3.217.106.26 Open in urlscan Pro
3.217.106.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://3.217.106.26/r/aws/comments/bmzgpq
Submission: On May 20 via manual (May 20th 2020, 11:37:32 pm UTC) from US

Summary HTTP 58 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 58 HTTP transactions. The main IP is 3.217.106.26, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 3.217.106.26.

This is the only time 3.217.106.26 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	3.217.106.26 3.217.106.26	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	213.196.2.1 213.196.2.1	7979 (SERVERS) (SERVERS)
3	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
6	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1 1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
4	88.85.66.164 88.85.66.164	35415 (WEBZILLA) (WEBZILLA)
1	2606:4700:20:... 2606:4700:20::681a:87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	188.42.224.97 188.42.224.97	35415 (WEBZILLA) (WEBZILLA)
58	25

6 3.217.106.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-106-26.compute-1.amazonaws.com

3.217.106.26	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.196.2.1 (Netherlands)

ASN7979 (SERVERS, US)

www.bcloudhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oauth.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.85.66.164 (Netherlands)

ASN35415 (WEBZILLA, NL)

native.propellerclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.224.97 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	32 KB
6	reddit.com www.reddit.com oauth.reddit.com	172 KB
6	google.com adservice.google.com www.google.com	36 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
4	propellerclick.com native.propellerclick.com	123 KB
3	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	99 B
3	jsdelivr.net cdn.jsdelivr.net	541 KB
2	facebook.com www.facebook.com
2	gstatic.com fonts.gstatic.com	25 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	bcloudhost.com www.bcloudhost.com
2	facebook.net connect.facebook.net	62 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	wowreality.info o.wowreality.info	398 B
1	lalaping.com static.lalaping.com	33 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	ytimg.com s.ytimg.com	24 KB
1	googletagmanager.com www.googletagmanager.com	32 KB
1	youtube.com www.youtube.com	941 B
58	20

	Domain	Requested by
6	platform.twitter.com	3.217.106.26 platform.twitter.com
5	www.google.com
4	native.propellerclick.com	cdn.jsdelivr.net native.propellerclick.com
4	pagead2.googlesyndication.com	3.217.106.26 pagead2.googlesyndication.com
3	oauth.reddit.com	cdn.jsdelivr.net
3	www.reddit.com	cdn.jsdelivr.net
3	cdn.jsdelivr.net	3.217.106.26
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.facebook.com	connect.facebook.net
2	fonts.gstatic.com	cdn.jsdelivr.net
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.bcloudhost.com	3.217.106.26
2	connect.facebook.net	3.217.106.26 connect.facebook.net
2	fonts.googleapis.com	3.217.106.26
1	o.wowreality.info	static.lalaping.com
1	static.lalaping.com	native.propellerclick.com
1	syndication.twitter.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	3.217.106.26
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	s.ytimg.com	www.youtube.com
1	www.googletagmanager.com	3.217.106.26
1	www.youtube.com	3.217.106.26
58	25

This site contains links to these domains. Also see Links.

Domain
globalclimatestrike.net
aws.amazon.com
status.aws.amazon.com
www.youtube.com
www.datamation.com
www.highscalability.com
reinventvideos.com
www.reddit.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
native.propellerclick.com Let's Encrypt Authority X3	`2020-04-27` - `2020-07-26`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://3.217.106.26/r/aws/comments/bmzgpq
Frame ID: 2011726AC9AC287BAF97407776E3D540
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Frame ID: 3AFE9E9140187836DEF5BE690F0BC25C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=http%3A%2F%2F3.217.106.26
Frame ID: 2FD4C3553038648B64E449BC31294E48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2409109107298024&output=html&adk=1812271804&adf=3025194257&lmt=1590017815&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2F3.217.106.26%2Fr%2Faws%2Fcomments%2Fbmzgpq&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590017814967&bpp=12&bdt=272&idt=370&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=188136868656&frm=20&pv=2&ga_vid=1800324921.1590017815&ga_sid=1590017815&ga_hid=1595974662&ga_fc=0&iag=0&icsg=33555104&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2662568909129803&pem=484&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=402
Frame ID: 6D8177D27AA2D61F3497E308767D9281
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dfb9088a499a8d8%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff25baf3b875424c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
Frame ID: D794DF9F9BCFCF10860B1BF6CACD5830
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dfec5b5a675f1fc%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff25baf3b875424c%26relation%3Dparent.parent&container_width=8&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
Frame ID: A0A34D706D9467AC80BABC002FB4BFF8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Frame ID: EB5CBA5199698B5C55A5E0AB1AE37699
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Frame ID: C19CBCCE5FFA62647C692BCE6F89C773
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A5E9C4369F3433014D270187B14B1985
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 9059F35988EA318B39377B0756927C1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

58
Requests

69 %
HTTPS

77 %
IPv6

20
Domains

25
Subdomains

25
IPs

6
Countries

1281 kB
Transfer

4828 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://globalclimatestrike.net/
Title: SACRIFICE. DISRUPT. SURVIVE.

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/blogs/aws/
Title: Amazon Web Services blog

Search URL Search Domain Scan URL

URL: http://status.aws.amazon.com/
Title: AWS status page

Search URL Search Domain Scan URL

URL: http://aws.amazon.com/documentation/
Title: AWS documentation

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AmazonWebServices/
Title: AWS YouTube channel

Search URL Search Domain Scan URL

URL: http://www.datamation.com/cloud-computing/
Title: Datamation

Search URL Search Domain Scan URL

URL: http://www.highscalability.com/
Title: High Scalability

Search URL Search Domain Scan URL

URL: https://reinventvideos.com/
Title: re:Invent Videos

Search URL Search Domain Scan URL

URL: http://www.reddit.com/message/compose/?to=%2Fr%2Faws&subject=sidebar+tweaks+-+aws
Title: here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1595974662&t=pageview&_s=1&dl=http%3A%2F%2F3.217.106.26%2Fr%2Faws%2Fcomments%2Fbmzgpq&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=77676997&gjid=1913908562&cid=1800324921.1590017815&tid=UA-63873786-1&_gid=927926982.1590017815&_r=1&gtm=2ou5e1&z=581562136 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63873786-1&cid=1800324921.1590017815&jid=77676997&_gid=927926982.1590017815&gjid=1913908562&_v=j82&z=581562136

Request Chain 40

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request bmzgpq Show response
3.217.106.26/r/aws/comments/ 5 KB
2 KB 195ms
189ms Document
text/html 3.217.106.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://3.217.106.26/r/aws/comments/bmzgpq
Protocol: HTTP/1.1
Server: 3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-106-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: ae89b8646ad6ff18f2c8c5c3b5af4efc137299b1d13f25cd344815d4ebd59359

Request headers

Host: 3.217.106.26
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Powered-By: Express
Content-Type: text/html; charset=utf-8
ETag: W/"15e2-WQCFKHqtDyVTOvQvoFst9aJEKoA"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 20 May 2020 23:36:54 GMT
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 css
fonts.googleapis.com/ 4 KB
743 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Varela+Round

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7e9a68e1353f429c9ebcb47bd1de5d23148dfdc33e34ceec85514a798381c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 May 2020 23:36:54 GMT
server: ESF
date: Wed, 20 May 2020 23:36:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 May 2020 23:36:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
465 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 May 2020 23:36:54 GMT
server: ESF
date: Wed, 20 May 2020 23:36:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 May 2020 23:36:54 GMT

GET
H2 200 scrolls.min.css
cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/ 517 KB
51 KB 35ms
15ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/scrolls.min.css?v=11

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26bb78ea1e4c6b1bc3159c83cd1702729e4e4b4e6c2266d5d5c1948b71ed9dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19280
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 02d60b88bf00000610eaa26200000001
x-served-by: cache-ams21033-AMS, cache-fra19173-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"813c4-2z652LoWOZ2NEfyfrKf5GMrO+V4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 5969e1edfddb0610-FRA

GET
H2 200 spells.min.js Show response
cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/ 2 MB
435 KB 34ms
15ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfb591c09c2d31711238d00f2877eaa42e76f47dfc2e8ae12657535369fd1a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19280
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 02d60b88bf00000610eaa27200000001
x-served-by: cache-ams21035-AMS, cache-fra19136-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"1b09f5-vLBIetNX5o2c+91NW7fOpRjeONc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 5969e1edfdde0610-FRA

GET
H2 200 Snoocore-browser.min.js Show response
cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/ 179 KB
56 KB 32ms
13ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c4e9a045b53a3b401198fa21daa873b4f2f7cb751a7acd6c46425328ef0fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19280
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 02d60b88bf00000610eaa28200000001
x-served-by: cache-fra19173-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2cad7-FH4SbEMmtU7J6CPXZIF+YSXf/uI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 5969e1edfddf0610-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
941 B 22ms
21ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

356470ecae629c4fca9dd90185acda1af87e4662ee332289a058e3203ff83b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
32 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-63873786-1

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88e9fa8fa5e9e06ccc370ceeda4c209e1c5047f07e3aa9d9d8e179c81a1ddccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33138
x-xss-protection: 0
last-modified: Wed, 20 May 2020 22:21:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 May 2020 23:36:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df3a4e99b66b965484d70f521a3baf44141a9c1ebd35f6bd975d26289c6d1e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39288
x-xss-protection: 0
server: cafe
etag: 669631406470174203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 20 May 2020 23:36:54 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl6tgGSV/ 65 KB
24 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl6tgGSV/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d629b8bbf0a5c8f3a6bb0221251b7758d53f04e7d81069b7b537729cc80086a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 May 2020 22:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89803
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24505
x-xss-protection: 0
last-modified: Tue, 19 May 2020 20:12:25 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 27 May 2020 22:40:11 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3274836744165cebdbf53f9b3ce7b0b3fa14bc3cb2b43b88ca1b3a38b5c193c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9MesMd5BXMfEAgsEuFMAZg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1779
etag: "b4fa791cf825fa1152ff90cc78c2fde8"
x-fb-debug: D6Nl4RkwzkruHcbMvn9cleKJs0WGx13V+78H+6IsPQocLWuFAnixVg2li2wSDpGUwZbe2VtO0wP10pE5xKDHcg==
x-fb-trip-id: 664085054
x-fb-content-md5: 095e14a611abbd2c36d109b8422ea92a
x-frame-options: DENY
date: Wed, 20 May 2020 23:36:54 GMT, Wed, 20 May 2020 23:36:54 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 20 May 2020 23:40:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 30ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:25:55 GMT
Server: ECS (fcn/4188)
Age: 128
Etag: "580310dcde7e145486d79be6e5257680+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29223

GET
H/1.1 403
Forbidden invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 43ms
34ms Script
application/javascript 213.196.2.1
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq
Protocol: HTTP/1.1
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 20 May 2020 23:36:54 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=3.217.106.26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=3.217.106.26

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/ 218 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83958
x-xss-protection: 0
server: cafe
etag: 14927078227322710652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 May 2020 23:36:54 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/ Frame 3AFE 0
0 8ms
8ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200519/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://3.217.106.26/r/aws/comments/bmzgpq
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 20 May 2020 02:19:05 GMT
expires: Wed, 03 Jun 2020 02:19:05 GMT
content-type: text/html; charset=UTF-8
etag: 17826495148367054107
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4284
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 76669
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63873786-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 2435
date: Wed, 20 May 2020 22:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 21 May 2020 00:56:19 GMT

GET
H/1.1 403
Forbidden invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 25ms
24ms Script
application/javascript 213.196.2.1
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq
Protocol: HTTP/1.1
Server: 213.196.2.1 , Netherlands, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 20 May 2020 23:36:54 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=49f1ed77d4fb2ee390837e5cb8cf108c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7094ffc8ac64917847b1c34c96a1ffdf349e7313c4f7ff76d06523fec432529b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
Origin: http://3.217.106.26

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tT8nMCPHbvQb/nQHrI/UQw==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 60903
etag: "23e2f29a1e74879fed62ad7dae1ef234"
x-fb-debug: qJ02wY5jT6YkqUu5rWDnc5x49xLT7EK4RA7A9/330mNCeXJl4+/WticRPhNKBTF/ToM5bLRXD1xiKBfGHjIZdw==
x-fb-trip-id: 664085054
x-fb-content-md5: b449591ea78d1e2fd7b73b77e0ece6da
x-frame-options: DENY
date: Wed, 20 May 2020 23:36:55 GMT, Wed, 20 May 2020 23:36:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 20 May 2021 22:40:09 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1595974662&t=pageview&_s=1&dl=http%3A%2F%2F3.217.106.26%2Fr%2Faws%2Fcomments%2Fbmzgpq&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&j...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63873786-1&cid=1800324921.1590017815&jid=77676997&_gid=927926982.1590017815&gjid=1913908562&_v=j82&z=581562136

35 B
99 B

15ms
14ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63873786-1&cid=1800324921.1590017815&jid=77676997&_gid=927926982.1590017815&gjid=1913908562&_v=j82&z=581562136

Requested by

Host: 3.217.106.26
URL: http://3.217.106.26/r/aws/comments/bmzgpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 20 May 2020 23:36:55 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 May 2020 23:36:55 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63873786-1&cid=1800324921.1590017815&jid=77676997&_gid=927926982.1590017815&gjid=1913908562&_v=j82&z=581562136
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK settings Show response
3.217.106.26/api/settings/ 34 B
269 B 98ms
97ms XHR
application/json 3.217.106.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://3.217.106.26/api/settings/settings
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol: HTTP/1.1
Server: 3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-106-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: 778af31d1f99e545cfbcf7b160e16ec44de41a91a53e815b27c33be82e5b7c9f

Request headers

Accept: application/json, text/plain, */*
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
Connection: keep-alive
X-Powered-By: Express
ETag: W/"22-E3rnAh9v4Apk8HiX4AawUwe7KTs"
Content-Length: 34
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK blacklist Show response
3.217.106.26/api/ 183 B
419 B 204ms
198ms XHR
application/json 3.217.106.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://3.217.106.26/api/blacklist
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol: HTTP/1.1
Server: 3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-106-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: 7ba6f9e210aefeb05ba0a3c0d71f8ae3d6156cf2f6fbaed816362de62b48cba7

Request headers

Accept: application/json, text/plain, */*
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
Connection: keep-alive
X-Powered-By: Express
ETag: W/"b7-JIaAPuYwHW8mB7CViUXfMMCQHzk"
Content-Length: 183
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK logo.svg Show response
3.217.106.26/icons/ 939 B
1 KB 196ms
189ms XHR
image/svg+xml 3.217.106.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://3.217.106.26/icons/logo.svg
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol: HTTP/1.1
Server: 3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-106-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8f03662a1599bc58e55a0b4f2cf9a9772bea698b679ae10d866c72bf224c6968

Request headers

Accept: application/json, text/plain, */*
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
ETag: W/"3ab-16feacc0f9b"
Last-Modified: Tue, 28 Jan 2020 06:17:19 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 939

GET
H/1.1 200
OK config Show response
3.217.106.26/api/reddit/ 440 B
677 B 206ms
200ms XHR
application/json 3.217.106.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://3.217.106.26/api/reddit/config
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol: HTTP/1.1
Server: 3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-106-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5d57e062b6875f05d511767519678fa3e339ae184a2381537d4e12e902c64de0

Request headers

Accept: application/json, text/plain, */*
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
Connection: keep-alive
X-Powered-By: Express
ETag: W/"1b8-fI2/B0DKVxYj6Wem6yNOyiJecRE"
Content-Length: 440
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK sprite.svg Show response
3.217.106.26/icons/sprite/ 115 KB
16 KB 205ms
199ms XHR
image/svg+xml 3.217.106.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://3.217.106.26/icons/sprite/sprite.svg
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol: HTTP/1.1
Server: 3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-106-26.compute-1.amazonaws.com
Software: / Express
Resource Hash: 7faaf7d35aa2be9c1eafb2bfe4a08f9c8fe3018efe56d8bf0ef47c253c7c7a8e

Request headers

Accept: application/json, text/plain, */*
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
Content-Encoding: gzip
ETag: W/"1ca25-16feacc1f93"
Last-Modified: Tue, 28 Jan 2020 06:17:23 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto|Varela+Round
Origin: http://3.217.106.26

Response headers

date: Wed, 20 May 2020 11:10:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 44778
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 20 May 2021 11:10:37 GMT

GET
H/1.1 200
OK widget_iframe.2a008290075125adde2d7b849b06a0bb.html
platform.twitter.com/widgets/ Frame 2FD4 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=http%3A%2F%2F3.217.106.26
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 108433
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 20 May 2020 23:36:55 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 12 May 2020 17:24:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40AE)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
fonts.gstatic.com/s/varelaround/v12/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v12/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto|Varela+Round
Origin: http://3.217.106.26

Response headers

date: Wed, 20 May 2020 08:07:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:41 GMT
server: sffe
age: 55785
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14172
x-xss-protection: 0
expires: Thu, 20 May 2021 08:07:10 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6D81 0
0 33ms
32ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2409109107298024&output=html&adk=1812271804&adf=3025194257&lmt=1590017815&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2F3.217.106.26%2Fr%2Faws%2Fcomments%2Fbmzgpq&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590017814967&bpp=12&bdt=272&idt=370&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=188136868656&frm=20&pv=2&ga_vid=1800324921.1590017815&ga_sid=1590017815&ga_hid=1595974662&ga_fc=0&iag=0&icsg=33555104&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2662568909129803&pem=484&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=402

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2409109107298024&output=html&adk=1812271804&adf=3025194257&lmt=1590017815&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2F3.217.106.26%2Fr%2Faws%2Fcomments%2Fbmzgpq&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590017814967&bpp=12&bdt=272&idt=370&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=188136868656&frm=20&pv=2&ga_vid=1800324921.1590017815&ga_sid=1590017815&ga_hid=1595974662&ga_fc=0&iag=0&icsg=33555104&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=2662568909129803&pem=484&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=402
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://3.217.106.26/r/aws/comments/bmzgpq
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 20 May 2020 23:36:55 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 20-May-2020 23:51:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 20 May 2020 23:36:55 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589974910160429"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27764
x-xss-protection: 0
expires: Wed, 20 May 2020 23:36:55 GMT

GET
H/1.1 200
OK button.a9e51eea566eab199c00950f37200d0b.js Show response
platform.twitter.com/js/ 7 KB
3 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.a9e51eea566eab199c00950f37200d0b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: 592e35a583c401384ba6166b860a346ea7853f17287296c6a7c0c2468567330c

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:24:15 GMT
Server: ECS (fcn/4188)
Age: 108432
Etag: "92aacddeeb64a7dc76de732a636030f4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2297

POST
H2 200 access_token Show response
www.reddit.com/api/v1/ 209 B
530 B 223ms
223ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/v1/access_token

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

733e61a0b662c433f3cad6f23f985b0dcec4048ef3386f2e5fb53ce8691799fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Basic RUQxTU5JTkdQMnNib3c6Q3hFei1ocmVhbWo1SzBBNFhRSUNmUDBZZVQ0
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 May 2020 23:36:55 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 209
x-xss-protection: 1; mode=block
x-served-by: cache-man4145-MAN
x-moose: majestic
server: snooserv
x-timer: S1590017816.623996,VS0,VE141
x-frame-options: SAMEORIGIN
x-reddit-loid: 00000000006j90hfr9.2.1590017815712.Z0FBQUFBQmV4YjhYNXlKX0twQVBMaUw1M0RFZm90cVlSZjliZEVJWWZkakpXc0pZQlpiUUVkaVNjbzQ2MlgxYlF4RjhiUlUxa1VNcG9icTFtUFVMRzhTU290a3ZzSXp6eWNiQW1tRzRuM05mS2N3cThsd0ZUZDJKdmZvcW9BanpvYUNfUDdzaS0yTm4
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control: max-age=0, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Authorization,
x-cache-hits: 0

GET
H2 200 like.php
www.facebook.com/v2.12/plugins/ Frame D794 0
0 60ms
45ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dfb9088a499a8d8%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff25baf3b875424c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=49f1ed77d4fb2ee390837e5cb8cf108c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dfb9088a499a8d8%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff25baf3b875424c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://3.217.106.26/r/aws/comments/bmzgpq
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: uy3k3qSGlnw9vjUYjMKQQL7LlUTcBNqauL7mIvI4AMYLPQWx6aCm8nCDaLk8DauUvmOmNnzDT/w/Ssq/UYclCQ==
date: Wed, 20 May 2020 23:36:55 GMT Wed, 20 May 2020 23:36:55 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 like.php
www.facebook.com/v2.12/plugins/ Frame A0A3 0
0 54ms
47ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dfec5b5a675f1fc%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff25baf3b875424c%26relation%3Dparent.parent&container_width=8&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=49f1ed77d4fb2ee390837e5cb8cf108c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Dfec5b5a675f1fc%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff25baf3b875424c%26relation%3Dparent.parent&container_width=8&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://3.217.106.26/r/aws/comments/bmzgpq
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.0
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: mckkkFLE8MTbkxu5/EF9z9fZb/J3APFZKRZUtP4Cx8h5F1U0u2ChqVDGwr4Z1GZfujS7QnEqz04dDn15yKiunw==
date: Wed, 20 May 2020 23:36:55 GMT Wed, 20 May 2020 23:36:55 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200519&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d18c92cbf6281953a86065d65971c4841c46782e7e47cc77b8ae034c67f81751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 20 May 2020 23:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5638
x-xss-protection: 0

GET
H/1.1 200
OK follow_button.2a008290075125adde2d7b849b06a0bb.en.html
platform.twitter.com/widgets/ Frame EB5C 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 108431
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 20 May 2020 23:36:55 GMT
Etag: "0321d224c5360427715636498f46fd30+gzip"
Last-Modified: Tue, 12 May 2020 17:24:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4188)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 13814

GET
H/1.1 200
OK follow_button.2a008290075125adde2d7b849b06a0bb.en.html
platform.twitter.com/widgets/ Frame C19C 0
0 12ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 108431
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 20 May 2020 23:36:55 GMT
Etag: "0321d224c5360427715636498f46fd30+gzip"
Last-Modified: Tue, 12 May 2020 17:24:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4188)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 13814

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Wed, 20 May 2020 23:36:55 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A5E9 0
0 7ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://3.217.106.26/r/aws/comments/bmzgpq
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://3.217.106.26/r/aws/comments/bmzgpq

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 20 May 2020 23:08:24 GMT
expires: Thu, 20 May 2021 23:08:24 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1711
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200519&jk=2662568909129803&bg=!7-yl7PRYVFWGHiVjfWQCAAAAQ1IAAAAQmQFzDMsZBcIdLWmxwouHCoXuJbPeYOaae4Ytd_II9mKdncwkxkKo_2trO2OjhTwfgKo4lgFaPuTyfPOpSj0N6GK-lD0cPZy6qlgAyvzg8YmzgG95ta3YSdS6_26G0aUccJnrkmGYjIBkA2Amj3JR6o1uJ-xs93gcMEzsB-yY_ots6pYBz0IzJ_w6DYOuAR8yS5G2w898xWakkEXIv3wBLGKGw-JODGCqs3s7KZn1xSDdktm1_MDUOCHDV4_zWixvx0lPCiDMgZjFI5ryj02DsXqSQ0rtD9drblQxeQrbYZyJqxjs3MqqkYoE8zaB9pWVPa7OiMDuNQ2-epFH2HxENgBcHPoi3EnxwVXSNJptuuAGkIBzUlgJwDXFiJ4XqxiAVHKI3oehQHbJdC_5QQ4AR4arAK1i-Sh07QQ-G_-m6A2FJ5vyzArgaLOV8nfHPOtxodm3pTUvc8nQBoIQRogUdj3zxVzUVGWOlhDAt_TQmBNuLEmCQ7Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 May 2020 23:36:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 9059
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://3.217.106.26
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 108434
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 20 May 2020 23:36:56 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 12 May 2020 17:25:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4188)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 20 May 2020 23:36:56 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 20 May 2020 23:36:56 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 42828f2a50e66bed0ddb218d071bf75c
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 411
x-transaction: 007c12c200d43a25
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

POST
H2 200 access_token Show response
www.reddit.com/api/v1/ 209 B
523 B 163ms
162ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/v1/access_token

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

4988371f41eab4a16a4b3c41d15b4018d793c1c83d15074b619d18f68d1ef104

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Basic RUQxTU5JTkdQMnNib3c6Q3hFei1ocmVhbWo1SzBBNFhRSUNmUDBZZVQ0
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 May 2020 23:36:56 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 209
x-xss-protection: 1; mode=block
x-served-by: cache-man4145-MAN
x-moose: majestic
server: snooserv
x-timer: S1590017817.553126,VS0,VE136
x-frame-options: SAMEORIGIN
x-reddit-loid: 00000000006j90f394.2.1590017816631.Z0FBQUFBQmV4YjhZMlJQZUZhWFNsclozbmpxWERiM25qaldqOWRPQnJsTEI1cktmNkgydko1XzJUYWZsLVNaNy1DaDFMRWg1R3d5ck1TNEJpb0lJeHhLaU1aYXNhWlpTOUhBMGZkdEdWTzFfWEJSUXVQZFRSdlpHYmNZWG9jZU83U0Fpb29tbnBJSzE
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control: max-age=0, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Authorization,
x-cache-hits: 0

POST
H2 200 access_token Show response
www.reddit.com/api/v1/ 209 B
909 B 163ms
162ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/v1/access_token

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

d7b64ebb2b26ebc379118bc8c9fcbdef9c735d8ff6a0553b05b58ed92407eedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: Basic RUQxTU5JTkdQMnNib3c6Q3hFei1ocmVhbWo1SzBBNFhRSUNmUDBZZVQ0
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 May 2020 23:36:57 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
content-length: 209
x-xss-protection: 1; mode=block
x-served-by: cache-man4145-MAN
x-moose: majestic
server: snooserv
x-timer: S1590017818.550628,VS0,VE136
x-frame-options: SAMEORIGIN
x-reddit-loid: 00000000006j902cbn.2.1590017817628.Z0FBQUFBQmV4YjhaZFc0bHhDVlMwd3VDM2lsclZ2NWY5OFlGQXNDanpWWmJoTU9FY0dUdjY0eE94U2ZIZXZpX1YyMmxMM0pKdzN2U2NfazhBcnVPSS1xa1NVOGlDR1BEQk1nMzNWUThWRkR0NURjM3ZKOVBwODd3MmIzTXV1UTJEREtyS05PTXUyNTU
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control: max-age=0, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Authorization,
x-cache-hits: 0

GET
H2 200 about.json Show response
oauth.reddit.com/r/aws/ 8 KB
3 KB 183ms
182ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.reddit.com/r/aws/about.json?api_type=json

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

70b2d5c0e6ed7daab735db9174969b3f83f677ac9d879ac8453da5d4001ed93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: bearer -MTioMtjkwZVk_BW6nXyu1uE90Ho
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 May 2020 23:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 2224
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1590017818.868633,VS0,VE156
x-frame-options: SAMEORIGIN
x-served-by: cache-man4145-MAN
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Authorization, Content-Type, X-Reddit-Web-Client,
x-cache-hits: 0

GET
H2 200 default Show response
oauth.reddit.com/subreddits/ 802 KB
160 KB 369ms
368ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.reddit.com/subreddits/default?limit=50&api_type=json

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

4ba5aa5676546d2242eb17e2a22a28b9733c518d7a69a53d6e5213912e3024af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: bearer -avh0huzrQ_0LyA58M3RDHx8yjro
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 May 2020 23:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 162893
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1590017819.876762,VS0,VE342
x-frame-options: SAMEORIGIN
x-served-by: cache-man4145-MAN
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Authorization, Content-Type, X-Reddit-Web-Client,
x-cache-hits: 0

GET
H2 200 bmzgpq Show response
oauth.reddit.com/r/aws/comments/ 42 KB
7 KB 306ms
306ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.reddit.com/r/aws/comments/bmzgpq?comment=&context=8&showedits=true&showmore=true&sort=confidence&depth=7&api_type=json

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0c8aba50403cec6cb715e24de2577d2f15e438f924044a23b4e3b1011a03bd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: bearer -bW48lw8RpbrLTdPgvNKKomjEfl0
Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 May 2020 23:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 6323
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1590017819.996796,VS0,VE280
x-frame-options: SAMEORIGIN
x-served-by: cache-man4145-MAN
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: Authorization, Content-Type, X-Reddit-Web-Client,
x-cache-hits: 0

GET
H2 200 1 Show response
native.propellerclick.com/ 7 KB
4 KB 56ms
14ms Script
text/javascript 88.85.66.164
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://native.propellerclick.com/1?z=2822551&_=1590017814830
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.85.66.164 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 23ab2045d58b73d79dd6e2b83ddab3fb92410359d833c7d260172089d8d068bf

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 May 2020 23:36:59 GMT
content-encoding: gzip
x-sc: AGQ57JSD4b67lruvHNIbSEwGKUwfk9exxKvKCeSCkqHF4ID1uU8HlQ0HqvyHr6YFBZHU-bChGHf8wKYGZ4wG4CqsqMU=
server: nginx
status: 200
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 99633b9cadbdcb52aad5a00b36f6fc9e Show response
native.propellerclick.com/27/ 357 KB
118 KB 30ms
23ms Script
application/javascript 88.85.66.164
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

http://native.propellerclick.com/27/99633b9cadbdcb52aad5a00b36f6fc9e

Requested by

Host: native.propellerclick.com
URL: https://native.propellerclick.com/1?z=2822551&_=1590017814830

Protocol

HTTP/1.1

Server

88.85.66.164 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

3fefa09544e40a3b2f0a0cb3583ae0c25d2f8410e636725e5209c1f372fca112

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:36:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 May 2020 05:23:02 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age:290304000, public
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Tue, 18 Jun 2080 05:23:02 GMT

GET
H/1.1 200
OK 38 Show response
native.propellerclick.com/42/ 0
676 B 29ms
23ms Script
text/plain 88.85.66.164
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://native.propellerclick.com/42/38?z=2822551
Requested by: Host: native.propellerclick.com
URL: https://native.propellerclick.com/1?z=2822551&_=1590017814830
Protocol: HTTP/1.1
Server: 88.85.66.164 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 20 May 2020 23:36:59 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 83 KB
33 KB 34ms
15ms Script
application/javascript 2606:4700:20::681a:87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: native.propellerclick.com
URL: http://native.propellerclick.com/27/99633b9cadbdcb52aad5a00b36f6fc9e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4776d0f995d6942a6b9c6ada8e0faed11e3b736892fb30d4346ddde7223280c5

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 May 2020 23:36:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 26 Mar 2020 22:17:17 GMT
server: cloudflare
age: 4969
etag: W/"5e7d29ed-14c3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5969e20d99011f35-FRA
cf-request-id: 02d60b9c7e00001f35718b4200000001

POST
H/1.1 204
No Content 9 Show response
native.propellerclick.com/ 0
722 B 18ms
18ms XHR
application/javascript 88.85.66.164
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://native.propellerclick.com/9?z=2822551&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2F3.217.106.26%2Fr%2Faws%2Fcomments%2Fbmzgpq&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=9&sah=1200&drf=&hil=2&ist=0
Requested by: Host: native.propellerclick.com
URL: http://native.propellerclick.com/27/99633b9cadbdcb52aad5a00b36f6fc9e
Protocol: HTTP/1.1
Server: 88.85.66.164 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 20 May 2020 23:36:59 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: http://3.217.106.26
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 15ms
13ms Image
image/png 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:37:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 5087
X-XSS-Protection: 0
Expires: Wed, 20 May 2020 23:37:00 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 46ms
38ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:37:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 5969
X-XSS-Protection: 0
Expires: Wed, 20 May 2020 23:37:00 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
14 KB 46ms
39ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:37:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 13504
X-XSS-Protection: 0
Expires: Wed, 20 May 2020 23:37:00 GMT

GET
H/1.1 200
OK googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 46ms
39ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:37:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 7048
X-XSS-Protection: 0
Expires: Wed, 20 May 2020 23:37:00 GMT

GET
H/1.1 200
OK googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 47ms
40ms Image
image/png 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Protocol

HTTP/1.1

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 20 May 2020 23:37:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 3934
X-XSS-Protection: 0
Expires: Wed, 20 May 2020 23:37:00 GMT

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 49ms
43ms XHR
text/plain 188.42.224.97
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: http://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Server: 188.42.224.97 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://3.217.106.26/r/aws/comments/bmzgpq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Wed, 20 May 2020 23:37:01 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://3.217.106.26
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 09:40:18	Name: test_cookie Value: CheckForPermission
3.217.106.26/	1970-01-19 09:40:17	Name: _gat_gtag_UA_63873786_1 Value: 1
3.217.106.26/	1970-01-19 09:41:44	Name: _gid Value: GA1.1.927926982.1590017815
3.217.106.26/	1970-01-20 03:11:29	Name: _ga Value: GA1.1.1800324921.1590017815

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31(Line 1) Message: TypeError: Cannot set property 'src' of null
console-api	error	URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31(Line 1) Message: TypeError: Cannot set property 'src' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
native.propellerclick.com
o.wowreality.info
oauth.reddit.com
pagead2.googlesyndication.com
platform.twitter.com
s.ytimg.com
static.lalaping.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.bcloudhost.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
www.youtube.com
104.244.42.136
188.42.224.97
199.232.53.140
213.196.2.1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:87b
2606:4700::6810:5814
2a00:1450:4001:800::2008
2a00:1450:4001:809::200e
2a00:1450:4001:814::2001
2a00:1450:4001:815::200a
2a00:1450:4001:816::2004
2a00:1450:4001:817::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.217.106.26
88.85.66.164
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c8aba50403cec6cb715e24de2577d2f15e438f924044a23b4e3b1011a03bd64
23ab2045d58b73d79dd6e2b83ddab3fb92410359d833c7d260172089d8d068bf
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
26bb78ea1e4c6b1bc3159c83cd1702729e4e4b4e6c2266d5d5c1948b71ed9dc6
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
356470ecae629c4fca9dd90185acda1af87e4662ee332289a058e3203ff83b88
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
3fefa09544e40a3b2f0a0cb3583ae0c25d2f8410e636725e5209c1f372fca112
4776d0f995d6942a6b9c6ada8e0faed11e3b736892fb30d4346ddde7223280c5
48c4e9a045b53a3b401198fa21daa873b4f2f7cb751a7acd6c46425328ef0fa6
4988371f41eab4a16a4b3c41d15b4018d793c1c83d15074b619d18f68d1ef104
4ba5aa5676546d2242eb17e2a22a28b9733c518d7a69a53d6e5213912e3024af
4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
592e35a583c401384ba6166b860a346ea7853f17287296c6a7c0c2468567330c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d57e062b6875f05d511767519678fa3e339ae184a2381537d4e12e902c64de0
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
6d629b8bbf0a5c8f3a6bb0221251b7758d53f04e7d81069b7b537729cc80086a
7094ffc8ac64917847b1c34c96a1ffdf349e7313c4f7ff76d06523fec432529b
70b2d5c0e6ed7daab735db9174969b3f83f677ac9d879ac8453da5d4001ed93c
733e61a0b662c433f3cad6f23f985b0dcec4048ef3386f2e5fb53ce8691799fc
778af31d1f99e545cfbcf7b160e16ec44de41a91a53e815b27c33be82e5b7c9f
7ba6f9e210aefeb05ba0a3c0d71f8ae3d6156cf2f6fbaed816362de62b48cba7
7faaf7d35aa2be9c1eafb2bfe4a08f9c8fe3018efe56d8bf0ef47c253c7c7a8e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88e9fa8fa5e9e06ccc370ceeda4c209e1c5047f07e3aa9d9d8e179c81a1ddccb
8f03662a1599bc58e55a0b4f2cf9a9772bea698b679ae10d866c72bf224c6968
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
ae89b8646ad6ff18f2c8c5c3b5af4efc137299b1d13f25cd344815d4ebd59359
b3274836744165cebdbf53f9b3ce7b0b3fa14bc3cb2b43b88ca1b3a38b5c193c
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3
d18c92cbf6281953a86065d65971c4841c46782e7e47cc77b8ae034c67f81751
d7b64ebb2b26ebc379118bc8c9fcbdef9c735d8ff6a0553b05b58ed92407eedb
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
df3a4e99b66b965484d70f521a3baf44141a9c1ebd35f6bd975d26289c6d1e89
dfb591c09c2d31711238d00f2877eaa42e76f47dfc2e8ae12657535369fd1a4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7e9a68e1353f429c9ebcb47bd1de5d23148dfdc33e34ceec85514a798381c61

3.217.106.26 Open in urlscan Pro 3.217.106.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

58 Requests

69 %HTTPS

77 %IPv6

20 Domains

25 Subdomains

25 IPs

6 Countries

1281 kBTransfer

4828 kBSize

4 Cookies

9 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

3.217.106.26 Open in urlscan Pro
3.217.106.26 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

69 %
HTTPS

77 %
IPv6

20
Domains

25
Subdomains

25
IPs

6
Countries

1281 kB
Transfer

4828 kB
Size

4
Cookies

58 HTTP transactions
0 data transactions