
425 B 122ms
121ms XHR
text/plain 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssionsupre.fun/utx?cb=jZlfmTJgSnsG&top=daffodil-ruddy-run.glitch.me&tid=737329
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:46 GMT
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: -x0wQAmnjnjzmEDwaL_51fJCzx_JRMc_SRVb2Atx5bGNbDKB3SHMLw==

GET
H/1.1 200
OK JwNVcjowewFiXzNWYVgxMgRhbFozQ1V1JiBrdHJbJ3B9XjEyQnJiBTdDeAUYJ2h0XxgmRhVeGx5fQwkDH0NUQQMmdHl1XAs
ssionsupre.fun/aHExMzQJE1JeCwlMUxVBGh0MFgYuVAN1UAIHCApHEB5AQ0JZQB9QWAcEVVVGBx9FHVoNBRQBcgEkXVtkMRxoS3oRNHRkZzEJegINOihmCgw9NwgDeQIGf3B3Ih17ckM9P2IDXyYifGpzMAJoYncxGHoCDTAVdWJBLDB3RVIBHnxxY1EBUGJ5Kz... Frame 7D91 0
0 125ms
124ms Document
text/html 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ssionsupre.fun/aHExMzQJE1JeCwlMUxVBGh0MFgYuVAN1UAIHCApHEB5AQ0JZQB9QWAcEVVVGBx9FHVoNBRQBcgEkXVtkMRxoS3oRNHRkZzEJegINOihmCgw9NwgDeQIGf3B3Ih17ckM9P2IDXyYifGpzMAJoYncxGHoCDTAVdWJBLDB3RVIBHnxxY1EBUGJ5Kzx2ZQM6M3haehEjV3dNPVQDdX4PRXV6YFgCc1h1Bj5pemQrIlZLfR9FeVcGBztnA1wBF2kCZzwbCQZ4KQJ4eV4LSXJYegA2XENlPhtCAXsfEnpXBhhUA3VwHxJJVWxZInJgclEXZ3pRDENBFgYuJABqegkpHEANPUJFClI+OHl6XQ8bc0txWz5YYngtH1VCdz4VZ2lsMklndnoPEHZQfiwYaAJ9WBVkdmxZSGRUW188SEN8PjZ4FgYuOlZ2ejgpd0JhLihJfnBYP3JJUFEXYmFRMSlrFgYuJXd5Xgk5SX5hLz8IVWIhJ3xJAB00cAoHCRZda2I/JwNVcjowewFiXzNWYVgxMgRhbFozQ1V1JiBrdHJbJ3B9XjEyQnJiBTdDeAUYJ2h0XxgmRhVeGx5fQwkDH0NUQQMmdHl1XAs
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ssionsupre.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1265
Connection: keep-alive
Date: Thu, 31 Dec 2020 22:40:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2a29e84e317dcbf526e3d2cf9be30bf7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: kptq5_oCZYde3ifw57dMt5wp-y8NJnzR4tUDpFRnQK-s-Y8lm-fnGQ==

GET
H/1.1 200
OK DwkPA3JREyY1cQkiKAonXghzImE1HiI+PhYwNioDUwY
ssionsupre.fun/R2RXY1EmBjQObiZZNUUkNQhqRmMBQWUlNS0SbloiPwsmEyd2VXkAPSgRMwUjKAojTT8iEHJRFwAzESEGJQ88VAE9Ax4HODBRGg8fYlYVAmMjCA87PWJWFSw4EiYdGjkzIGYMASUDDjkSPykvKQUkAhUUKSAlAgRoDg4FEQl1XGcuBSAuMytldi... Frame 98AC 0
0 122ms
121ms Document
text/html 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ssionsupre.fun/R2RXY1EmBjQObiZZNUUkNQhqRmMBQWUlNS0SbloiPwsmEyd2VXkAPSgRMwUjKAojTT8iEHJRFwAzESEGJQ88VAE9Ax4HODBRGg8fYlYVAmMjCA87PWJWFSw4EiYdGjkzIGYMASUDDjkSPykvKQUkAhUUKSAlAgRoDg4FEQl1XGcuBSAuMytldisWUmEmPA5QEi4QOzkZBgYcJAR+KwUyNgkgIFACdBcyOQkvATUkISACMC4+CB48VxYuPSUsGQkAFFBgLj4wAD8LIAJVAnQQODMFJCo1JCEgKwVSIiYJFhYCdBA4OgYeHDIkJhc9ZwciJgkWUBktD2ctAmohGygrClEeCCVwLDo1PRAzMxELKSo0BgkGUwcLPiwqHzU6CzMvEggDCx8qO3ZVDSVlMjQDLmgGMxVaCCo9GSoCKEFlJR4wECQCOR0RDzQ1KAI6KTciMyNGYwU9EVoiJgkWDxU+XGIqO34oMhtkKz4BDz8mVg0UFnQ2JC0VFT40Nz0tBmYbZyYeEQQGDyYwOTsJAjQ3Jj4+O1JnFyM/DwkPA3JREyY1cQkiKAonXghzImE1HiI+PhYwNioDUwY
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: ssionsupre.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1255
Connection: keep-alive
Date: Thu, 31 Dec 2020 22:40:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: HAM50-C3
X-Amz-Cf-Id: iRb8PrLA6Rwzq_VlvOkpj6oozPqSIhobPuAPabiTrZ2YAjZD_UBWdg==

GET
H2

200

link-converter.min.js Show response
cdn.shorte.st/
Redirect Chain

http://cdn.shorte.st/link-converter.min.js
https://cdn.shorte.st/link-converter.min.js

116 KB
43 KB

34ms
19ms

Script
application/javascript

2606:4700:20::ac43:4a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/link-converter.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 59
cf-request-id: 075c8f012d00004abd4a1c3000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-1d196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zjh7nLAV04OgxZdRe%2FHeFPPDQsRivzStK8eE4OeTRoUaOnvKCV%2FDK4ZASkbE3Dy57Qy4VqooDvcFr8d4KJJa5XOx3SCuv0asy0APkV09nw5vvYIL2a0R%2F061"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-id: shn10
cache-control: max-age=14400
cf-ray: 60a781151ad74abd-FRA
expires: Thu, 31 Dec 2020 23:39:47 GMT

Redirect headers

Date: Thu, 31 Dec 2020 22:40:46 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 269
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZuNCvZsqicA2Y4jj3HVsiKBoI9ZcguVBUXdOQgS65xyLQhurGENa3v%2BL6o7P8Gjv7pAmnsFcFI7vNSBrzVDtYB%2F2bmbz%2BW0ordaLxAFcrI3o4qsicF9whYjd"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.shorte.st/link-converter.min.js
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 60a78114a966dfd7-FRA
Content-Length: 0
cf-request-id: 075c8f00e90000dfd7f42cc000000001

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 26A2 0
0 32ms
32ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

213.239.209.209 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 31 Dec 2020 22:40:46 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 56ms
42ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Dec 2020 22:40:46 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 274E 0
0 25ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 31 Dec 2020 09:58:13 GMT
expires: Thu, 14 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 45753
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 68ms
38ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Thu, 31 Dec 2020 22:40:46 GMT

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 20ms
20ms Other
text/plain 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 31 Dec 2020 22:40:46 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 20ms
20ms Fetch
application/json 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 4dce89a73ed36050de11f3cd410cb0a8
Date: Thu, 31 Dec 2020 22:40:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
785 B 93ms
22ms Fetch
application/json 139.45.195.106
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=0156ea146fe84161bf54bba911c8a1d4&zoneId=3808000&checkDuplicate=true&ymid=&var=

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.106 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e5ea1343868c3acd69584664859978d5e3d190796ca96df00e0ab12769853c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 / Show response
c.adsco.re/ 35 KB
13 KB 31ms
13ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eacc7097f3eae108f595cfc03f6bb1d844c6f73d895aa27a2207eab61b8e6bc7

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:46 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 178932
etag: W/"78koaH8UEi7/MrMZjzwPeA=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: max-age=43200,public,immutable,no-transform
cf-ray: 60a781159f3b2ba1-FRA
link: <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
cf-request-id: 075c8f017f00002ba1171ea000000001
expires: Wed, 30 Dec 2020 08:58:34 GMT

GET
H/1.1 200
OK p
adsco.re/ 0
323 B 95ms
29ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H2 200 /
6.adsco.re/ 0
281 B 26ms
13ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: no-store, max-age=0
cf-ray: 60a78115cf962ba1-FRA
access-control-allow-headers: Content-Type
cf-request-id: 075c8f019f00002ba1702a9000000001

POST
H/1.1 200
OK p Show response
adsco.re/ 0
429 B 209ms
193ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
601 B 22ms
11ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Server: cloudflare
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: no-store, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60a78115edba178a-FRA
Access-Control-Allow-Headers: Content-Type
cf-request-id: 075c8f01af0000178a7e8ab000000001

GET
H/1.1 200
OK / Show response
rrlivmkcc4nz.l.adsco.re/ 0
464 B 92ms
21ms XHR
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://rrlivmkcc4nz.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET /
rrlivmkcc4nz.n.adsco.re/ 0
0

GET /
rrlivmkcc4nz.s.adsco.re/ 0
0

GET
H/1.1 200
OK /
c.adsco.re/ Frame BADB 0
0 19ms
12ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=43200,public,immutable,no-transform
Link: <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
Expires: Wed, 30 Dec 2020 08:58:35 GMT
ETag: W/"78koaH8UEi7/MrMZjzwPeA=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 178932
cf-request-id: 075c8f01b700002bc6f9010000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 60a78115f97d2bc6-FRA

GET
H/1.1

200
OK

cm
ws-na.assoc-amazon.com/widgets/ Frame 9F3A
Redirect Chain

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

0
0

418ms
108ms

Document
text/html

52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: ws-na.assoc-amazon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thu, 31 Dec 2020 22:40:48 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset: UTF-8
Access-Control-Allow-Origin: *
Vary: User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 360
Connection: keep-alive
x-amz-rid: N30C52QKE2Y9XB8YVKF2
Location: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent

GET
H/1.1 200
OK 1120283
ad.a-ads.com/ Frame 7766 0
0 35ms
35ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1120283?size=120x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

213.239.209.209 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

213-239-209-209.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 0
333 B 330ms
313ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=0675148164826&DIF=2
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Len: 0
Date: Thursday, 31-Dec-2020 22:40:47 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 01-Jan-2020 22:40:47 GMT
CONNECTION: Close
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame 4226 0
0 323ms
311ms Document
text/html 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=4043314041894&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=4043314041894&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bdv.bidvertiser.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thursday, 31-Dec-2020 22:40:47 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 01-Jan-2020 22:40:47 GMT
Set-Cookie: bdv_c12p=235; domain=.bidvertiser.com; path=/; expires=Fri, 01-Jan-2021 22:40:47 GMT bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Fri, 01-Jan-2021 22:40:47 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5919
CONNECTION: Close

GET
H/1.1 200
OK CKYD553E.json Show response
srv.buysellads.com/ads/ 642 B
729 B 41ms
27ms XHR
application/json 68.183.0.10
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://srv.buysellads.com/ads/CKYD553E.json?segment=placement:eefiojre9hugu9rgtrtfrg
Requested by: Host: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Server: 68.183.0.10 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: //srv.buysellads.com /
Resource Hash: 7b1acc72c04de6ded7653cf6091cccf91d35b7131ae7a1cc1f9c283537516ff4

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 477

GET
H2

200

adskeeper.uk.16162.js Show response
jsc.adskeeper.co.uk/a/d/
Redirect Chain

http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120114234047
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120114234047

201 KB
55 KB

36ms
35ms

Script
text/javascript

104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120114234047
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 612
cf-polished: origSize=205752
last-modified: Thu, 10 Dec 2020 12:15:05 GMT
x-amz-request-id: 3C41F2CB9D64BF30
x-amz-id-2: KqOPyJXtld8/bHaoYPrlXEqOjickc2s3lYsF21oVsrepLKjVGqC/PXszof75Q+AgfCKYypKMS60=
cf-bgj: minify
server: cloudflare
etag: W/"2b75edd098a9c576d71b01ee14cc45d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-request-id: 075c8f02c000000c85cc30c000000001
cf-ray: 60a7811798a10c85-AMS
expires: Fri, 01 Jan 2021 02:40:47 GMT

Redirect headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120114234047
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60a781172e640bf5-AMS
cf-request-id: 075c8f027b00000bf5f2159000000001
Expires: Thu, 31 Dec 2020 23:40:47 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 369 KB
94 KB 141ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: br
last-modified: Wed, 30 Dec 2020 19:28:34 GMT
etag: "5fd23012-17727"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96039
expires: Thu, 31 Dec 2020 23:40:47 GMT

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 0C39 0
0 387ms
131ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: VertaMedia 1.0
Date: Thu, 31 Dec 2020 22:40:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 655
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 530 /
ssp.zryydi.com/bid/ 0
0 118ms
49ms Script
text/html 104.28.10.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1609454447220
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.28.10.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sh-overlay.css
cdn.shorte.st/css/ 3 KB
1 KB 37ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/css/sh-overlay.css
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5
cf-request-id: 075c8f027300004abd1907f000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A8HJscDFBpSMZckV%2BIzhqc%2FllwkFMKD6OZBi6fsH%2FGCt34f%2B9uIhHK7%2BvMNZoqi3FnRWZ2UfxsRjrPRw5Ek0Ql8IqfeTUmWZpL%2BsQnKD%2Fj9agovPXu%2BOWI%2FJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server-id: shn03
cache-control: max-age=14400
cf-ray: 60a781171e094abd-FRA
expires: Thu, 31 Dec 2020 23:40:42 GMT

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p405661.mycdn.co/banners/script/ 176 KB
53 KB 68ms
24ms Script
application/javascript 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p405661.clksite.com
URL: http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 26 Dec 2021 22:40:47 GMT

GET
H/1.1 200
OK CKYICKQI.json Show response
srv.carbonads.net/ads/ 1 KB
982 B 72ms
23ms Script
application/javascript 68.183.5.87
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYICKQI.json?segment=placement:dsawrewreafera&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.5.87 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: //srv.buysellads.com /
Resource Hash: e7195fb6abbc404a2a172dbdd41b5403f4dfac0a307c3bbc7ea0bdca11f5402c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 743
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

OPTIONS
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/ Frame 0
0 226ms
50ms Other
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Protocol: HTTP/1.1
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Thu, 31 Dec 2020 22:40:47 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn10
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3 Show response
api.shorte.st/start-adsession/ 74 B
844 B 159ms
97ms XHR
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: d0e1791560a5982b67c3879cc35c411e08b5ef257a11d43240d21c6b5c522a39

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn13
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

GET
H2 200 1550855426-cc_dark.png
cdn4.buysellads.net/uu/1/41334/ 11 KB
11 KB 67ms
20ms Image
image/png 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/41334/1550855426-cc_dark.png
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7759bb6adbc39d2000687d6a73cf665edcc92bdbe7b2de317aa734c9e1a210dd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
last-modified: Fri, 22 Feb 2019 17:10:27 GMT
server: NetDNA-cache/2.2
x-amz-request-id: E4F55D26E267CA68
etag: "a36b7b5a42caecd405d45a8506ce930c"
x-cache: HIT
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 11004
x-amz-id-2: VObiFQK87FGs3cWRf94W4lWN1huuOK6Qj6SNlxgBvas1RiepVk26n5QxhzfA/Kc+mOBYiLR0sSA=
expires: Sun, 26 Dec 2021 22:40:47 GMT

GET
H/1.1 200
OK defaultSkin.min.js Show response
kumteerg.com/pfe/current/ 56 KB
19 KB 23ms
23ms Fetch
application/javascript 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/defaultSkin.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
871 B 209ms
209ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 009f48e6506d0419b75df1315a812d99d36ffb9209ef0db54880c8bd1c270220

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 31 Dec 2020 22:40:47 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 display.php Show response
www.tradeadexchange.com/a/ 6 KB
2 KB 170ms
128ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 8FCE 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 19ms
19ms Other
text/plain 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 21ms
21ms Fetch
application/json 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c6bcb7d5d62658d6457d2a479e25a90a
Date: Thu, 31 Dec 2020 22:40:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Dec 2020 00:21:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 512362
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Sun, 26 Dec 2021 00:21:25 GMT

GET
H/1.1 200
OK it-ui-comp-6.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 19ms
19ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5da0"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 26 Dec 2021 22:40:47 GMT

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 885 B
1 KB 304ms
290ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=405661_796127_3&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp405661.mycdn.co&bs=6&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DFLOATING_BANNER%26evp%3Du6geJV4sLGsDkIYfb4a6rfbWwvziNp_1nDHhmKrMWGNSmWjc4wS7AtOcsuLsuqmC%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600&pid=405661&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCigzml31rpo
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: b9191fec06ecd43d46ae0ae4fdfeb61701f54e628eaaeec74ca126d2fac06a5e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/1056221/ 2 KB
2 KB 191ms
190ms Script
application/x-javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1056221/1?w=1584&h=90&cols=3&pv=5&cbuster=1609454447469679703792&uniqId=0d3f2&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&lu=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pageView=1&pvid=176baf5eb6eba0652df&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51e451c2500f2dd940aa8c5892d58aa6ebb8ccdceec48de761409bbdc2ed0280

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60a78118bdaa4abc-FRA
cf-request-id: 075c8f036f00004abc0584e000000001

GET
H2

200

1 Show response
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Af...

186 B
268 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234047%3Aet%3A1609454448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A574500606273%3Arqn%3A1%3Arn%3A838094563%3Ahid%3A840679631%3Ads%3A7%2C14%2C313%2C1%2C0%2C0%2C0%2C2358%2C15%2C%2C%2C%2C2696%3Afp%3A350%3Awn%3A56508%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454448%3Au%3A1609454448103293572%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 31-Dec-2020 22:40:47 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:40:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
last-modified: Thu, 31-Dec-2020 22:40:47 GMT
location: /watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234047%3Aet%3A1609454448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A574500606273%3Arqn%3A1%3Arn%3A838094563%3Ahid%3A840679631%3Ads%3A7%2C14%2C313%2C1%2C0%2C0%2C0%2C2358%2C15%2C%2C%2C%2C2696%3Afp%3A350%3Awn%3A56508%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454448%3Au%3A1609454448103293572%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:40:47 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
last-modified: Wed, 30 Dec 2020 19:28:30 GMT
etag: "5feccb44-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 31 Dec 2020 23:40:47 GMT

GET
H2 200 display.php Show response
www.tradeadexchange.com/ad/ 62 KB
13 KB 226ms
225ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/ad/display.php?stamat=m%7CEqdjY3djaQdHkAH0dEdHP3xP.b10%2C2t5FkDDYpjxJXsMWHSh7wBG6VAx_Q9TxSSvYJWOcEw4dSpf7D6GmDmyZSIE8TU3Rf5JfCV5UIoLDL7XypVKwg-FjfCltSEkn7hJbpfh2SXkWpx7cxTFor-Pw5rOWUi3bakgeDt_H4Ls0EESx1DddAQ%2C%2C&cbrandom=0.6344232228693583&cbtitle=Trying%20to%20reach%20the%20most%20ads%20since%202020&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by: Host: www.tradeadexchange.com
URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 1d6532eb3ef5eae5f2c7f60b3d8de9c6d83ae2e056c542ec32098b854bb6ca49

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <track.new-incoming.email>; rel=dns-prefetch,<track.new-incoming.email>; rel=preconnect,<www.tradeadexchange.com>; rel=dns-prefetch,<www.tradeadexchange.com>; rel=preconnect
via: 1.1 google

GET
H/1.1 200
OK popunder.gif
ueaggress.top/ 35 B
501 B 156ms
141ms Image
image/gif 13.225.80.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ueaggress.top/popunder.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.225.80.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Miss from cloudfront
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Connection: keep-alive
Content-Length: 58
Via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: _mvtLOLdFUC4y38iaw9KEFHyd7c50go6RQt536wzVOKj7O0IJ98mhQ==

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
174 B 105ms
97ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?consentData=&gdprApplies=0&cbuster=160945444767698970879
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 62e60792-165d-4304-9a02-c9cc1bc8e42f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60a7811a0fc84abc-FRA
cf-request-id: 075c8f044200004abc24862000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 452E 19 B
265 B 111ms
107ms Script
application/javascript 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1609454447680421622745
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 0549aff6-e943-468f-9472-4c24df7851a9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60a7811a0fc44abc-FRA
cf-request-id: 075c8f044100004abc010b7000000001
server: cloudflare

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 29ms
29ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 3163
x-amz-request-id: 6PEP2GFTAXCZ1P8P
x-amz-id-2: awjbrX4F7+T7E8//5V/5VrkLWDTT1/YECdwfEV59Zfq1cONPKKtaP9bgtly76TYIEGqKlSe8+Ko=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 075c8f044700000c85e9397000000001
cf-ray: 60a7811a0cca0c85-AMS
expires: Fri, 01 Jan 2021 02:40:47 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDIwLTAxLzI4MDYzNi8xMmFkZDg3NjkzODg2NmE3ZDMxYTlhYmM3OTJiNzczZC5qcGc.webp
s-img.adskeeper.com/g/5094911/492x328/0x0x492x328/ 16 KB
17 KB 20ms
12ms Image
image/webp 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5094911/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDIwLTAxLzI4MDYzNi8xMmFkZDg3NjkzODg2NmE3ZDMxYTlhYmM3OTJiNzczZC5qcGc.webp?v=1609454447-A86JCVCAWSISA2jfqcGHerui9L6fxcEIL91TzH9ru8w
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7b62eec10f8436af666ec3e69a71e5fa80a42d95be921a89d4e54e8781ea5f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Dec 2020 13:19:37 GMT
x-mg-request-uuid: e65e3d9c-8c14-4fbe-bd4d-7b96d3a8f72d
age: 495409
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 60a7811a0fd94abc-FRA
content-length: 16870
cf-request-id: 075c8f044800004abcfd382000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMjcvMjgwNTk0LzBmZjc4NWQ1YjE2NDZkNDkxMjVmMDQ5YzlhN2FjMDVhLmpwZw.webp
s-img.adskeeper.com/g/6613148/492x328/0x0x492x328/ 11 KB
11 KB 21ms
13ms Image
image/webp 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/6613148/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMjcvMjgwNTk0LzBmZjc4NWQ1YjE2NDZkNDkxMjVmMDQ5YzlhN2FjMDVhLmpwZw.webp?v=1609454447-lXdCmABG81ewyj5YFAxjqKb7vJgbDq3TZCI5k7I1GYo
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67017222cfe6c3af54c01408190df2241e1b37e793def882b8538dca3e34e27b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Nov 2020 11:55:01 GMT
x-mg-request-uuid: 5142cfb1-18e9-469f-a96d-fd207a0d7294
age: 481777
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 60a7811a0fd84abc-FRA
content-length: 10796
cf-request-id: 075c8f044800004abcf7985000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTIvMzMxNjk5LzIwYzIzZTllZGMwYWYwYmQyZTIxYmM2NGZkNDJhYzBiLmpwZw.webp
s-img.adskeeper.com/g/7753662/492x328/0x152x564x376/ 35 KB
35 KB 29ms
20ms Image
image/webp 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7753662/492x328/0x152x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTIvMzMxNjk5LzIwYzIzZTllZGMwYWYwYmQyZTIxYmM2NGZkNDJhYzBiLmpwZw.webp?v=1609454447-f55qZxLV1eYfg5ZDQopRQJOap_EmqpQyZPaPyWmC_Bo
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44772434521b590875080c607b081adc487fb54c4e74033c45df7ec59c397ce6

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 17:10:08 GMT
x-mg-request-uuid: 09321c76-5a58-4beb-b54e-1861a4efbe8a
age: 538239
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 60a7811a0fd64abc-FRA
content-length: 35598
cf-request-id: 075c8f044800004abcfaa73000000001
server: cloudflare

OPTIONS
H/1.1 200
OK 12e776fc80396dc3394c54fb101786e066ea5b1b
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ Frame 0
0 77ms
77ms Other
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/12e776fc80396dc3394c54fb101786e066ea5b1b
Protocol: HTTP/1.1
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Thu, 31 Dec 2020 22:40:47 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn03
X-UA-Compatible: IE=Edge

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
18 KB

5ms
5ms

Script
text/javascript

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6640
date: Thu, 31 Dec 2020 20:50:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 31 Dec 2020 22:50:07 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 12e776fc80396dc3394c54fb101786e066ea5b1b Show response
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ 456 B
1 KB 71ms
69ms XHR
text/html 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/12e776fc80396dc3394c54fb101786e066ea5b1b
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: a9ab3d5b903a516068e9b73b153e67011602e04595964abd476cf59d52297241

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/html

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn05
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK c Show response
serve.popads.net/ 0
272 B 137ms
122ms Script
application/javascript 216.21.13.16
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://serve.popads.net/c?_=BAoAX-5TbwFf7lNvgAGBAsAAIFcqIr4HNMJsRBrjQEAiyF0oY_j_dgdfEgR0RuPlzkSvwQBHMEUCIQDdv90jTtJAPSDKhO14AC3g02SYDPi1U9XkJccPJf9kiAIgR25DMjRvSo6VfT4Bxb_sW4nY5ck0e1tyXUzZqK57CHfCACCMCeAMtS9cmQky99ED90Cxa0kjQo3NgPyVZStsI-u0j8QAECoBBPgBklQUAAAAAAAAAALFABBPbMWmZpvUDh0ryjkf4XQ4wwBHMEUCICl3ScyXMCIAP6Fa9FSsyhDvPfbu1bScB7sO82qyNyCSAiEA3YMi3pX1YryjF0PxXkM-hRnzLuKPPfve82Votcbr4LE&v=4&siteId=1&minBid=&popundersPerIP=67,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: HTTP/1.1
Server: 216.21.13.16 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Thu, 07 Jan 2021 22:40:47 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
397 B 45ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=307606188&t=pageview&_s=1&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&_u=YEBAAEABAAAAAC~&jid=1508578835&gjid=1705449819&cid=164817876.1609454448&tid=UA-42296749-1&_gid=1314409033.1609454448&_r=1&_slc=1&z=1472415795

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 multi Show response
ssionsupre.fun/ 4 KB
2 KB 171ms
170ms XHR
text/plain 54.230.183.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssionsupre.fun/multi?tid=898034&red=1&cs=V1dVd1lmYWBCPDJjNBVpZWZgE2ln&abt=0&v=1.0.48.2&sm=76&k=&sts=64&prn=0&emb=0&fs=1&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=1&uloc=&if=0&_QwCP=1609454447789&crc=1
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: d3d485c10ee0c0368227e077881a1c75a86529741b810b30185cc2dd16ad1761

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:47 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1872
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
x-amz-cf-id: 0Up3ZQV2nLnsuqsF2BYzFIcIKIplSGurjnUGGbqmWn2E7wPX6Y3pMQ==

GET
H/1.1 200
OK it-banner-frame.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 3EB9 2 KB
1 KB 19ms
18ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 26 Dec 2021 22:40:47 GMT

GET
H2 200 ecom_6x.png
p405661.mycdn.co/ext/onn/floating/ Frame 3EB9 6 KB
6 KB 61ms
19ms Image
image/png 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p405661.mycdn.co/ext/onn/floating/ecom_6x.png
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2fc5d86179e79fb7f46c3eca75a7968fa8f2948e0a9f97fa26830bb2ed2aee3

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 31 Dec 2020 22:40:47 GMT
last-modified: Mon, 05 Feb 2018 08:26:33 GMT
server: NetDNA-cache/2.2
etag: "5a781539-16b5"
x-cache: HIT
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 5813
expires: Sun, 26 Dec 2021 22:40:47 GMT

GET
H2

200

promotion-bestseller-special-1308.html
www.gearbest.com/ Frame 3809
Redirect Chain

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.pro...
https://shorteh.com/afu.php?zoneid=1241630
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=368641270882513091

0
0

3675ms
344ms

Document
text/html

184.24.7.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=368641270882513091
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.7.88 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /promotion-bestseller-special-1308.html?lkid=45687009&cid=368641270882513091
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
pragma: public
last-modified: Thu, 31 Dec 2020 22:40:51 GMT
gbcdnlang: en
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: EXPIRED
content-encoding: gzip
content-length: 47136
x-edgeconnect-midmile-rtt: 0 0 0
x-edgeconnect-origin-mex-latency: 206 206 206
cache-control: public, max-age=60
expires: Thu, 31 Dec 2020 22:41:51 GMT
date: Thu, 31 Dec 2020 22:40:51 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=50aafb24507bbf46eefde07a7ba5ca28; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Thu, 31-Dec-2020 23:40:51 GMT; path=/; domain=gearbest.com; secure; HttpOnly

Redirect headers

Server: nginx
Date: Thu, 31 Dec 2020 22:40:48 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 2689f2916f5aa464986a8327fd80c05b
Link: <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect" <https://www.gearbest.com>; rel="dns-prefetch preconnect",<https://propeller-tracking.com>; rel="dns-prefetch preconnect"
Referrer-Policy: no-referrer
Location: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=368641270882513091
Set-Cookie: OAID=8510313c38844d35a116e2e4eb6e5d25; expires=Fri, 31 Dec 2021 22:40:48 GMT; secure; SameSite=None oaidts=1609454448; expires=Fri, 31 Dec 2021 22:40:48 GMT; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
DATA 200
OK truncated
/ Frame 0C6F 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK top-close-2.png
p405661.mycdn.co/img/new-comp/ 1 KB
1 KB 18ms
18ms Image
image/png 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p405661.mycdn.co/img/new-comp/top-close-2.png
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9

Request headers

Referer: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 22:40:48 GMT
Last-Modified: Mon, 14 Nov 2016 16:34:57 GMT
Server: NetDNA-cache/2.2
ETag: "5829e7b1-464"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1124
Expires: Sun, 26 Dec 2021 22:40:48 GMT

GET
H2 200 c
c.adskeeper.com/ 43 B
297 B 61ms
59ms Image
image/gif 2606:4700::6812:1141
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=310|81|8|mgAWTvZUnU2JjBvK6xWc8Kbo-Q1LxDsJO5rVFE4RjYW5Q0XVrl7xJJ7tjf2qo5ZW&fw=1&extjs=66044&v=310|81|8|1V5neAmrdEbouP9BPWraCQzfAh9otto3uk91yl9ZaexYgk8GA44KCNCNnhv4tkyL&v=310|81|8|rCGHSfxkm2yZysReAFYYrv5rucbwPBPBkTiPuYORzkQxa-UnKo33BmIKUu3YcPIq&cid=1056221&h2=gnPj4Upfd8jEoYtO8PfayKeZqbihNWaZ19O6oMGrR-Q*&rid=39c318b0-4bb9-11eb-b55a-d094662f8ab5&tt=Direct&pageImp=1&cbuster=1609454448887742715727&tpl=0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ef74b851-ed8b-404e-951e-25cb73d456d8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60a781218e004abc-FRA
cf-request-id: 075c8f08f600004abcf79da000000001
server: cloudflare

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 403ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=731106098&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=840679631&wv-part=1&browser-info=ti%3A8%3Aet%3A1609454450%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20201231234047%3Abt%3A1%3Ast%3A1609454450%3Au%3A1609454448103293572

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:50 GMT
last-modified: Thu, 31-Dec-2020 22:40:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:40:50 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 102ms
91ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=844349321&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=840679631&wv-part=1&browser-info=ti%3A8%3Aet%3A1609454448%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20201231234047%3Ast%3A1609454450%3Au%3A1609454448103293572

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:50 GMT
last-modified: Thu, 31-Dec-2020 22:40:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:40:50 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 45ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=687820898&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=840679631&wv-part=2&browser-info=ti%3A8%3Aet%3A1609454450%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20201231234047%3Abt%3A1%3Ast%3A1609454452%3Au%3A1609454448103293572

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:52 GMT
last-modified: Thu, 31-Dec-2020 22:40:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:40:52 GMT

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 55ms
18ms Other
text/plain 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 31 Dec 2020 22:40:55 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 54ms
19ms Fetch
application/json 139.45.196.201
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a79a82527699ca899daf51ef64ca5e7e
Date: Thu, 31 Dec 2020 22:40:55 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2

200

metric
c.adskeeper.co.uk/
Redirect Chain

http://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRy...
https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInR...

43 B
667 B

145ms
145ms

Image
image/gif

104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4zMTQsImRvbUNvbXBsZXRlIjoxMC44MTksInBhZ2VMb2FkVGltZSI6MTAuODI0LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyMiwicmVzcG9uc2VFbmRUaW1lIjowLjMzNn19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 88849e3d-dcb5-4167-948f-1af0881a25fd
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, User-Agent, Referer
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-method: HEAD, OPTIONS, POST
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60a7814c7d110c85-AMS
content-type: image/gif
cf-request-id: 075c8f23ce00000c85f5a73000000001
server: cloudflare

Redirect headers

Date: Thu, 31 Dec 2020 22:40:55 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4zMTQsImRvbUNvbXBsZXRlIjoxMC44MTksInBhZ2VMb2FkVGltZSI6MTAuODI0LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyMiwicmVzcG9uc2VFbmRUaW1lIjowLjMzNn19
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60a7814c5a799d72-AMS
cf-request-id: 075c8f23b200009d72deab0000000001
Expires: Thu, 31 Dec 2020 23:40:55 GMT

OPTIONS
H/1.1 200
OK 11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/12e776fc80396dc3394c54fb101786e066ea5b1b/ Frame 0
0 50ms
50ms Other
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/12e776fc80396dc3394c54fb101786e066ea5b1b/11
Protocol: HTTP/1.1
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Thu, 31 Dec 2020 22:40:56 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn03
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 11 Show response
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/12e776fc80396dc3394c54fb101786e066ea5b1b/ 15 B
784 B 67ms
67ms XHR
application/json 78.140.188.188
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/12e776fc80396dc3394c54fb101786e066ea5b1b/11
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 31 Dec 2020 22:40:56 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn05
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
95 B 12ms
12ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=307606188&t=event&_s=2&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&ec=interstitial&ea=callback&el=success&_u=aEBAAEABAAAAAC~&jid=714154815&gjid=887184799&cid=164817876.1609454448&tid=UA-42296749-1&_gid=1314409033.1609454448&_r=1&z=1169425252

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=470629653&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=840679631&wv-part=3&browser-info=ti%3A8%3Aet%3A1609454455%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20201231234047%3Abt%3A1%3Ast%3A1609454457%3Au%3A1609454448103293572

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:40:57 GMT
last-modified: Thu, 31-Dec-2020 22:40:57 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:40:57 GMT

GET
H2

200

1
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%...
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1609454444511%3As%3A1600x1200x24%3As...

43 B
71 B

45ms
45ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234102%3Aet%3A1609454463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A114%3Als%3A574500606273%3Arqn%3A2%3Arn%3A406082546%3Ahid%3A840679631%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C10819%2C10819%2C5%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454463%3Au%3A1609454448103293572

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:41:02 GMT
last-modified: Thu, 31-Dec-2020 22:41:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:41:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Dec 2020 22:41:02 GMT
last-modified: Thu, 31-Dec-2020 22:41:02 GMT
location: /watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1609454444511%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201231234102%3Aet%3A1609454463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A114%3Als%3A574500606273%3Arqn%3A2%3Arn%3A406082546%3Ahid%3A840679631%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C10819%2C10819%2C5%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1609454463%3Au%3A1609454448103293572
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 31-Dec-2020 22:41:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rrlivmkcc4nz.n.adsco.re
URL: https://rrlivmkcc4nz.n.adsco.re/

Domain: rrlivmkcc4nz.s.adsco.re
URL: https://rrlivmkcc4nz.s.adsco.re/

Verdicts & Comments Add Verdict or Comment

383 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 15:47:26	Name: PugT Value: 1609454450
.pubmatic.com/	1970-01-19 15:47:26	Name: KRTBCOOKIE_1074 Value: 22956-e_73c8c5d4-92d8-460d-8a8e-3cca7dbee262
.pubmatic.com/	1970-01-19 15:47:26	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.adtelligent.com/	1970-01-19 16:33:31	Name: a309255 Value: c8ad0123-ea46-4947-bbfd-7ad3fa396eff
.adtelligent.com/	1970-01-19 16:33:31	Name: vmuid Value: f05c61312944c791
.adtelligent.com/	1970-01-19 16:33:31	Name: a306114 Value: PM_UID2D2ADCD7-3D29-47A1-AC58-7EFC59A3F82E
.pubmatic.com/	1970-01-19 15:47:26	Name: KRTBCOOKIE_699 Value: 22727-AAPsOU6_3KcAABDKRywcOQ
.adtelligent.com/	1970-01-19 16:33:31	Name: a310756 Value: 9af503b8e96ba7c00bf1660e6d0724551e0a9048
.pubmatic.com/	1970-01-19 17:13:50	Name: PUBMDCID Value: 3
.tribalfusion.com/	1970-01-19 17:13:50	Name: ANON_ID Value: aVnseFpyXagbqiVREF6wGAvfnYt8G8Za6JHWGY6ncywxrQgMd3hMk834wiIOSpdZcE8Ma3rqUZaPj1yn9Bj8QaL
.adtelligent.com/	1970-01-19 16:33:31	Name: a307355 Value: xhiBbclfHl20DbNHqD03
daffodil-ruddy-run.glitch.me/	1969-12-31 23:59:59	Name: waldo-pbjs-pubCommonId Value: 2c002cc6-a34e-476a-8faf-f93dfafa26c1
.doubleclick.net/	1970-01-19 15:04:15	Name: test_cookie Value: CheckForPermission
.pubmatic.com/	1970-01-19 15:47:26	Name: KRTBCOOKIE_1101 Value: 23040-6912554231449778327

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 22) Message: triggered on event listener
console-api	log	URL: https://c.adsco.re/(Line 16) Message:
console-api	debug	URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 21) Message: sending ad server request
console-api	warning	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 1) Message: USP is not accessible
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	warning	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 1) Message: USP is not accessible
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
a.exosrv.com
ad.a-ads.com
ads.shorte.st
adsco.re
ajax.googleapis.com
api.shorte.st
bdv.bidvertiser.com
c.adsco.re
c.adskeeper.co.uk
c.adskeeper.com
c1.popads.net
cdn.adskeeper.co.uk
cdn.carbonads.com
cdn.shorte.st
cdn.thisiswaldo.com
cdn4.buysellads.net
cdnjs.cloudflare.com
choogeet.net
choupsee.com
cm.adskeeper.com
coinpayu.com
d2sbzwmcg5amr3.cloudfront.net
daffodil-ruddy-run.glitch.me
djv99sxoqpv11.cloudfront.net
duetgypsyantis.com
fonts.gstatic.com
googleads.g.doubleclick.net
infopicked.com
ipfind.co
jsc.adskeeper.co.uk
jsc.adskeeper.com
kumteerg.com
m.servedby-buysellads.com
mc.yandex.ru
mellowads.com
my.rtmark.net
onegalact.com
p405661.clksite.com
p405661.mycdn.co
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rcm-na.amazon-adsystem.com
rrlivmkcc4nz.l.adsco.re
rrlivmkcc4nz.n.adsco.re
rrlivmkcc4nz.s.adsco.re
s-img.adskeeper.com
s.adtelligent.com
seaboblit.com
securepubads.g.doubleclick.net
serve.popads.net
servicer.adskeeper.com
shorteh.com
srv.buysellads.com
srv.carbonads.net
ssionsupre.fun
ssp.zryydi.com
stawhoph.com
syndication.exosrv.com
ueaggress.top
waxtamnit.com
ws-na.assoc-amazon.com
www.gearbest.com
www.google-analytics.com
www.tradeadexchange.com
rrlivmkcc4nz.n.adsco.re
rrlivmkcc4nz.s.adsco.re
104.19.132.80
104.19.133.80
104.28.10.139
108.161.189.78
13.224.195.73
13.225.80.103
139.45.195.106
139.45.195.242
139.45.196.200
139.45.196.201
139.45.196.73
139.45.197.10
162.252.214.5
172.217.23.98
172.255.6.232
173.192.101.24
184.24.7.88
185.200.118.90
213.239.209.209
216.21.13.16
23.111.10.140
2600:9000:20a5:ae00:9:46dc:4700:93a1
2600:9000:214f:3a00:1d:bf0d:abc0:21
2600:9000:21f3:2a00:4:164e:ca00:93a1
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:20::681a:46b
2606:4700:20::681a:c1a
2606:4700:20::ac43:4a21
2606:4700::6810:135e
2606:4700::6810:8916
2606:4700::6811:a7ba
2606:4700::6812:1141
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a02:6b8::1:119
2a02:6ea0:c700::4
2a0c:5c81:5095:0:225:90ff:fefa:245d
35.190.74.92
37.59.184.172
50.18.199.66
51.68.161.17
51.68.161.20
52.3.60.128
52.46.129.238
52.46.131.85
54.230.183.59
54.241.51.109
68.183.0.10
68.183.5.87
78.140.188.188
94.31.29.128
94.31.29.32
95.211.229.245
009f48e6506d0419b75df1315a812d99d36ffb9209ef0db54880c8bd1c270220
01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
13332c9d8032d23d6094327fe6d4ab8fc561613da9f640e57b92046d82e0eed4
1d6532eb3ef5eae5f2c7f60b3d8de9c6d83ae2e056c542ec32098b854bb6ca49
26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2c3b93b2a749e6b0380ce5c25ebd3f686c01ad27494a014117ae8831e1c9b7b2
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc
44772434521b590875080c607b081adc487fb54c4e74033c45df7ec59c397ce6
51e451c2500f2dd940aa8c5892d58aa6ebb8ccdceec48de761409bbdc2ed0280
53356d4b971e64c07518673224e84d3693009b5511ef2010c1e3bf7aacc8c254
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b75fff20db6cffa171ba455d4cfbf358906881cf7684cb74fe8ed96bdf30da1
5e0a9e9b6a8061cb91728a76e9421f4ccfa71eb1e0e6569e69ac317d272eb712
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67017222cfe6c3af54c01408190df2241e1b37e793def882b8538dca3e34e27b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f
7759bb6adbc39d2000687d6a73cf665edcc92bdbe7b2de317aa734c9e1a210dd
7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9
7b1acc72c04de6ded7653cf6091cccf91d35b7131ae7a1cc1f9c283537516ff4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
98d5dd7cc6ab426d1133b936c32ba0f65c2213603ececcd0c03f17b8e5ba7443
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2fc5d86179e79fb7f46c3eca75a7968fa8f2948e0a9f97fa26830bb2ed2aee3
a83093a54a6a75a140c2d6acc919a5b554b00157643187e1c0867309f0be16aa
a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568
a9ab3d5b903a516068e9b73b153e67011602e04595964abd476cf59d52297241
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7b62eec10f8436af666ec3e69a71e5fa80a42d95be921a89d4e54e8781ea5f
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b0b6255cbe6c6cba882a1465cf9d4d89996d4ad5ab6de0828efbbf1a1d6bc13c
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474
b9191fec06ecd43d46ae0ae4fdfeb61701f54e628eaaeec74ca126d2fac06a5e
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c36d0137fae67049d8ed418abfca53f793ad4532fbbbea0d0479e04ec94ca5c0
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
d0e1791560a5982b67c3879cc35c411e08b5ef257a11d43240d21c6b5c522a39
d236a22714ff1a245799617bfce64c211df93f03adb3396b8bf6fecbaab86d24
d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074
d3d485c10ee0c0368227e077881a1c75a86529741b810b30185cc2dd16ad1761
d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9
e1e3d80cdb230733b5fe84893fc1ad2a202451055cbfd3bf90fd7810fe420cc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5ea1343868c3acd69584664859978d5e3d190796ca96df00e0ab12769853c36
e7195fb6abbc404a2a172dbdd41b5403f4dfac0a307c3bbc7ea0bdca11f5402c
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b
eacc7097f3eae108f595cfc03f6bb1d844c6f73d895aa27a2207eab61b8e6bc7
f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

daffodil-ruddy-run.glitch.me Open in urlscan Pro 52.3.60.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

120 Requests

58 %HTTPS

35 %IPv6

48 Domains

65 Subdomains

54 IPs

7 Countries

1544 kBTransfer

4182 kBSize

14 Cookies

9 Outgoing links

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

daffodil-ruddy-run.glitch.me Open in urlscan Pro
52.3.60.128 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

58 %
HTTPS

35 %
IPv6

48
Domains

65
Subdomains

54
IPs

7
Countries

1544 kB
Transfer

4182 kB
Size

14
Cookies

120 HTTP transactions
3 data transactions