daffodil-ruddy-run.glitch.me Open in urlscan Pro
54.144.253.4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://daffodil-ruddy-run.glitch.me/
Submission: On January 10 via manual (January 10th 2021, 4:42:16 pm UTC) from US

Summary HTTP 167 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 71 IPs in 9 countries across 64 domains to perform 167 HTTP transactions. The main IP is 54.144.253.4, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is daffodil-ruddy-run.glitch.me.

This is the only time daffodil-ruddy-run.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.144.253.4 54.144.253.4	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:e633	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.68.161.17 51.68.161.17	16276 (OVH) (OVH)
1	172.255.6.216 172.255.6.216	7979 (SERVERS-COM) (SERVERS-COM)
10	139.45.196.135 139.45.196.135	9002 (RETN-AS) (RETN-AS)
3	139.45.196.140 139.45.196.140	9002 (RETN-AS) (RETN-AS)
1	139.45.195.210 139.45.195.210	9002 (RETN-AS) (RETN-AS)
1	2600:9000:206... 2600:9000:206f:9a00:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
1	2600:9000:206... 2600:9000:206f:1200:1d:bf0d:abc0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.224.195.73 13.224.195.73	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.197.10 139.45.197.10	9002 (RETN-AS) (RETN-AS)
1	2606:2800:233... 2606:2800:233:af6:eab:2108:1892:6d8	15133 (EDGECAST) (EDGECAST)
3 8	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1	172.255.6.140 172.255.6.140	7979 (SERVERS-COM) (SERVERS-COM)
3	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2)
1	172.255.6.120 172.255.6.120	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	5.9.10.165 5.9.10.165	24940 (HETZNER-AS) (HETZNER-AS)
7	2606:4700::68... 2606:4700::6812:1041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.68.123 35.190.68.123	15169 (GOOGLE) (GOOGLE)
3	104.85.1.87 104.85.1.87	16625 (AKAMAI-AS) (AKAMAI-AS)
5	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	139.45.195.41 139.45.195.41	9002 (RETN-AS) (RETN-AS)
1	2600:9000:21f... 2600:9000:21f3:9600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	50.18.199.66 50.18.199.66	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	176.34.151.72 176.34.151.72	16509 (AMAZON-02) (AMAZON-02)
11	65.9.73.96 65.9.73.96	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::200d	15169 (GOOGLE) (GOOGLE)
1	95.211.229.246 95.211.229.246	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 4	2606:4700:20:... 2606:4700:20::681a:46b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.46.129.238 52.46.129.238	16509 (AMAZON-02) (AMAZON-02)
1	52.46.131.85 52.46.131.85	16509 (AMAZON-02) (AMAZON-02)
2	68.183.0.10 68.183.0.10	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	104.19.133.80 104.19.133.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
10	94.31.29.128 94.31.29.128	33438 (HIGHWINDS2) (HIGHWINDS2)
4	104.18.134.145 104.18.134.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1	192.0.77.38 192.0.77.38	2635 (AUTOMATTIC) (AUTOMATTIC)
2	13.224.194.15 13.224.194.15	16509 (AMAZON-02) (AMAZON-02)
1	104.85.5.185 104.85.5.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	104.28.10.139 104.28.10.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	78.140.188.189 78.140.188.189	35415 (WEBZILLA) (WEBZILLA)
3	2606:4700:20:... 2606:4700:20::681a:a9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.85.0.200 104.85.0.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.190.74.92 35.190.74.92	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	216.21.13.16 216.21.13.16	53334 (TUT-AS) (TUT-AS)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	34.96.106.9 34.96.106.9	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1 1	139.45.196.73 139.45.196.73	9002 (RETN-AS) (RETN-AS)
1	104.109.72.141 104.109.72.141	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.195.51.15 152.195.51.15	15133 (EDGECAST) (EDGECAST)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
167	71

1 54.144.253.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-253-4.compute-1.amazonaws.com

daffodil-ruddy-run.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:e633 (United States)

ASN13335 (CLOUDFLARENET, US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.161.17 (France)

ASN16276 (OVH, FR)
PTR: ip17.ip-51-68-161.eu

onegalact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.216 (Netherlands)

ASN7979 (SERVERS-COM, US)

waxtamnit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.135 (Ascension Island)

ASN9002 (RETN-AS, GB)

kumteerg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.140 (Ascension Island)

ASN9002 (RETN-AS, GB)

choupsee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.210 (Ascension Island)

ASN9002 (RETN-AS, GB)

choogeet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9a00:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1200:1d:bf0d:abc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2sbzwmcg5amr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.195.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-73.fra2.r.cloudfront.net

djv99sxoqpv11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c1a (United States)

ASN13335 (CLOUDFLARENET, US)

coinpayu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.10 (Ascension Island)

ASN9002 (RETN-AS, GB)

stawhoph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:af6:eab:2108:1892:6d8 (United States)

ASN15133 (EDGECAST, US)

s.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.192.101.24 (Dallas, United States) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p405661.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p93920.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.140 (Netherlands)

ASN7979 (SERVERS-COM, US)

duetgypsyantis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.6.120 (Netherlands)

ASN7979 (SERVERS-COM, US)

seaboblit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1041 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.68.123 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 123.68.190.35.bc.googleusercontent.com

www.maxonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.85.1.87 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.41 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:9600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.18.199.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-199-66.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.151.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-151-72.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 65.9.73.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)

resumersvo.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:46b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.129.238 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

rcm-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.131.85 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.0.10 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.133.80 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

p405661.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p93920.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.134.145 (United States)

ASN13335 (CLOUDFLARENET, US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.38 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.194.15 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-15.fra2.r.cloudfront.net

yiatelychur.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.5.185 (United States)

ASN16625 (AKAMAI-AS, US)

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)

i45mnsbygvkw.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

i45mnsbygvkw.n.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.28.10.139 (United States)

ASN13335 (CLOUDFLARENET, US)

ssp.zryydi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.188.189 (Netherlands)

ASN35415 (WEBZILLA, NL)

api.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:a9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.0.200 (United States)

ASN16625 (AKAMAI-AS, US)

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.74.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)

www.tradeadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.16 (United States)

ASN53334 (TUT-AS, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.9 (United States)

ASN15169 (GOOGLE, US)

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.73 (Ascension Island) 1 redirects

ASN9002 (RETN-AS, GB)

shorteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.72.141 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-72-141.deploy.static.akamaitechnologies.com

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.51.15 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	yandex.ru 2 redirects mc.yandex.ru	98 KB
11	resumersvo.fun resumersvo.fun	4 KB
10	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re i45mnsbygvkw.l.adsco.re i45mnsbygvkw.n.adsco.re i45mnsbygvkw.s.adsco.re Failed	15 KB
10	mycdn.co p405661.mycdn.co p93920.mycdn.co	157 KB
10	shorte.st 2 redirects cdn.shorte.st api.shorte.st ads.shorte.st	49 KB
10	kumteerg.com kumteerg.com	88 KB
8	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	477 KB
7	adskeeper.com jsc.adskeeper.com servicer.adskeeper.com cm.adskeeper.com s-img.adskeeper.com	104 KB
5	seedtag.com config.seedtag.com s.seedtag.com	139 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net	213 KB
5	infopicked.com infopicked.com	42 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
3	adskeeper.co.uk 1 redirects jsc.adskeeper.co.uk cdn.adskeeper.co.uk	57 KB
3	pubmine.com s.pubmine.com c0.pubmine.com	52 KB
3	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	55 KB
3	a-ads.com ad.a-ads.com
3	bidvertiser.com bdv.bidvertiser.com	11 KB
3	clksite.com 3 redirects p405661.clksite.com p93920.clksite.com clksite.com	808 B
3	choupsee.com choupsee.com	67 KB
3	onegalact.com onegalact.com	1 KB
2	yahoo.com tag.idsync.analytics.yahoo.com cms.analytics.yahoo.com
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	tradeadexchange.com www.tradeadexchange.com	16 KB
2	buysellads.net cdn4.buysellads.net	27 KB
2	yiatelychur.top yiatelychur.top	713 B
2	amazon-adsystem.com 2 redirects rcm-na.amazon-adsystem.com	765 B
2	google.com accounts.google.com
2	popads.net c1.popads.net serve.popads.net	10 KB
2	cloudflare.com cdnjs.cloudflare.com	3 KB
2	googlesyndication.com pagead2.googlesyndication.com	135 KB
2	cloudfront.net d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net	210 KB
2	exosrv.com a.exosrv.com syndication.exosrv.com	39 KB
2	mellowads.com mellowads.com	41 KB
1	gearbest.com www.gearbest.com
1	shorteh.com 1 redirects shorteh.com	1 KB
1	rlcdn.com api.rlcdn.com	230 B
1	googletagservices.com www.googletagservices.com	19 KB
1	pubmatic.com ads.pubmatic.com	84 KB
1	zryydi.com ssp.zryydi.com
1	gstatic.com fonts.gstatic.com	16 KB
1	adtelligent.com s.adtelligent.com
1	carbonads.net srv.carbonads.net	969 B
1	buysellads.com srv.buysellads.com	1 KB
1	assoc-amazon.com ws-na.assoc-amazon.com
1	facebook.com www.facebook.com
1	ipfind.co ipfind.co	593 B
1	consensu.org quantcast.mgr.consensu.org
1	rtmark.net my.rtmark.net	785 B
1	maxonclick.com www.maxonclick.com	71 B
1	googleapis.com ajax.googleapis.com	33 KB
1	seaboblit.com seaboblit.com	1 KB
1	servedby-buysellads.com m.servedby-buysellads.com	16 KB
1	carbonads.com cdn.carbonads.com	6 KB
1	duetgypsyantis.com duetgypsyantis.com	1 KB
1	aolcdn.com s.aolcdn.com	10 KB
1	stawhoph.com stawhoph.com
1	coinpayu.com coinpayu.com	149 KB
1	thisiswaldo.com cdn.thisiswaldo.com	81 KB
1	choogeet.net choogeet.net	38 KB
1	waxtamnit.com waxtamnit.com	1 KB
1	glitch.me daffodil-ruddy-run.glitch.me	15 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	webglstats.com Failed cdn.webglstats.com Failed
167	64

	Domain	Requested by
11	mc.yandex.ru	2 redirects daffodil-ruddy-run.glitch.me mc.yandex.ru
11	resumersvo.fun	d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net
10	kumteerg.com	daffodil-ruddy-run.glitch.me kumteerg.com
6	api.shorte.st	cdn.shorte.st
5	p93920.mycdn.co	p93920.clksite.com p405661.mycdn.co clksite.com daffodil-ruddy-run.glitch.me
5	p405661.mycdn.co	p405661.clksite.com p405661.mycdn.co daffodil-ruddy-run.glitch.me
5	served-by.pixfuture.com	daffodil-ruddy-run.glitch.me served-by.pixfuture.com
5	infopicked.com	daffodil-ruddy-run.glitch.me p405661.mycdn.co
4	config.seedtag.com	daffodil-ruddy-run.glitch.me config.seedtag.com
4	securepubads.g.doubleclick.net	1 redirects daffodil-ruddy-run.glitch.me securepubads.g.doubleclick.net www.googletagservices.com
3	www.google-analytics.com	daffodil-ruddy-run.glitch.me www.google-analytics.com
3	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com daffodil-ruddy-run.glitch.me
3	s-img.adskeeper.com	daffodil-ruddy-run.glitch.me
3	cdn.shorte.st	1 redirects daffodil-ruddy-run.glitch.me cdn.shorte.st
3	ad.a-ads.com	daffodil-ruddy-run.glitch.me
3	bdv.bidvertiser.com	daffodil-ruddy-run.glitch.me bdv.bidvertiser.com
3	choupsee.com	daffodil-ruddy-run.glitch.me choupsee.com
3	onegalact.com	daffodil-ruddy-run.glitch.me
2	www.tradeadexchange.com	cdn.shorte.st www.tradeadexchange.com
2	cm.adskeeper.com	jsc.adskeeper.com
2	adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
2	4.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
2	6.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
2	log.outbrainimg.com	widgets.outbrain.com
2	c.adsco.re	c1.popads.net c.adsco.re
2	cdn4.buysellads.net	daffodil-ruddy-run.glitch.me
2	yiatelychur.top	daffodil-ruddy-run.glitch.me
2	jsc.adskeeper.co.uk	1 redirects daffodil-ruddy-run.glitch.me
2	rcm-na.amazon-adsystem.com	2 redirects
2	accounts.google.com	daffodil-ruddy-run.glitch.me
2	s.pubmine.com	daffodil-ruddy-run.glitch.me
2	widgets.outbrain.com	daffodil-ruddy-run.glitch.me widgets.outbrain.com
2	cdnjs.cloudflare.com	daffodil-ruddy-run.glitch.me
2	pagead2.googlesyndication.com	daffodil-ruddy-run.glitch.me pagead2.googlesyndication.com
2	mellowads.com	daffodil-ruddy-run.glitch.me mellowads.com
1	cms.analytics.yahoo.com
1	tag.idsync.analytics.yahoo.com	s.aolcdn.com
1	www.gearbest.com	cdn.shorte.st
1	shorteh.com	1 redirects
1	ads.shorte.st	1 redirects
1	s.seedtag.com	config.seedtag.com
1	api.rlcdn.com	ads.pubmatic.com
1	serve.popads.net	c1.popads.net
1	www.googletagservices.com	daffodil-ruddy-run.glitch.me
1	mug.criteo.com	daffodil-ruddy-run.glitch.me
1	gum.criteo.com	1 redirects
1	ads.pubmatic.com	daffodil-ruddy-run.glitch.me
1	cdn.adskeeper.co.uk	daffodil-ruddy-run.glitch.me
1	ssp.zryydi.com	cdn.shorte.st
1	i45mnsbygvkw.n.adsco.re	c.adsco.re
1	i45mnsbygvkw.l.adsco.re	c.adsco.re
1	servicer.adskeeper.com	jsc.adskeeper.com
1	fonts.gstatic.com	daffodil-ruddy-run.glitch.me
1	widget-pixels.outbrain.com	daffodil-ruddy-run.glitch.me
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	c0.pubmine.com	daffodil-ruddy-run.glitch.me
1	s.adtelligent.com	cdn.thisiswaldo.com
1	srv.carbonads.net	cdn.carbonads.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	clksite.com	1 redirects
1	srv.buysellads.com	m.servedby-buysellads.com
1	ws-na.assoc-amazon.com	daffodil-ruddy-run.glitch.me
1	syndication.exosrv.com	a.exosrv.com
1	www.facebook.com	daffodil-ruddy-run.glitch.me
1	c1.popads.net	daffodil-ruddy-run.glitch.me
1	ipfind.co	cdn.thisiswaldo.com
1	quantcast.mgr.consensu.org	cdn.thisiswaldo.com
1	my.rtmark.net	daffodil-ruddy-run.glitch.me
1	www.maxonclick.com	daffodil-ruddy-run.glitch.me
1	jsc.adskeeper.com	daffodil-ruddy-run.glitch.me
1	ajax.googleapis.com	daffodil-ruddy-run.glitch.me
1	p93920.clksite.com	1 redirects
1	seaboblit.com	daffodil-ruddy-run.glitch.me
1	m.servedby-buysellads.com	daffodil-ruddy-run.glitch.me
1	cdn.carbonads.com	daffodil-ruddy-run.glitch.me
1	duetgypsyantis.com	daffodil-ruddy-run.glitch.me
1	p405661.clksite.com	1 redirects
1	s.aolcdn.com	daffodil-ruddy-run.glitch.me
1	stawhoph.com	daffodil-ruddy-run.glitch.me
1	coinpayu.com	daffodil-ruddy-run.glitch.me
1	djv99sxoqpv11.cloudfront.net	daffodil-ruddy-run.glitch.me
1	d2sbzwmcg5amr3.cloudfront.net	daffodil-ruddy-run.glitch.me
1	a.exosrv.com	daffodil-ruddy-run.glitch.me
1	cdn.thisiswaldo.com	daffodil-ruddy-run.glitch.me
1	choogeet.net	daffodil-ruddy-run.glitch.me
1	waxtamnit.com	daffodil-ruddy-run.glitch.me
1	daffodil-ruddy-run.glitch.me
0	match.adsrvr.org Failed	ads.pubmatic.com
0	i45mnsbygvkw.s.adsco.re Failed	c.adsco.re
0	cdn.webglstats.com Failed	daffodil-ruddy-run.glitch.me
167	90

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.coinpayu.com
srv.carbonads.net
carbonads.net
srv.buysellads.com
widgets.adskeeper.com
www.adskeeper.com
shorte.st
www.intango.com

Subject Issuer	Validity	Valid
kumteerg.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
choupsee.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
choogeet.net R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-07` - `2021-08-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.infopicked.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
maxonclick.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-02-17`	9 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
resumersvo.fun Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
ws-na.assoc-amazon.com Amazon	`2020-04-10` - `2021-03-16`	a year	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
s.adtelligent.com R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-10` - `2021-04-09`	2 years	crt.sh
yiatelychur.top Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.l.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-14`	2 years	crt.sh
*.n.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-29`	2 years	crt.sh
*.shorte.st Sectigo RSA Domain Validation Secure Server CA	`2019-10-18` - `2020-12-16`	a year	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-10-22`	a year	crt.sh
tradeadexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-16` - `2022-07-01`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2020-04-13` - `2021-07-13`	a year	crt.sh
*.idsync.analytics.yahoo.com DigiCert SHA2 Secure Server CA	`2019-04-17` - `2021-04-21`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh

This page contains 25 frames:

Primary Page: http://daffodil-ruddy-run.glitch.me/
Frame ID: BF1703FCA28C3B5C9CBE876CE5DAFF2A
Requests: 128 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90
Frame ID: 5405A29FA777583EE998DF988AE3F16E
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/cHpBS1QRGCImaxFHI20hAhZ8bmY2X3MNMEIJIzEjHRkmfjUdCHJlNxwVNC8yAhUvP3oeHzVuZjYzIHgeODcJJB04KS0cBiJCIwIjQTkWHhYJOyp+Gjc+Ey0SMg4RCmYTMxQsEQMcOX4NOBIEHBAYPxYuMzYZAzMZACxxLxo2Ay0fBkEKFAE4ISMXIA4YKAAkETciMS0RIRUnBmVAHwMZNwA8JnMfJAMxLRUxMyQAZTYcFh8GCTIqOxshMiISEgcVEwc4RDUDChEGPBQgJCZJFAoRBy8GAjgIHBYeHQEvEycbITIlLRclTwAvZBgcFh4eQjsCHTUiEmwsEiVKdAowQT8KDCxEExMzbDo9En4RKEsqezcXNA8ZATYCBx48Ei0oMw00HRguDRczdB8/MkkZCRkxPHMCFyMdNhMeNgkXGjgUSwAJPzQ7AiMwOEp0ChUhEgsZAToKAw4gEisWIBMjSnQKMEA3Iw8GPUsWHW0qNAkCECQvFwk3IiMRHTNWEDIkOgBHBRwmSQkqBDBDFhc
Frame ID: 05BDF3A4BA365BCD0CFD9DB2990C8A57
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/a3FCSEwKEyElcwpMIG45GR1/bX4tVHAOKFkCIDI7BhIlfS0GA3FmLwceNywqGR4sPGIFFDZtfi0WD3kCISQEDh07MiF6LgASdAQbWgEBJTheKHAdGiQlLW1+LSFyBjknIjIgDRMGKBgYADQDLysIPxRxICwfGyQfPxVyERQPFw8hL1gTAB1+IQsMOw0FJC0GCCY+GHp0ADgUP3gPNXp+GQFFexgYPRUMIShZOwQCOSE1ejobAUkuBRQ6MwQQNE5DABEeMRknECtTJCgJKzsYFCsFKDdzESItQyd6DV8pESs/OzkTChUSIDoFJDEZJxx0AjcvDnkgORMKFVhcKi8IDDssDiE9RQQlCl48EQ4IOwg1JgItNHYBDzlBAxoaUyhwESgyOXt5FRw/dQEmDB0aInUYKCoBGzIpKXADLRZwKgshGRQMFRo+OHwtDx82LwEHAioCJltBBCUJOxAFASgyQyYjFSo/JRJ+MRYEJQpeODgKGiYbMX0oKjQULgslHAofDk5DBCwlOj4YMXwSKyU7NQ4cLiINLDAtEiEIOiN7dFooAzt/IEMAIQ0vFToRfiYyDBANTRsxJyIbTCYyfFs+KCUkXCADBCgHRxE
Frame ID: 850E868251E78828F40DEDF2F96C966A
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/N05SRjFWLDErDlZzMGBERSJvYwNxa2AAVQU9MDxGWi01c1BaPGFoUlshJyJXRSE8Mh9ZKyZjA3EPNh5rcQNjA2ZwHSYQU1ALNA9gAj4DE2cEDAUEZX8KCCVhQBgeCAAHeBMvYEMXOgx1eDQXDX9dPgMLZFx/AQNVXRYoB1NyFjUQf3U9BCNwfX0UBHhZCj8QZXY3AwlhdSEfCncPdxQAfwQqBRRTZSMTBGhhfjAMd3Z6FTF4Rh8WKmBlHzERaAcbNA0BVH4VEH8EDygxZHEZEwRoZSEUH3BxJhYQfwQPYAR3fBYDDnVcDDQfcHEmFAdoBhYoF3JyN38iaHgPFBJVBBg5FFpxPBMBVWYcGhNTeCZiBXpxd2IUS2EpExF0bQYrc2ZTCzYBeFsXKw5ZWz0UK39xCAF3c2cmNRJodgsKEmRhPBN1CHUcYRNwUX4cDmh2CDoEWVQkBy98VBthIgBtCwgEUEAMPBNGeXoQPGRvHwp3Ym4lKgNVUA8lFwF1dhF0UmYcYXdpen4EAFVbKiIUWmV+BBFWESQhKV9HcyAoWkAcOhdyAQMmf1Z4
Frame ID: 6E21EA1BCA2E4297A536BDAA6B17B80C
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/b29LZ3oODSgKRQ5SKUEPHQN2QkgpSnkhHl0cKR0NAgwsUhsCHXhJGQMAPgMcHQAlE1QBCj9CSCk+LgwCADV7CCAmGBIlHj5bJyM8HxYaCSwMNyVSGSUHOC4wLh8zLx02AxsfTgMlCCZNLD0kFhkIW3wzEiIYAwk8NT4YPhgmCHIGGC1XIiRLH1gTJEoiLRMDNQ4HPD8wPSkzJQ0YHQ0dHSkuMjYcJgR/NDFfDCMlAl8FDQ47JT4lAEIKOhE/GF8HczY7AB0MNC8oKjIyMCUqejI5KVZuVTg4Ln8MPgYEDjYUByQCNhEqDXsPQi0XGREpJxgaNhQHJC0xVwhbLldOOzceUgw8JzwtPBUAHCwoVywAJT8DJw4tTj8nJwUvKD0BAhFeOS4LMwEuCSoUKQInBjAoVgIBOz4gAjVDHzgnBA4nFnMjOSghLQEWCCoCAB0FLRotDDwuOzYsKD0APhYXOC4MFgY3Jz0MPCc8BTgGGCk3HSksLiMCWjh6JRE8NzsoPwELBCw7Hz4oDw5KXQ0yLDlaGDRLCjoTKTkKCHowGQdbPjA8PVoDCSgNORMUGQs+bQ0JAAE7WgwOAA41NywFCiIIIlc/EA
Frame ID: CFDD2A9F672F008801620B8014DA7D49
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/UEtiVTkxKQE4BjF2AHNMIidfcAsWblATXTo9W2xKKCQTJU9hekw2VT8+BjNLPyUWe1c1P0dnfxEfUmRtBSEzJnA6e1IWQyMgLGcBFC0qJV4JClMlcykKWwJTaTwhLEkIAiBlcx95IGd2JyAaN14GfDg7axEFMTlMCTMrP3UUe1MWbjskMgF8Gi0PJkAeJzgsXAgeDwd6ESYAPwA2AAgmUAANAT1pEztSBGplPDI/CB8BCxAcYg0vLX9pCFAPARIMEnALFhJRJWMcIlZjaRUKBQVTJHggIgg/EjUfXRkfCWdpOA1bM21kMTRnSXV5JAxDYQMDOwA6AAoTADYcTx9QMXhXYH0XKAY0V2khL2VodXkkHG0JJzcGCT0ECwxrNhoWOGABBQozVAZ4IDsAPAQmJXgZIiRnYBgvEzMLHW5QF2EDGg0xVBEOKRZeJwQ0IVQxDCQ8bykoR2d/AA9bB1g+czQ0XjQjBA0IPQk6bBxiCQQCaBYqDGxTGR03JXUTDlUQYWAHODh8FBI6YFU0DiQsXAQoFRQKMzg7EkoXLSphQAoKKGddBx5RF2EzOy8CcBgtITlLCRo4cAsSAFA6Hzo4DTtJbRMaNlYAEQsBACYRAQ9zZn4
Frame ID: D874E66B4C3A54AABA44553426CF1B26
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/aU0yOXcIL1FUSAhwUB8CGyEPHEUvaAB/EwM7CwAEESJDSQFYfBxaGwY4Vl8FBiNGFxkMORcLMSwoansAO31/WD8ReVpfNlkXdHEHWR5ZXTMNBXxfMA4AXXUmBQN5aEM6CGZgFAoMXXMmAiZ1XRtRCHFQOUx/cGoxMC54UEcMGWRgHiUfQncmPghbcSUjA1ELIiQIZwkGJQx/Yz8qPlthMiB/UVRGIxtnc0QINWNrMhB5Rn0lUQl+Cy0iAF5vRgo1c1w1KgREYTIjDHlQPggbZ3NEJQxCbyYHLgVhMiMMVlc6BBxnaC4NIXBvJgcuW3omKC57UyYKCFoUBBwDA0E0JyN4TiMFeHZaIDMBY38QGgZFCRMhCnhBOAUbcV0OURx1QSEALmdSLy8eY1YxBSFkXS8kLHV4PgYBWkEhOCp0DiQFeHNYLw0EY3w5GSlnUSE4I1FOMCsUYHckGS5jUy0QLncMEjh+dFUzLHx3cA4vAmF7MVkoWU0zODRoCCNZIXtaJDMEYXsmBS4CSTMvBQtOJFkIZV8QTydBVhkZcGtwJgELXg4+GX8LeEI
Frame ID: 78BE06947F20148385228B1FC1EC47B4
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111
Frame ID: 6308379731EFBA9D703D5ED9ADCAE60B
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Frame ID: 7107E2166F9EBB22D192A05B92E8C541
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1120283?size=120x90
Frame ID: 1547D8C115DE73DF5F2BF7D4C6F77528
Requests: 1 HTTP requests in this frame

Frame: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=787871184075346&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=787871184075346&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Frame ID: 748DAABAE9E0A08F7D6ADC4B532FDD11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 1F2BD61FB7C41719FFCFB743B1C55A20
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 16F652507694BF39B0D71C9CC8F3DC6D
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: 823F6A1B9EE2FF62ED3D185E3BAEAE98
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 745E888310EA55A8557F3FAAD3C3BDED
Requests: 1 HTTP requests in this frame

Frame: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Frame ID: C6B0816D13DC3E4EEA98E64742E12538
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: B601B287CB7C70941490EB80EF48B959
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=161029691063420220873
Frame ID: 8343BB629BD85C443C409DD836F5FFC5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: E098E23D8486438862670132BCE78E9E
Requests: 11 HTTP requests in this frame

Frame: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: FD88DA0210D6023F58FCEF2F760779A8
Requests: 2 HTTP requests in this frame

Frame: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: E437E6A17AB67DEA94FA36A9C99E1972
Requests: 2 HTTP requests in this frame

Frame: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=372174833837945445
Frame ID: DA4DE376BF771C214FD636FAA6830327
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: DE6D6F1CE3FF8E915B4029E37691F17B
Requests: 1 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: 658760BA71A99B60C8A16128381D3199
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

167
Requests

59 %
HTTPS

32 %
IPv6

64
Domains

90
Subdomains

71
IPs

9
Countries

2600 kB
Transfer

6530 kB
Size

11
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://www.coinpayu.com/?r=tteggeufgy

Search URL Search Domain Scan URL

URL: https://srv.carbonads.net/ads/click/x/GTND42JJCT7IT5QICVALYKQNC6YD6KJNCABI4Z3JCYYITKJJCVBIK2QKCWAIC27WCWSD42QYCVADV23MCTBIT5QKC6SD4K3LF6BDVK3EHJNCLSIZ?segment=placement:dsawrewreafera;

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=dsawrewreafera&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

URL: http://srv.buysellads.com/ads/click/x/GTND42JJCT7IT53UF6S4YKQNC6YDV23UCEADKZ3JCYYIT23NCWADEK7KCWAIC27WCWSD42QYCVADV23MCTBIT5QKC6SD4K3LF6BDVK3EHJNCLSIZ?segment=placement:eefiojre9hugu9rgtrtfrg;
Title: SendbirdSendbird Calls Voice API & Video API: Increase in-app engagement with voice and video experiences

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1056221

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7891019/i/57390646/2/pp/1/1?h=ctYilieBh0Hub4eKaQFmfoG1zZAB3eVs8zORJG6jXrdiZBBZc6uvrP3COXhQg24d&rid=bc62b3eb-5362-11eb-bbb8-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7806761/i/57390646/2/pp/2/1?h=6UIBnO-W2n-_IB1CbihHlDzGMjtlwtcE__TD3rs7GdH_RdURYOzp5JOUPhv86fj0&rid=bc62b3eb-5362-11eb-bbb8-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/5095035/i/57390646/2/pp/3/1?h=HvMeKkwrfRZij62x6hvpGuohja_LPlA90Jj_c-qygKjXNG21ff_9UfRWtn9YCUAX&rid=bc62b3eb-5362-11eb-bbb8-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://shorte.st/?utm_source=daffodil-ruddy-run.glitch.me&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st

Search URL Search Domain Scan URL

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom HTTP 301
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

Request Chain 22

http://p93920.clksite.com/adServe/banners?tid=93920_153711_0 HTTP 301
https://infopicked.com/adServe/banners?tid=93920_153711_0

Request Chain 41

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 59

http://cdn.shorte.st/link-converter.min.js HTTP 301
https://cdn.shorte.st/link-converter.min.js

Request Chain 61

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 301
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

Request Chain 66

http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=12100174149 HTTP 301
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=12100174149

Request Chain 67

http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 HTTP 301
https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5

Request Chain 99

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174149%3Aet%3A1610296910%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A82475799041%3Arqn%3A1%3Arn%3A559701751%3Ahid%3A212402610%3Ads%3A9%2C17%2C258%2C107%2C0%2C0%2C0%2C3912%2C100%2C%2C%2C%2C4201%3Afp%3A301%3Awn%3A8806%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296910%3Au%3A1610296910497280092%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020 HTTP 302
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174149%3Aet%3A1610296910%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A82475799041%3Arqn%3A1%3Arn%3A559701751%3Ahid%3A212402610%3Ads%3A9%2C17%2C258%2C107%2C0%2C0%2C0%2C3912%2C100%2C%2C%2C%2C4201%3Afp%3A301%3Awn%3A8806%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296910%3Au%3A1610296910497280092%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Request Chain 135

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=8MlG_Hw5UU1tMUNPS0xJanlKUGVTa1EyRDNwbzFDbmZWaW9GeCtkQW5uOVVON0JyMEgzbU4rTkdPZlJqd3FsVTBMdUhhTTNIMElEamhHRGxCVkZVaTFDUkJFcCtRZVNLNXgyZ3FjN0xqdkFtZTVERGRLenRnOW1WVndUaFQxaUVGMmhQc2pjZTdhRDd5VCtCSTF1NG5SbTl0SzY4R2ZjSHlIQ1V2aitlUWdEa2l0K0FQWTlJMkNrS1RsWTZYNUx4VGduVlpESExNamIvOVBLd3lHaXYwZjgwTHp0dDhZWGpGeWh6UjZwTjFmWmVXWTllb1BWVS9hVE1MMTFFVWlmelJHWHZDfA&cppv=2

Request Chain 152

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 155

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=2&cp.enc_url=&cp.type=overlay&cp.asid=102748362283bddf66e0efe55bf2844c135e0c2c HTTP 302
https://shorteh.com/afu.php?zoneid=1241630 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=372174833837945445

Request Chain 167

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174204%3Aet%3A1610296925%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A684%3Als%3A82475799041%3Arqn%3A2%3Arn%3A57285836%3Ahid%3A212402610%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C13628%2C13628%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296925%3Au%3A1610296910497280092 HTTP 302
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174204%3Aet%3A1610296925%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A684%3Als%3A82475799041%3Arqn%3A2%3Arn%3A57285836%3Ahid%3A212402610%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C13628%2C13628%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296925%3Au%3A1610296910497280092

167 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
daffodil-ruddy-run.glitch.me/ 15 KB
15 KB 285ms
258ms Document
text/html 54.144.253.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 54.144.253.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-253-4.compute-1.amazonaws.com
Software: /
Resource Hash: 0641b31d2db6c35cbfec3abfa2c9bcc68b12d89a360516ce036434300d504c74

Request headers

Host: daffodil-ruddy-run.glitch.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 15301
Connection: keep-alive
vary: Origin
accept-ranges: bytes
last-modified: Sun, 10 Jan 2021 16:41:06 GMT
cache-control: max-age=0
etag: W/"3bc5-176ed2c34d0"

GET
H/1.1 200
OK pop.js Show response
mellowads.com/ 423 B
1 KB 278ms
265ms Script
application/javascript 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1697e8fa18fe0b69a030d38bc0b3926ed6d60e57c5dd688c8b47e8ff92c68d6a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
CF-RAY: 60f7d8ea7d3d2bca-FRA
Content-Length: 494
cf-request-id: 078ec5e68f00002bcabf36f000000001
Expires: -1

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 88ms
56ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21431 Show response
waxtamnit.com/fGZK1mdRMO3Lzx3/ 0
1 KB 96ms
57ms Script
text/html 172.255.6.216
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://waxtamnit.com/fGZK1mdRMO3Lzx3/21431
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 172.255.6.216 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21432 Show response
onegalact.com/pFFQARKPePsD/ 0
1 KB 91ms
60ms Script
application/javascript 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/pFFQARKPePsD/21432
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK tag.min.js Show response
kumteerg.com/pfe/current/ 42 KB
12 KB 411ms
304ms Script
application/javascript 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK tag.min.js Show response
choupsee.com/pfe/current/ 42 KB
12 KB 156ms
47ms Script
application/javascript 139.45.196.140
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.140 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK micro.tag.min.js Show response
choogeet.net/pfe/current/ 129 KB
38 KB 1212ms
70ms Script
application/javascript 139.45.195.210
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=3461354
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.195.210 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:39 GMT
Server: nginx
ETag: W/"5fd2242b-20534"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 8636.js Show response
cdn.thisiswaldo.com/static/js/ 269 KB
81 KB 28ms
6ms Script
application/javascript 2600:9000:206f:9a00:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.thisiswaldo.com/static/js/8636.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2600:9000:206f:9a00:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

5e0a9e9b6a8061cb91728a76e9421f4ccfa71eb1e0e6569e69ac317d272eb712

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 15:33:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 91096
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 18 Dec 2020 20:04:43 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "435d5-5b6c29e916f57-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: pZVeS6pviMHIMVwa54y014aWoFuO27OaPCP9O0jNYsB9DJ6WyiV6PQ==

GET
H2 200 popunder1000.js Show response
a.exosrv.com/ 88 KB
38 KB 33ms
6ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exosrv.com/popunder1000.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:45 GMT
content-encoding: gzip
last-modified: Sun, 10 Jan 2021 14:17:00 GMT
server: ECS (fcn/40B0)
age: 8685
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 39122
expires: Sun, 10 Jan 2021 19:41:45 GMT

GET
H/1.1 200
OK / Show response
d2sbzwmcg5amr3.cloudfront.net/ 436 KB
142 KB 189ms
167ms Script
text/plain 2600:9000:206f:1200:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2600:9000:206f:1200:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4a91ba238fe6799e5380c4ce3758876a223b8dbda14f148dd35a54d2c1dc8322

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 145029
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
X-Amz-Cf-Id: U3YY3i_9Td4lyXb0q3goYTnGY6kLmQQmXCeXC_oM0QupmwjJAqpboA==

GET
H/1.1 200
OK / Show response
djv99sxoqpv11.cloudfront.net/ 207 KB
68 KB 473ms
200ms Script
text/plain 13.224.195.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.224.195.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-73.fra2.r.cloudfront.net
Software: /
Resource Hash: b3d022ca726902692e0a7aa58d16c2a5035fc75d79bc535ee08c6bc088cdacae

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 69250
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Ldn7mTSzwTrHgZiubAqojw6VVDK4t7woPzB1WOT49HBFCJMMxVrZuw==

GET
H2 200 468X60.gif
coinpayu.com/static/advertiser_banner/ 148 KB
149 KB 49ms
25ms Image
image/gif 2606:4700:20::681a:c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coinpayu.com/static/advertiser_banner/468X60.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:45 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 202714
cf-polished: status=not_needed
content-length: 151259
cf-request-id: 078ec5e6b0000006316f8e5000000001
last-modified: Fri, 08 Jan 2021 15:10:12 GMT
server: cloudflare
etag: "5ff875d4-24edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=16wClLgHmnLh9zwlderI84VV6XkXAz47PFv5E9bL%2BbJiclkW5idNaF5KjzPfHS1jsYRD6Q%2BTLUJ1EEHWEyU%2FnKkmOldRpZ1U7U7DkDfHYVWvtVhO1IuO4r8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
expires: Sun, 07 Feb 2021 08:23:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 60f7d8eabced0631-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

698fd453625cdc09bbdbf4b4d71482a4a570697d56823942b8ce595651a0aa32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47071
x-xss-protection: 0
server: cafe
etag: 7368427379032225668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Jan 2021 16:41:45 GMT

GET
H/1.1 200
OK afu.php Show response
stawhoph.com/ 0
0 114ms
82ms Script
text/html 139.45.197.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://stawhoph.com/afu.php?zoneid=3807985
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 139.45.197.10 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK adswrappermsni.js Show response
s.aolcdn.com/ads/ 28 KB
10 KB 13ms
7ms Script
application/javascript 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://s.aolcdn.com/ads/adswrappermsni.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 95fddf78880041d45ca14979cd85bc1bc6e1ab896fef029842a369946352c060

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Age: 78727
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-request-id: 5A40867DDE721C37
x-amz-id-2: GgeMXRgXXFcZgWM7W/0yGkcihkaDZHaNzjQS9RI49tZApTqLh+HxYSPvERpJPpY0yX216xSKQso=
x-amz-expiration: expiry-date="Mon, 26 May 5881631 00:00:00 GMT", rule-id="oath-standard-lifecycle"
Last-Modified: Sat, 14 Nov 2020 18:47:44 GMT
Server: ECAcc (frc/8E9E)
Etag: "94a8deeb78dcb94b81f2523ae1c9eb8b+gzip"
Vary: Accept-Encoding
x-amz-version-id: MpewYvXMv0mhQTNMLIwn9x2UhMWBqUKN
Cache-Control: public,max-age=86400
Content-Length: 9673
Content-Type: application/javascript

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

35 KB
13 KB

556ms
268ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 409202db0a453f8e10367e4e738f534c0a12061c8c92fc04002c537845db4b27

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Date: Sun, 10 Jan 2021 16:41:45 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK 16229 Show response
duetgypsyantis.com/txrerrgoIMFbsRz8/ 0
1 KB 119ms
56ms Script
text/html 172.255.6.140
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

http://duetgypsyantis.com/txrerrgoIMFbsRz8/16229

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

172.255.6.140 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK BidVertiser.dbm Show response
bdv.bidvertiser.com/ 10 KB
10 KB 359ms
321ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-store
Connection: close
Content-Length: 10318
Content-Type: text/javascript

GET
H2 200 dataTables.bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/ 4 KB
1 KB 19ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/dataTables.bootstrap.min.css

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1341762
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 757
cf-request-id: 078ec5e688000005f5a984a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-10c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vs9a8YA9%2FiGk0%2BwqSUAJGjnuIE3O0y9SfM%2F106kOZo16ID76edOaIfR4VgQ1dhDDZ29CtR7OCfurPcGjt8QCOP1uShJm8wy4xClZ5tVsqoYRz5pVavxDS4uF%2FUYquwEnrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60f7d8ea7e0205f5-FRA
expires: Fri, 31 Dec 2021 16:41:45 GMT

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 15 KB
6 KB 245ms
225ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Oct 2020 20:53:30 GMT
Server: NetDNA-cache/2.2
ETag: W/"3d43-5b2ad3d436e46"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 61 KB
16 KB 90ms
57ms Script
application/javascript 108.161.189.78
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://m.servedby-buysellads.com/monetization.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 54cc12b8e6fef0d8c4401b7b321261a0d368c2f9e9b73d3a153ed4fa879d0e3e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jan 2021 19:32:22 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: B39B09869107109B
ETag: W/"d36ec65321db2da360d570618c3171a7"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: g8X8ApdxlZzgkLYAdOXHTyTN7IXIYnsayNc3ZdPKoUh1pATWPif/WHVc4ZdyOEzODZF/wNUCRUE=
Expires: Mon, 11 Jan 2021 16:41:45 GMT

GET
H/1.1 200
OK 21435 Show response
seaboblit.com/1clkn/ 0
1 KB 82ms
57ms Script
application/javascript 172.255.6.120
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://seaboblit.com/1clkn/21435
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 172.255.6.120 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p93920.clksite.com/adServe/banners?tid=93920_153711_0
https://infopicked.com/adServe/banners?tid=93920_153711_0

36 KB
13 KB

429ms
145ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=93920_153711_0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 7270613b7866c23f006989da8e3d3f5e68e1c184c150805b3ac192d9ce0ec523

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=93920_153711_0
Date: Sun, 10 Jan 2021 16:41:45 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 162
Content-Type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 07:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292425
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jan 2022 07:28:00 GMT

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 5405 0
0 84ms
64ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H2 200 pastebin.com.1056221.js Show response
jsc.adskeeper.com/p/a/ 203 KB
60 KB 33ms
16ms Script
text/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83093a54a6a75a140c2d6acc919a5b554b00157643187e1c0867309f0be16aa

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6511
cf-ray: 60f7d8eb4ba62bb9-FRA
content-length: 60936
x-amz-id-2: ILXWeGx9EdQivMS+2UBXUj2Xrc2wnEiAOgX8ailgmAjEuJxRvNDYi8hqnTbna2rRLwX2pppGmyY=
last-modified: Mon, 21 Dec 2020 15:07:01 GMT
server: cloudflare
etag: "7ab2655fb585b8996a339eda5e9fd5e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6F8C64661D2F8AC3
cache-control: public, max-age=14400
cf-request-id: 078ec5e70d00002bb9faab8000000001
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 10 Jan 2021 20:41:45 GMT

GET
H2 204 display.php Show response
www.maxonclick.com/a/ 0
71 B 226ms
158ms Script
text/plain 35.190.68.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.maxonclick.com/a/display.php?r=1142855
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.68.123 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 123.68.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Jan 2021 16:41:45 GMT
via: 1.1 google
server: openresty
alt-svc: clear

GET stat.js
cdn.webglstats.com/ 0
0

GET
H/1.1 200
OK outbrain.js Show response
widgets.outbrain.com/ 162 KB
55 KB 63ms
44ms Script
application/x-javascript 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/outbrain.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.85.1.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1fefc9a19a4703a9c44f58f5b0c20e535a159538a7f7ea4ac73693f1c9db95a2

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Edge-Cache-Tag: widget-cheetah
Cookie: CheetahStaging=true
Connection: keep-alive
X-TraceId: 428242ea6a61a43ef6be77375c616978
Content-Length: 55129
Last-Modified: Sun, 10 Jan 2021 14:25:06 GMT
ETag: W/"287dd-TEylHxVr0aL17TkCUJt0p1Gl0vo"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: false
Timing-Allow-Origin: *
Expires: Sun, 10 Jan 2021 20:41:45 GMT

GET
H/1.1 200
OK headerbid_sticky_refresh.js Show response
served-by.pixfuture.com/www/delivery/ 2 KB
2 KB 250ms
226ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_sticky_refresh.js?v31
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 43e106423124c8c69f1ac878e1878c72963587027aa365aa13f4a43168ac7262

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Last-Modified: Mon, 26 Oct 2020 19:24:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f972288-775"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1909

GET
H/1.1 200
OK wrez Show response
mellowads.com/js/ 81 KB
40 KB 260ms
260ms Script
text/javascript 2606:4700::6810:e633
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1
Requested by: Host: mellowads.com
URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Protocol: HTTP/1.1
Server: 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Sun, 10 Jan 2021 16:41:43 GMT
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 60f7d8ec2aca2bca-FRA
Content-Length: 40288
cf-request-id: 078ec5e79b00002bcaac82e000000001
Expires: Mon, 10 Jan 2022 16:41:43 GMT

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 35ms
35ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK zone Show response
choupsee.com/ 716 B
1 KB 1052ms
1052ms Fetch
application/json 139.45.196.140
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.140 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d32fe43f75cf01124fc4dd679132975abdb425a78b05cef9338ec992096da717

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: e07fbbc38bc86b3120339f1bbe8eb2a7
Date: Sun, 10 Jan 2021 16:41:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
choupsee.com/pfe/current/ 188 KB
54 KB 167ms
76ms Fetch
application/javascript 139.45.196.140
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.140 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK zone Show response
kumteerg.com/ 716 B
1 KB 54ms
53ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d32fe43f75cf01124fc4dd679132975abdb425a78b05cef9338ec992096da717

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 2702776e72b7f964181249f25618076c
Date: Sun, 10 Jan 2021 16:41:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
kumteerg.com/pfe/current/ 188 KB
54 KB 164ms
68ms Fetch
application/javascript 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 274ms
274ms Other
text/plain 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 10 Jan 2021 16:41:46 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 43ms
43ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 17cca66f599a397db61982b3a123244e
Date: Sun, 10 Jan 2021 16:41:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
785 B 185ms
48ms Fetch
application/json 139.45.195.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=550efc9a5e534ac5a28b6041a671098b&zoneId=3808000&checkDuplicate=true&ymid=&var=

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.41 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4f3535c1ba5b0d1210fd94af9d2bb9d22d66ff8d838b8df061a9a02b55c9d566

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 200
OK defaultSkin.min.js Show response
kumteerg.com/pfe/current/ 56 KB
19 KB 130ms
47ms Fetch
application/javascript 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/defaultSkin.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/ 0
0 149ms
127ms Script
text/html 2600:9000:21f3:9600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:18:31 GMT
via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 1744
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-type: text/html
cache-control: public, max-age=7200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: L8nlNjaCB51nDtaVanOb2Ka23BeW4KGoNLz1iMBByXqsOtJ83KYEyQ==

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

56 KB
19 KB

157ms
55ms

Script
text/javascript

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

d07ed027959f2b890f83ac74f1bf38d0dde75a1d2d41f1971a19f5192239d5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "750 / 149 of 1000 / last-modified: 1610244818"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19002
x-xss-protection: 0
expires: Sun, 10 Jan 2021 16:41:48 GMT

Redirect headers

Date: Sun, 10 Jan 2021 16:25:40 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 966
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Sun, 10 Jan 2021 16:55:40 GMT

GET
H/1.1 200
OK me Show response
ipfind.co/ 366 B
593 B 400ms
375ms XHR
application/json 50.18.199.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Server: 50.18.199.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-199-66.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: fdd61689a68e1ab4e129db1c18a5f7f12ec823ea6c9e74b9875be6b6cdfcc58a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:46 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 241

GET
H/1.1 200
OK pop.js Show response
c1.popads.net/ 31 KB
10 KB 65ms
28ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: http://c1.popads.net/pop.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:46 GMT
Content-Encoding: gzip
X-77-NZT-Ray: oQsAebQhDUo=
X-Edge-POP: frankfurtDE
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
alt-svc: quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
X-77-NZT: AcO1ry+8roTvFDAAAA==
Last-Modified: Sun, 22 Nov 2020 20:51:03 GMT
Server: CDN77-Turbo
ETag: W/"5fbacf37-7a55"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-Edge-IP: 195.181.175.47
X-Age: 12308
Expires: Sun, 10 Jan 2021 17:16:38 GMT

GET
H/1.1 200
OK conf Show response
s.pubmine.com/ 193 B
448 B 108ms
89ms Script
text/javascript 176.34.151.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s.pubmine.com/conf?rid=8491659735302&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&vp=1600x1200&cb=callback__kjrd7997_1
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 176.34.151.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-151-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a66da98aee5576cdb9c1f2061dc1597b8aa8bd1106486afc8178aba1fec85ce0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=utf-8
Content-Length: 193
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 utx Show response
resumersvo.fun/ 0
424 B 182ms
113ms XHR
text/plain 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=aPuQ11jbqwxd&top=daffodil-ruddy-run.glitch.me&tid=822524
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:46 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 1KwAyIDkb9LK_5TuJEZMMoMfxGdPQAFcRE_CHfjycSy9R6cwFKXC1A==

GET
H/1.1 200
OK MkkZCRkxPHMCFyMdNhMeNgkXGjgUSwAJPzQ7AiMwOEp0ChUhEgsZAToKAw4gEisWIBMjSnQKMEA3Iw8GPUsWHW0qNAkCECQvFwk3IiMRHTNWEDIkOgBHBRwmSQkqBDBDFhc
resumersvo.fun/cHpBS1QRGCImaxFHI20hAhZ8bmY2X3MNMEIJIzEjHRkmfjUdCHJlNxwVNC8yAhUvP3oeHzVuZjYzIHgeODcJJB04KS0cBiJCIwIjQTkWHhYJOyp+Gjc+Ey0SMg4RCmYTMxQsEQMcOX4NOBIEHBAYPxYuMzYZAzMZACxxLxo2Ay0fBkEKFAE4IS... Frame 05BD 0
0 150ms
129ms Document
text/html 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/cHpBS1QRGCImaxFHI20hAhZ8bmY2X3MNMEIJIzEjHRkmfjUdCHJlNxwVNC8yAhUvP3oeHzVuZjYzIHgeODcJJB04KS0cBiJCIwIjQTkWHhYJOyp+Gjc+Ey0SMg4RCmYTMxQsEQMcOX4NOBIEHBAYPxYuMzYZAzMZACxxLxo2Ay0fBkEKFAE4ISMXIA4YKAAkETciMS0RIRUnBmVAHwMZNwA8JnMfJAMxLRUxMyQAZTYcFh8GCTIqOxshMiISEgcVEwc4RDUDChEGPBQgJCZJFAoRBy8GAjgIHBYeHQEvEycbITIlLRclTwAvZBgcFh4eQjsCHTUiEmwsEiVKdAowQT8KDCxEExMzbDo9En4RKEsqezcXNA8ZATYCBx48Ei0oMw00HRguDRczdB8/MkkZCRkxPHMCFyMdNhMeNgkXGjgUSwAJPzQ7AiMwOEp0ChUhEgsZAToKAw4gEisWIBMjSnQKMEA3Iw8GPUsWHW0qNAkCECQvFwk3IiMRHTNWEDIkOgBHBRwmSQkqBDBDFhc
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1226
Connection: keep-alive
Date: Sun, 10 Jan 2021 16:41:46 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: bKzmywRMlgqF9hTbAqoQ2mBMD35-dK7t7opWSWFjwhhcRWUmtH-O2Q==

GET
H2 204 utx Show response
resumersvo.fun/ 0
425 B 124ms
124ms XHR
text/plain 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=mmwT2Se7VEfk&top=daffodil-ruddy-run.glitch.me&tid=898034
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:48 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: ZsPkODEnaRXQdAGftK8NNKUF9MJvNEsVUgyEBPnOk4UREM4q1DqxGg==

GET
H/1.1 200
OK IEMAIQ0vFToRfiYyDBANTRsxJyIbTCYyfFs+KCUkXCADBCgHRxE
resumersvo.fun/a3FCSEwKEyElcwpMIG45GR1/bX4tVHAOKFkCIDI7BhIlfS0GA3FmLwceNywqGR4sPGIFFDZtfi0WD3kCISQEDh07MiF6LgASdAQbWgEBJTheKHAdGiQlLW1+LSFyBjknIjIgDRMGKBgYADQDLysIPxRxICwfGyQfPxVyERQPFw8hL1gTAB1+IQ... Frame 850E 0
0 124ms
124ms Document
text/html 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/a3FCSEwKEyElcwpMIG45GR1/bX4tVHAOKFkCIDI7BhIlfS0GA3FmLwceNywqGR4sPGIFFDZtfi0WD3kCISQEDh07MiF6LgASdAQbWgEBJTheKHAdGiQlLW1+LSFyBjknIjIgDRMGKBgYADQDLysIPxRxICwfGyQfPxVyERQPFw8hL1gTAB1+IQsMOw0FJC0GCCY+GHp0ADgUP3gPNXp+GQFFexgYPRUMIShZOwQCOSE1ejobAUkuBRQ6MwQQNE5DABEeMRknECtTJCgJKzsYFCsFKDdzESItQyd6DV8pESs/OzkTChUSIDoFJDEZJxx0AjcvDnkgORMKFVhcKi8IDDssDiE9RQQlCl48EQ4IOwg1JgItNHYBDzlBAxoaUyhwESgyOXt5FRw/dQEmDB0aInUYKCoBGzIpKXADLRZwKgshGRQMFRo+OHwtDx82LwEHAioCJltBBCUJOxAFASgyQyYjFSo/JRJ+MRYEJQpeODgKGiYbMX0oKjQULgslHAofDk5DBCwlOj4YMXwSKyU7NQ4cLiINLDAtEiEIOiN7dFooAzt/IEMAIQ0vFToRfiYyDBANTRsxJyIbTCYyfFs+KCUkXCADBCgHRxE
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1275
Connection: keep-alive
Date: Sun, 10 Jan 2021 16:41:48 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 2trIt4hBZ-OUqk_INJRL2B0E0M__DNer-Nlcu98wAwsXxMn4qXj-5g==

GET
H/1.1 200
OK AQNVXRYoB1NyFjUQf3U9BCNwfX0UBHhZCj8QZXY3AwlhdSEfCncPdxQAfwQqBRRTZSMTBGhhfjAMd3Z6FTF4Rh8WKmBlHzERaAcbNA0BVH4VEH8EDygxZHEZEwRoZSEUH3BxJhYQfwQPYAR3fBYDDnVcDDQfcHEmFAdoBhYoF3JyN38iaHgPFBJVBBg5FFpxPBMBV...
resumersvo.fun/N05SRjFWLDErDlZzMGBERSJvYwNxa2AAVQU9MDxGWi01c1BaPGFoUlshJyJXRSE8Mh9ZKyZjA3EPNh5rcQNjA2ZwHSYQU1ALNA9gAj4DE2cEDAUEZX8KCCVhQBgeCAAHeBMvYEMXOgx1eDQXDX9dPgMLZFx/ Frame 6E21 0
0 145ms
144ms Document
text/html 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/N05SRjFWLDErDlZzMGBERSJvYwNxa2AAVQU9MDxGWi01c1BaPGFoUlshJyJXRSE8Mh9ZKyZjA3EPNh5rcQNjA2ZwHSYQU1ALNA9gAj4DE2cEDAUEZX8KCCVhQBgeCAAHeBMvYEMXOgx1eDQXDX9dPgMLZFx/AQNVXRYoB1NyFjUQf3U9BCNwfX0UBHhZCj8QZXY3AwlhdSEfCncPdxQAfwQqBRRTZSMTBGhhfjAMd3Z6FTF4Rh8WKmBlHzERaAcbNA0BVH4VEH8EDygxZHEZEwRoZSEUH3BxJhYQfwQPYAR3fBYDDnVcDDQfcHEmFAdoBhYoF3JyN38iaHgPFBJVBBg5FFpxPBMBVWYcGhNTeCZiBXpxd2IUS2EpExF0bQYrc2ZTCzYBeFsXKw5ZWz0UK39xCAF3c2cmNRJodgsKEmRhPBN1CHUcYRNwUX4cDmh2CDoEWVQkBy98VBthIgBtCwgEUEAMPBNGeXoQPGRvHwp3Ym4lKgNVUA8lFwF1dhF0UmYcYXdpen4EAFVbKiIUWmV+BBFWESQhKV9HcyAoWkAcOhdyAQMmf1Z4
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1251
Connection: keep-alive
Date: Sun, 10 Jan 2021 16:41:49 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 6E8_Fx-Xj8mYR5EOR32OoIu1B0WGw5jBg-9qN4fsxxQzdPC2oKHlbw==

GET
H2 204 utx Show response
resumersvo.fun/ 0
421 B 117ms
117ms XHR
text/plain 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=KT0fIaf1qUsH&top=daffodil-ruddy-run.glitch.me&tid=889494
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:48 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 010ZBxKTaPr9ois-7fqsHUlYhAmp3j51qe1r5fhAapuBSUso3D4Wsg==

GET
H/1.1 200
OK EA
resumersvo.fun/b29LZ3oODSgKRQ5SKUEPHQN2QkgpSnkhHl0cKR0NAgwsUhsCHXhJGQMAPgMcHQAlE1QBCj9CSCk+LgwCADV7CCAmGBIlHj5bJyM8HxYaCSwMNyVSGSUHOC4wLh8zLx02AxsfTgMlCCZNLD0kFhkIW3wzEiIYAwk8NT4YPhgmCHIGGC1XIiRLH1... Frame CFDD 0
0 153ms
130ms Document
text/html 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/b29LZ3oODSgKRQ5SKUEPHQN2QkgpSnkhHl0cKR0NAgwsUhsCHXhJGQMAPgMcHQAlE1QBCj9CSCk+LgwCADV7CCAmGBIlHj5bJyM8HxYaCSwMNyVSGSUHOC4wLh8zLx02AxsfTgMlCCZNLD0kFhkIW3wzEiIYAwk8NT4YPhgmCHIGGC1XIiRLH1gTJEoiLRMDNQ4HPD8wPSkzJQ0YHQ0dHSkuMjYcJgR/NDFfDCMlAl8FDQ47JT4lAEIKOhE/GF8HczY7AB0MNC8oKjIyMCUqejI5KVZuVTg4Ln8MPgYEDjYUByQCNhEqDXsPQi0XGREpJxgaNhQHJC0xVwhbLldOOzceUgw8JzwtPBUAHCwoVywAJT8DJw4tTj8nJwUvKD0BAhFeOS4LMwEuCSoUKQInBjAoVgIBOz4gAjVDHzgnBA4nFnMjOSghLQEWCCoCAB0FLRotDDwuOzYsKD0APhYXOC4MFgY3Jz0MPCc8BTgGGCk3HSksLiMCWjh6JRE8NzsoPwELBCw7Hz4oDw5KXQ0yLDlaGDRLCjoTKTkKCHowGQdbPjA8PVoDCSgNORMUGQs+bQ0JAAE7WgwOAA41NywFCiIIIlc/EA
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1270
Connection: keep-alive
Date: Sun, 10 Jan 2021 16:41:49 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: xuUyQCHtrGKwbwX9ysPRg23tovFVydXVT2SvdYLPFDhYitN1vQSY3A==

GET
H2 200 login.php
www.facebook.com/ 0
0 234ms
232ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 112ms
91ms Image
text/html 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 83ms
63ms Image
text/html 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK ads-priv.php Show response
syndication.exosrv.com/ 0
314 B 67ms
48ms Script
text/html 95.211.229.246
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exosrv.com/ads-priv.php?i=0
Requested by: Host: a.exosrv.com
URL: https://a.exosrv.com/popunder1000.js
Protocol: HTTP/1.1
Server: 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:48 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 utx Show response
resumersvo.fun/ 0
423 B 112ms
112ms XHR
text/plain 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=StDtvMYAZ2oD&top=daffodil-ruddy-run.glitch.me&tid=737329
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:48 GMT
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 47v7h2ODANbSxivogMwQ6VOfZKiW7-z5IOWOrw5cDTQRzg18h2hXtw==

GET
H/1.1 200
OK AA9bB1g+czQ0XjQjBA0IPQk6bBxiCQQCaBYqDGxTGR03JXUTDlUQYWAHODh8FBI6YFU0DiQsXAQoFRQKMzg7EkoXLSphQAoKKGddBx5RF2EzOy8CcBgtITlLCRo4cAsSAFA6Hzo4DTtJbRMaNlYAEQsBACYRAQ9zZn4
resumersvo.fun/UEtiVTkxKQE4BjF2AHNMIidfcAsWblATXTo9W2xKKCQTJU9hekw2VT8+BjNLPyUWe1c1P0dnfxEfUmRtBSEzJnA6e1IWQyMgLGcBFC0qJV4JClMlcykKWwJTaTwhLEkIAiBlcx95IGd2JyAaN14GfDg7axEFMTlMCTMrP3UUe1MWbjskMgF8Gi... Frame D874 0
0 154ms
115ms Document
text/html 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/UEtiVTkxKQE4BjF2AHNMIidfcAsWblATXTo9W2xKKCQTJU9hekw2VT8+BjNLPyUWe1c1P0dnfxEfUmRtBSEzJnA6e1IWQyMgLGcBFC0qJV4JClMlcykKWwJTaTwhLEkIAiBlcx95IGd2JyAaN14GfDg7axEFMTlMCTMrP3UUe1MWbjskMgF8Gi0PJkAeJzgsXAgeDwd6ESYAPwA2AAgmUAANAT1pEztSBGplPDI/CB8BCxAcYg0vLX9pCFAPARIMEnALFhJRJWMcIlZjaRUKBQVTJHggIgg/EjUfXRkfCWdpOA1bM21kMTRnSXV5JAxDYQMDOwA6AAoTADYcTx9QMXhXYH0XKAY0V2khL2VodXkkHG0JJzcGCT0ECwxrNhoWOGABBQozVAZ4IDsAPAQmJXgZIiRnYBgvEzMLHW5QF2EDGg0xVBEOKRZeJwQ0IVQxDCQ8bykoR2d/AA9bB1g+czQ0XjQjBA0IPQk6bBxiCQQCaBYqDGxTGR03JXUTDlUQYWAHODh8FBI6YFU0DiQsXAQoFRQKMzg7EkoXLSphQAoKKGddBx5RF2EzOy8CcBgtITlLCRo4cAsSAFA6Hzo4DTtJbRMaNlYAEQsBACYRAQ9zZn4
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1275
Connection: keep-alive
Date: Sun, 10 Jan 2021 16:41:49 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: d2FzHTPvNzs7KpRUZAijeYh3GWxvMQi1cM-ApPAbit1jEVdQ4tDQBw==

GET
H/1.1 200
OK UVRGIxtnc0QINWNrMhB5Rn0lUQl+Cy0iAF5vRgo1c1w1KgREYTIjDHlQPggbZ3NEJQxCbyYHLgVhMiMMVlc6BBxnaC4NIXBvJgcuW3omKC57UyYKCFoUBBwDA0E0JyN4TiMFeHZaIDMBY38QGgZFCRMhCnhBOAUbcV0OURx1QSEALmdSLy8eY1YxBSFkXS8kLHV4P...
resumersvo.fun/aU0yOXcIL1FUSAhwUB8CGyEPHEUvaAB/EwM7CwAEESJDSQFYfBxaGwY4Vl8FBiNGFxkMORcLMSwoansAO31/WD8ReVpfNlkXdHEHWR5ZXTMNBXxfMA4AXXUmBQN5aEM6CGZgFAoMXXMmAiZ1XRtRCHFQOUx/cGoxMC54UEcMGWRgHiUfQncmPg... Frame 78BE 0
0 152ms
114ms Document
text/html 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/aU0yOXcIL1FUSAhwUB8CGyEPHEUvaAB/EwM7CwAEESJDSQFYfBxaGwY4Vl8FBiNGFxkMORcLMSwoansAO31/WD8ReVpfNlkXdHEHWR5ZXTMNBXxfMA4AXXUmBQN5aEM6CGZgFAoMXXMmAiZ1XRtRCHFQOUx/cGoxMC54UEcMGWRgHiUfQncmPghbcSUjA1ELIiQIZwkGJQx/Yz8qPlthMiB/UVRGIxtnc0QINWNrMhB5Rn0lUQl+Cy0iAF5vRgo1c1w1KgREYTIjDHlQPggbZ3NEJQxCbyYHLgVhMiMMVlc6BBxnaC4NIXBvJgcuW3omKC57UyYKCFoUBBwDA0E0JyN4TiMFeHZaIDMBY38QGgZFCRMhCnhBOAUbcV0OURx1QSEALmdSLy8eY1YxBSFkXS8kLHV4PgYBWkEhOCp0DiQFeHNYLw0EY3w5GSlnUSE4I1FOMCsUYHckGS5jUy0QLncMEjh+dFUzLHx3cA4vAmF7MVkoWU0zODRoCCNZIXtaJDMEYXsmBS4CSTMvBQtOJFkIZV8QTydBVhkZcGtwJgELXg4+GX8LeEI
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1248
Connection: keep-alive
Date: Sun, 10 Jan 2021 16:41:49 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: gfaP59jxaUYZeEBq37hcUXdlkXvcoO9q6KyMzHe6Se7ONGOkbuoKpQ==

GET
H2

200

link-converter.min.js Show response
cdn.shorte.st/
Redirect Chain

http://cdn.shorte.st/link-converter.min.js
https://cdn.shorte.st/link-converter.min.js

116 KB
43 KB

82ms
66ms

Script
application/javascript

2606:4700:20::681a:46b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/link-converter.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3076
cf-request-id: 078ec5f6b6000005e9bc90f000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-1d196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BuAqAswclKCuU0rAktcDN%2FfMMnPe%2BcrD%2FJg8tmfyYuoI5Fzv5RBIPFlI7L01xdUXpEmrC82OdJebNiVSplfG6JOc%2FBSZO26RejFkGFUSIhydCKaCDyvfBObu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-id: shn13
cache-control: max-age=14400
cf-ray: 60f7d9045f3a05e9-FRA
expires: Sun, 10 Jan 2021 16:50:33 GMT

Redirect headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 889
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8XFqg%2BtbXJhiW0jpDNHJtrrhdtLDX3XRVc2wmld%2FP4R14xOEmWZK3Q%2FVGvwidVLwLSNPPvfaXj9tesMDc8%2FZvYjn3E81KkbrU2YHytTIPWdF24Duonu1oBbv"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.shorte.st/link-converter.min.js
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 60f7d9013bdf64d9-FRA
Content-Length: 0
cf-request-id: 078ec5f4c9000064d96a3c0000000001

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 6308 0
0 49ms
48ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1

200
OK

cm
ws-na.assoc-amazon.com/widgets/ Frame 7107
Redirect Chain

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

0
0

528ms
130ms

Document
text/html

52.46.131.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: ws-na.assoc-amazon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset: UTF-8
Access-Control-Allow-Origin: *
Vary: User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 360
Connection: keep-alive
x-amz-rid: B5SX7N7CSZH3J2ADKHK4
Location: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent

GET
H/1.1 200
OK 1120283
ad.a-ads.com/ Frame 1547 0
0 86ms
55ms Document
text/html 5.9.10.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1120283?size=120x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.165.10.9.5.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 0
330 B 362ms
343ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=60949239523084&DIF=2
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Len: 0
Date: Sunday, 10-Jan-2021 16:41:49 GMT
Cache-Control: no-store
Last-Modified: Saturday, 11-Jan-2020 16:41:49 GMT
CONNECTION: Close
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame 748D 0
0 352ms
322ms Document
text/html 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=787871184075346&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=787871184075346&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bdv.bidvertiser.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Sunday, 10-Jan-2021 16:41:49 GMT
Cache-Control: no-store
Last-Modified: Saturday, 11-Jan-2020 16:41:49 GMT
Set-Cookie: bdv_c1p=235; domain=.bidvertiser.com; path=/; expires=Mon, 11-Jan-2021 16:41:49 GMT bdv_c1p=1_1_1; domain=.bidvertiser.com; path=/; expires=Mon, 11-Jan-2021 16:41:49 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5917
CONNECTION: Close

GET
H/1.1 200
OK CKYD553E.json Show response
srv.buysellads.com/ads/ 2 KB
1 KB 82ms
62ms XHR
application/json 68.183.0.10
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://srv.buysellads.com/ads/CKYD553E.json?segment=placement:eefiojre9hugu9rgtrtfrg
Requested by: Host: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Server: 68.183.0.10 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: //srv.buysellads.com /
Resource Hash: b8959686cc46acb8404316e1630868aee3bdd8b6f51c49e013f5d99b764c2313

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 971

GET
H2

200

adskeeper.uk.16162.js Show response
jsc.adskeeper.co.uk/a/d/
Redirect Chain

http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=12100174149
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=12100174149

201 KB
56 KB

169ms
78ms

Script
text/javascript

104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=12100174149
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 4087
cf-polished: origSize=205752
last-modified: Thu, 10 Dec 2020 12:15:05 GMT
x-amz-request-id: 67B4CE338891AC5D
x-amz-id-2: xlHuzqJFNi+JtS/vL+yFeRHCqKbOGbnVqCi8xFPjhKJRggs5+cWhzTe3G3/2C0hPaSyAm81v/Sc=
cf-bgj: minify
server: cloudflare
etag: W/"2b75edd098a9c576d71b01ee14cc45d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-request-id: 078ec5f7130000735fe1b22000000001
cf-ray: 60f7d904e962735f-CPH
expires: Sun, 10 Jan 2021 20:41:49 GMT

Redirect headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=12100174149
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60f7d9018c64d8a5-CPH
cf-request-id: 078ec5f4f20000d8a57fa9e000000001
Expires: Sun, 10 Jan 2021 17:41:49 GMT

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5

35 KB
13 KB

147ms
146ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 5504976a030e043cdf74d4188d228864d69318778a28770baa89568e1bd591a5

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=93920_153711_2&pause=5
Date: Sun, 10 Jan 2021 16:41:49 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 178
Content-Type: text/html

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 91ms
77ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jan 2021 16:41:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 1F2B 0
0 8ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 10 Jan 2021 09:58:13 GMT
expires: Sun, 24 Jan 2021 09:58:13 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 24216
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p405661.mycdn.co/banners/script/ 176 KB
53 KB 89ms
57ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p405661.clksite.com
URL: http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:49 GMT

GET
H/1.1 200
OK CKYICKQI.json Show response
srv.carbonads.net/ads/ 1 KB
969 B 162ms
71ms Script
application/javascript 68.183.0.10
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYICKQI.json?segment=placement:dsawrewreafera&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.0.10 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: //srv.buysellads.com /
Resource Hash: 882787a0442650a7bc84fbf8c572e553816c8cd2e03207de179ebc912b8ac611

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 730
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p93920.mycdn.co/banners/script/ 176 KB
53 KB 87ms
54ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p93920.clksite.com
URL: http://p93920.clksite.com/adServe/banners?tid=93920_153711_0
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:49 GMT

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 22ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1341858
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1309
cf-request-id: 078ec5f5ce0000c29f83a54000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o0b%2BDucbRWXJ4mnGzRxWiQRU%2BuA55ix4jeNlz14FAUuqqLktqpFsFYRvZVspLkkjiD3Mn0Qt4w47dhaJC2IvjRXLBPN4LE8aPveU5FnJq5mA5miXsE6u4yKORZNFaETFlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 60f7d902eed9c29f-FRA
expires: Fri, 31 Dec 2021 16:41:49 GMT

GET
H/1.1 200
OK loader.js Show response
config.seedtag.com/ 39 KB
12 KB 75ms
54ms Script
application/javascript 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/loader.js?v=0.601045859022612
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.18.134.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2911940a4342d3eb49a3a3c64508eef9f408a8b52b08ee3fb73f8386454674

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 9889
Connection: keep-alive
Content-Length: 11829
cf-request-id: 078ec5f5ea000010b15f3b8000000001
Last-Modified: Fri, 08 Jan 2021 13:55:45 GMT
Server: cloudflare
ETag: "d82cc2e98b9e5f78da7d5345c80daa56"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=1200
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 60f7d903096510b1-CPH
Expires: Sun, 10 Jan 2021 17:01:49 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 369 KB
94 KB 152ms
51ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
last-modified: Wed, 30 Dec 2020 19:28:34 GMT
etag: "5fd23012-17727"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96039
expires: Sun, 10 Jan 2021 17:41:49 GMT

GET
DATA 200
OK truncated
/ Frame 16F6 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 47ms
46ms Other
text/plain 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 46ms
45ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 114c2d1e0423f0c1240b033801d999a0
Date: Sun, 10 Jan 2021 16:41:49 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 823F 0
0 81ms
30ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: VertaMedia 1.0
Date: Sun, 10 Jan 2021 16:41:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 657
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 ata.js Show response
c0.pubmine.com/2.19.01600444727688/ 194 KB
52 KB 101ms
37ms Script
application/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.19.01600444727688/ata.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

115ed11fb9457bb897579d4be870323771379eda1d31ffa4337da93659bcc73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 16:00:58 GMT
server: nginx
x-amz-cf-pop: AMS54-C1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000

GET
H2 204 TDVjY1BjCgAQbRtwMScHGVkTAD4WXS8nJHRWCRNpLQYtUzIiWQxFJCVRXlRjewZRWnY8XAdeYWpGFwIkOUZeUGB8BEUKPipaXlNgfAVFFW19G1BXfn0MTVt2OEUCBG19ExMXJCAIUlVhfAdaVWl8DFBUaQ
yiatelychur.top/ 0
212 B 210ms
129ms Image
text/plain 13.224.194.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yiatelychur.top/TDVjY1BjCgAQbRtwMScHGVkTAD4WXS8nJHRWCRNpLQYtUzIiWQxFJCVRXlRjewZRWnY8XAdeYWpGFwIkOUZeUGB8BEUKPipaXlNgfAVFFW19G1BXfn0MTVt2OEUCBG19ExMXJCAIUlVhfAdaVWl8DFBUaQ
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-15.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Jan 2021 16:41:49 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: lWUVvjrY8bYFNKF2C7WMH0P5vxh_O2Lcv7293KrG_f0HV2QWw8Hc8A==
x-cache: Miss from cloudfront

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 745E 0
0 160ms
88ms Document
text/html 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1610289244.87431"
last-modified: Sun, 10 Jan 2021 14:24:32 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 10 Jan 2021 16:41:49 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1610296909~rv=14~id=686830901873d36525217fbda505fedd; path=/; Expires=Sun, 10 Jan 2021 16:41:49 GMT; Secure; SameSite=None

GET
H/1.1 200
OK ZGFmZm9kaWwtcnVkZHktcnVuLmdsaXRjaC5tZQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 553ms
478ms XHR
application/json 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/ZGFmZm9kaWwtcnVkZHktcnVuLmdsaXRjaC5tZQ==
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: db3005238664ed1390f756fb5fec282e
Content-Length: 16
Expires: Mon, 11 Jan 2021 04:41:49 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 288ms
33ms Image
image/gif 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.05276755885178
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 09 Feb 2021 16:41:49 GMT

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 155ms
155ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_sticky_refresh.js?v31
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Last-Modified: Mon, 02 Nov 2020 17:46:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fa045ed-d42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3394

GET
H3-Q050 200 pubads_impl_2021010702.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 181ms
83ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010702.js?21069764

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

8b2e3c865abcb065fcea67bfdcaf3f1a014a36f3e58c281b24d5e58da51aed15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 20:41:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98920
x-xss-protection: 0
expires: Sun, 10 Jan 2021 16:41:49 GMT

GET
H2 200 1610041682-Native_Ads_icon_80x80_01_1_.png
cdn4.buysellads.net/uu/1/82455/ 1 KB
2 KB 123ms
31ms Image
image/png 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/82455/1610041682-Native_Ads_icon_80x80_01_1_.png
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6709e8f6509a8ddc6c8bfd3ddf61fe3a3b58ac5e9e5c66fcf0a5dc49eaf0fd1b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
last-modified: Thu, 07 Jan 2021 17:48:04 GMT
server: NetDNA-cache/2.2
x-amz-request-id: FC58C35E3B387D10
etag: "af4cf14bf80e2d12f35f7f086c0aa174"
x-cache: HIT
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 1352
x-amz-id-2: 1QbIQ2SqGpujlM4qUgO5kmW1kBa9pPCLrBr4uIUFpJAi6Km8DvGxOieL7G8EpsiUteyO7WVvNqg=
expires: Wed, 05 Jan 2022 16:41:49 GMT

GET
H2 200 / Show response
c.adsco.re/ 51 KB
12 KB 50ms
16ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daec5c7215c14c6d0e55c9323c8e31512e3fdf7aef7ab79069c57072facbf7fc

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 60022
etag: W/"bGduLCGTqZ9NaNWZvT1hCw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
cf-ray: 60f7d904fc7cdfd7-FRA
link: <//6.adsco.re/>;rel=prefetch;as=fetch,<//4.adsco.re/>;rel=prefetch;as=fetch,<//adsco.re/p>;rel=prefetch;as=fetch
cf-request-id: 078ec5f71c0000dfd7632e4000000001
expires: Wed, 10 Feb 2021 16:41:49 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 02:44:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 482251
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Wed, 05 Jan 2022 02:44:18 GMT

GET
H2 200 1542656909-explore-themes-2.jpg
cdn4.buysellads.net/uu/1/23814/ 25 KB
25 KB 51ms
51ms Image
image/jpeg 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/23814/1542656909-explore-themes-2.jpg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 192e49a8d791354fa0e62f05a4f046dc04e39893079f1cf69d3ab3864e2fb686

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
last-modified: Mon, 19 Nov 2018 19:48:31 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 68448E060C397A7E
etag: "577ca19a88015bef792c6d5cadbc440d"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 25458
x-amz-id-2: mnUFhUs22Gt3yB21ACoUXFpzZlqhJmn40px7N7rFLUohzNRw/6LcFpvuKJtX/GFlDQTvl4KbNKY=
expires: Wed, 05 Jan 2022 16:41:49 GMT

GET
H2 200 st_0.js Show response
config.seedtag.com/v/1025/loader/ 39 KB
12 KB 92ms
40ms Script
application/javascript 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/v/1025/loader/st_0.js?cachebuster=1610296909681
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.601045859022612
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.134.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df0f27e6ac9d1127463c13a9fa85b97aad5c291b9b9edf392e7a3ddfba8ee7b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 2472
cf-request-id: 078ec5f7ad000010ebff3e5000000001
last-modified: Mon, 14 Dec 2020 14:07:53 GMT
server: cloudflare
etag: W/"9619d5ee6707f5170b06da004c57d55c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 60f7d905eeb410eb-CPH
expires: Sun, 10 Jan 2021 17:01:49 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 490ms
121ms XHR
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1610296909696&sessionId=f7273ebe-a47f-9e05-0cd3-19e4b3049216&url=daffodil-ruddy-run.glitch.me&cheqSource=1&cheqEvent=0&exitReason=1
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:50 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d0039dfaa6316cd63eb33641718f31f9
Content-Length: 4
Expires: 0

GET
H2 200 /
6.adsco.re/ 0
255 B 33ms
18ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 60f7d906b8f5dfd7-FRA
access-control-allow-headers: Content-Type
cf-request-id: 078ec5f8360000dfd75e196000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
440 B 235ms
77ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK p
adsco.re/ 0
323 B 214ms
69ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H2 200 1 Show response
servicer.adskeeper.com/1056221/ 2 KB
2 KB 112ms
111ms Script
application/x-javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1056221/1?w=1584&h=90&cols=3&pv=5&cbuster=1610296909709195238180&uniqId=01e77&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&lu=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pageView=1&pvid=176ed2cdf8eae29a9b5&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc18cebf9ec696c9ee88f9093fb06c46f1d08f51a81e8422d947dff801e78e0c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60f7d905a8992bb9-FRA
cf-request-id: 078ec5f78e00002bb9cea28000000001

GET
H/1.1 200
OK pixel
s.pubmine.com/ 43 B
276 B 52ms
52ms Image
image/gif 176.34.151.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.pubmine.com/pixel?id=15&type=img
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 176.34.151.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-151-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

1 Show response
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Af...

186 B
316 B

46ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174149%3Aet%3A1610296910%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A82475799041%3Arqn%3A1%3Arn%3A559701751%3Ahid%3A212402610%3Ads%3A9%2C17%2C258%2C107%2C0%2C0%2C0%2C3912%2C100%2C%2C%2C%2C4201%3Afp%3A301%3Awn%3A8806%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296910%3Au%3A1610296910497280092%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 10-Jan-2021 16:41:50 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:41:50 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:49 GMT
last-modified: Sun, 10-Jan-2021 16:41:49 GMT
location: /watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174149%3Aet%3A1610296910%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A82475799041%3Arqn%3A1%3Arn%3A559701751%3Ahid%3A212402610%3Ads%3A9%2C17%2C258%2C107%2C0%2C0%2C0%2C3912%2C100%2C%2C%2C%2C4201%3Afp%3A301%3Awn%3A8806%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296910%3Au%3A1610296910497280092%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:41:49 GMT

GET
H/1.1 200
OK it-ui-comp-17.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 38ms
37ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-17.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5df7"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:49 GMT

GET
H/1.1 200
OK it-ui-comp-6.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 38ms
37ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5da0"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:49 GMT

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame C6B0 10 KB
10 KB 154ms
149ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 41e15b4366bb05b811306dc171440cca2fcf4b30daa852d87a133302af1953bb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:50 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
BLOB 200
OK 9adccc44-8dc4-468a-b06a-a1d95729f7d4
http://daffodil-ruddy-run.glitch.me/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://daffodil-ruddy-run.glitch.me/9adccc44-8dc4-468a-b06a-a1d95729f7d4
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 1567
Content-Type: text/javascript

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
184 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
last-modified: Wed, 30 Dec 2020 19:28:30 GMT
etag: "5feccf70-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 10 Jan 2021 17:41:50 GMT

GET
H/1.1 200
OK / Show response
4.adsco.re/ 46 B
474 B 168ms
129ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: d0f0833303c0b76784f9154233676698e456f56a40b2b764f43d85c4eae522c2

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
601 B 35ms
28ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Server: cloudflare
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 60f7d907bc4d4a92-FRA
Access-Control-Allow-Headers: Content-Type
cf-request-id: 078ec5f8d000004a92abade000000001

GET
H/1.1 200
OK / Show response
i45mnsbygvkw.l.adsco.re/ 0
464 B 198ms
50ms XHR
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://i45mnsbygvkw.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK / Show response
i45mnsbygvkw.n.adsco.re/ 0
464 B 471ms
123ms XHR
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://i45mnsbygvkw.n.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET /
i45mnsbygvkw.s.adsco.re/ 0
0

GET
H/1.1 200
OK /
c.adsco.re/ Frame B601 0
0 99ms
18ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;as=fetch,<//4.adsco.re/>;rel=prefetch;as=fetch,<//adsco.re/p>;rel=prefetch;as=fetch
Expires: Wed, 10 Feb 2021 16:41:50 GMT
ETag: W/"bGduLCGTqZ9NaNWZvT1hCw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 60022
cf-request-id: 078ec5f92b00002c4abd29a000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 60f7d9084faa2c4a-FRA

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 860 B
1 KB 306ms
285ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=93920_153711_0&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DBANNER%26evp%3Du6geJV4sLGssf3Ed1Ye_KfbWwvziNp_1nDHhmKrMWGNhlnPH82fwK3yVHVOdUSfM%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCt536gul2pcq
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 439be6ee27c2379f767b58d89665a65a9c57eadcce46c73125c34567baa00c5e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 119ms
119ms XHR
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1610296910526&sessionId=f7273ebe-a47f-9e05-0cd3-19e4b3049216&url=daffodil-ruddy-run.glitch.me&cheqSource=1&cheqEvent=3&responseTime=1121
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:50 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e62b414e8755bc15c622b77a4c6a256b
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK bounce-tag_80.2-1.js Show response
p93920.mycdn.co/banners/bounce/ 48 KB
18 KB 35ms
35ms Script
application/javascript 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-be2b"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:50 GMT

GET
H2 530 /
ssp.zryydi.com/bid/ 0
0 343ms
46ms Script
text/html 104.28.10.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1610296910579
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.28.10.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sh-overlay.css
cdn.shorte.st/css/ 3 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::681a:46b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/css/sh-overlay.css
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2947
cf-request-id: 078ec5faf4000005e9c03d7000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9MXBTkQ41VhouCOFrk0aBvw7b6hVkFo8vEzQ5f2QzMoPYM2PZZ7aHfPkQEONSaL5cQS02Ll%2B3EqkwqlfhNFCSGbbIH4Kzinkyh2rMpnmPFPJsMUiqSwu0zHJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server-id: shn13
cache-control: max-age=14400
cf-ray: 60f7d90b1a6505e9-FRA
expires: Sun, 10 Jan 2021 16:52:43 GMT

OPTIONS
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/ Frame 0
0 3600ms
60ms Other
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Protocol: HTTP/1.1
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Sun, 10 Jan 2021 16:41:54 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn03
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3 Show response
api.shorte.st/start-adsession/ 74 B
844 B 219ms
111ms XHR
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: 4fb757f341e88edb10374e2eb71d3df29cb4c2056c5ec02bfd568babbeb89a49

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sun, 10 Jan 2021 16:41:54 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn11
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
151 B 109ms
101ms Script
application/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?consentData=&gdprApplies=0&cbuster=1610296910630791698795
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:50 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 8b98a7f5-2baa-4221-820e-4b2ad22a7185
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60f7d90b7a7b2bb9-FRA
cf-request-id: 078ec5fb2c00002bb9c2894000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 8343 19 B
288 B 92ms
89ms Script
application/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=161029691063420220873
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:50 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 566ffed3-6cd9-4fd6-9de9-8fb6a49e5787
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 60f7d90b7a802bb9-FRA
cf-request-id: 078ec5fb2c00002bb9ef3ad000000001
server: cloudflare

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 56ms
50ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 1303
x-amz-request-id: 5DD96DF13F216276
x-amz-id-2: hUPByF6+SO2TbcAcWWyoQYRe8qgDMez3FUtjMxt7GLJYHsEKN0s90Re+YbMJUQeYTp4uniqrZ+0=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 078ec5fb420000735ff5a97000000001
cf-ray: 60f7d90b98b5735f-CPH
expires: Sun, 10 Jan 2021 20:41:50 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5L2Q4NjYzZDM0ZjdkOWE3YWEzYWI2MzE2NmVjNTIzYWYzLmpwZWc.webp
s-img.adskeeper.com/g/7891019/492x328/0x0x492x328/ 9 KB
9 KB 24ms
22ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7891019/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5L2Q4NjYzZDM0ZjdkOWE3YWEzYWI2MzE2NmVjNTIzYWYzLmpwZWc.webp?v=1610296909-372wMUfuxAjlxcgc8vXtFQjwibnKPmtb3h16eX3ftAk
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbd021051aa1c7dc15d1d2baf1b0753aeb83ebfb451a11d052413816d3345a4

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Jan 2021 08:08:06 GMT
x-mg-request-uuid: 7bfcae7f-5d71-45c4-980e-74677bb680a7
age: 103185
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 60f7d90b7a8d2bb9-FRA
content-length: 8902
cf-request-id: 078ec5fb2d00002bb9973e1000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzU0NzAxLzQ5MDdhNmRmMWFkYjYyOWQ5ZGU0YzRlOThkNWFiMzFhLmpwZw.webp
s-img.adskeeper.com/g/7806761/492x328/0x0x492x328/ 16 KB
17 KB 23ms
21ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7806761/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzU0NzAxLzQ5MDdhNmRmMWFkYjYyOWQ5ZGU0YzRlOThkNWFiMzFhLmpwZw.webp?v=1610296909-LXVY9czEIMlR5cHiJKDuYlEEK8vAgTk2DQBsqI54PGA
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f057ddc3ba51772f4676ec30fc61376aa92dd14eac79fc572bb30db998fbe714

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Dec 2020 09:59:39 GMT
x-mg-request-uuid: 4e13ab12-648c-43be-9ac2-673427c67cc5
age: 615740
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 60f7d90b7a872bb9-FRA
content-length: 16834
cf-request-id: 078ec5fb2c00002bb9a6051000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDIwLTAxLzI4MDYzNi8xMmFkZDg3NjkzODg2NmE3ZDMxYTlhYmM3OTJiNzczZC5qcGc.webp
s-img.adskeeper.com/g/5095035/492x328/0x0x492x328/ 16 KB
17 KB 15ms
14ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5095035/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDIwLTAxLzI4MDYzNi8xMmFkZDg3NjkzODg2NmE3ZDMxYTlhYmM3OTJiNzczZC5qcGc.webp?v=1610296909-pIbkMHVbhRT6lfl-pe7z3SD3vneUb02XDIZZXmYSKa8
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab7b62eec10f8436af666ec3e69a71e5fa80a42d95be921a89d4e54e8781ea5f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Jan 2021 12:14:56 GMT
x-mg-request-uuid: 65d45cfe-8ec2-4dc1-b222-f22a3fee7674
age: 792185
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 60f7d90b7a832bb9-FRA
content-length: 16870
cf-request-id: 078ec5fb2c00002bb9b011e000000001
server: cloudflare

GET
H2 200 st_0.794896a54ca2b9d4355b.js Show response
config.seedtag.com/v/1025/loader/ 88 KB
26 KB 51ms
50ms Script
application/javascript 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/v/1025/loader/st_0.794896a54ca2b9d4355b.js
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/v/1025/loader/st_0.js?cachebuster=1610296909681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.134.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cdc12003dc13afe1b6ba697c9263d2c56a4e5e1f022652f16b25953ac817097

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 2264
cf-request-id: 078ec5fb3c000010eb04092000000001
last-modified: Mon, 14 Dec 2020 14:07:53 GMT
server: cloudflare
etag: W/"03a75868a3c3b90128e0ebab8cb024d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 60f7d90b9f2910eb-CPH
expires: Sun, 10 Jan 2021 17:01:50 GMT

GET
H2 200 st_3.60e8e9c122be98d8ef4c.js Show response
config.seedtag.com/v/1025/loader/ 360 KB
89 KB 47ms
47ms Script
application/javascript 104.18.134.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/v/1025/loader/st_3.60e8e9c122be98d8ef4c.js
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/v/1025/loader/st_0.js?cachebuster=1610296909681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.134.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10892b76f375f3fb834e8b0e6fc4a2112447da6e4102192b493df6714b59b73

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
content-encoding: br
cf-cache-status: HIT
age: 2264
cf-request-id: 078ec5fb3f000010ebc31e5000000001
last-modified: Mon, 14 Dec 2020 14:07:53 GMT
server: cloudflare
etag: W/"f7ca616b3e0e93d2e710fd2ddbde83f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 60f7d90b9f2c10eb-CPH
expires: Sun, 10 Jan 2021 17:01:50 GMT

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame E098 37 KB
37 KB 187ms
164ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Nov 2020 17:49:07 GMT
server: cloudflare
etag: "5fbbf613-9275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kGY5SmYvPNy0Tte0v791ZHw5XSi5EInQ%2FLxnWOHfeiZilGDv508Vh9pWIADZIRbnIlIYEcnIlm4DSlkc4Z0XZhmYYKI%2FH5F4kmsPuv2bdGw8BLOVq3ZLFNWQSo8sxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 60f7d90bbe0e2b71-FRA
content-length: 37493
cf-request-id: 078ec5fb5900002b71e6ab0000000001
expires: Tue, 12 Jan 2021 16:41:50 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
869 B 166ms
149ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 91c089f0bc1cc847f181f3dd6c8465b92e37ff6fef4a08548d97d4b3ea75a955

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Sun, 10 Jan 2021 16:41:50 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK popunder.gif
yiatelychur.top/ 35 B
501 B 7524ms
140ms Image
image/gif 13.224.194.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yiatelychur.top/popunder.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.224.194.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-15.fra2.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Sun, 10 Jan 2021 16:41:58 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Connection: keep-alive
Content-Length: 58
Via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 84XfowHWI19WGq2-jo_bC2ZiPwPr1VeVxCQ2zWHK9cUpr0sXLwm8nA==

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame E098 87 KB
88 KB 125ms
125ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:50 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0grV%2Fz9xNBMr2V5TqBBVQNkK2boFlgZw59bn0YiYKzb4JMvAg1VD2bmVeUieDmq3BkDYZpQlRG2cn%2FvAB8L%2FxRqU8vl7oj3thjyLADyr4elR%2B73GLExj5aWMQp3lOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 60f7d90cf9342b71-FRA
content-length: 89476
cf-request-id: 078ec5fc1700002b71d0841000000001
expires: Tue, 12 Jan 2021 16:41:50 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame E098 275 KB
84 KB 67ms
49ms Script
text/javascript 104.85.0.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.85.0.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=25595
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Sun, 10 Jan 2021 23:48:25 GMT

GET
H/1.1 200
OK it-banner-frame.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame FD88 2 KB
1 KB 35ms
34ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:50 GMT

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 885 B
1 KB 152ms
152ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=405661_796127_3&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp405661.mycdn.co&bs=6&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DFLOATING_BANNER%26evp%3Du6geJV4sLGssf3Ed1Ye_KfbWwvziNp_1nDHhmKrMWGNhlnPH82fwK3yVHVOdUSfM%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600&pid=405661&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCpcb3bcryz68
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 24580946988609af838d85babe85f0bebcd98d915114ee35c976cc53a06b2ae8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:50 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Keep-Alive: timeout=5
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 timer_down_new_17_en.png
p93920.mycdn.co/ext/onn/ctd/ Frame FD88 11 KB
11 KB 322ms
71ms Image
image/png 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p93920.mycdn.co/ext/onn/ctd/timer_down_new_17_en.png
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e1ca87767e7e2fd4db938b392b409e52cc3cfa5899774ba63d1041c651daa8e8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:51 GMT
last-modified: Wed, 11 Apr 2018 09:18:54 GMT
server: NetDNA-cache/2.2
etag: "5acdd2fe-2b09"
x-cache: HIT
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 11017
expires: Wed, 05 Jan 2022 16:41:51 GMT

GET
H2 200 display.php Show response
www.tradeadexchange.com/a/ 6 KB
2 KB 1275ms
169ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 10 Jan 2021 16:41:52 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame E098
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1
https://mug.criteo.com/sid?cpp=8MlG_Hw5UU1tMUNPS0xJanlKUGVTa1EyRDNwbzFDbmZWaW9GeCtkQW5uOVVON0JyMEgzbU4rTkdPZlJqd3FsVTBMdUhhTTNIMElEamhHRGxCVkZVaTFDUkJFcCtRZVNLNXgyZ3FjN0xqdkFtZTVERGRLenRnOW1WVndUaF...

409 B
676 B

383ms
43ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8MlG_Hw5UU1tMUNPS0xJanlKUGVTa1EyRDNwbzFDbmZWaW9GeCtkQW5uOVVON0JyMEgzbU4rTkdPZlJqd3FsVTBMdUhhTTNIMElEamhHRGxCVkZVaTFDUkJFcCtRZVNLNXgyZ3FjN0xqdkFtZTVERGRLenRnOW1WVndUaFQxaUVGMmhQc2pjZTdhRDd5VCtCSTF1NG5SbTl0SzY4R2ZjSHlIQ1V2aitlUWdEa2l0K0FQWTlJMkNrS1RsWTZYNUx4VGduVlpESExNamIvOVBLd3lHaXYwZjgwTHp0dDhZWGpGeWh6UjZwTjFmWmVXWTllb1BWVS9hVE1MMTFFVWlmelJHWHZDfA&cppv=2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2def46db644d5513206ef78f0be798c1f5a7d55df6e27d82acc38639f9cf8598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 10 Jan 2021 16:41:50 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1128
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 10 Jan 2021 16:41:50 GMT
location: https://mug.criteo.com/sid?cpp=8MlG_Hw5UU1tMUNPS0xJanlKUGVTa1EyRDNwbzFDbmZWaW9GeCtkQW5uOVVON0JyMEgzbU4rTkdPZlJqd3FsVTBMdUhhTTNIMElEamhHRGxCVkZVaTFDUkJFcCtRZVNLNXgyZ3FjN0xqdkFtZTVERGRLenRnOW1WVndUaFQxaUVGMmhQc2pjZTdhRDd5VCtCSTF1NG5SbTl0SzY4R2ZjSHlIQ1V2aitlUWdEa2l0K0FQWTlJMkNrS1RsWTZYNUx4VGduVlpESExNamIvOVBLd3lHaXYwZjgwTHp0dDhZWGpGeWh6UjZwTjFmWmVXWTllb1BWVS9hVE1MMTFFVWlmelJHWHZDfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 959
content-length: 509
expires: 0

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame E098 55 KB
19 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3af7490cec130b4e0206fd3287678e799a03a52ee76f57148d50a01b9fb67f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "750 / 72 of 1000 / last-modified: 1610244757"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18984
X-XSS-Protection: 0
Expires: Sun, 10 Jan 2021 16:41:51 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame E098 331 KB
332 KB 134ms
133ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:51 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e5j%2BysLzccF8Kx30HuN4buJV0eWRU5OOfKQcKE8m2vGxOyAMbiQRolPn4fuQRs1%2B8W3Tssm5Ee92fC98gq8uCNXzYfWxKYUwN0YPhE%2BmTLSxpDk8ILQqvy6BB0Idnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 60f7d90dfc1a2b71-FRA
content-length: 338715
cf-request-id: 078ec5fcb900002b71b2950000000001
expires: Tue, 12 Jan 2021 16:41:51 GMT

GET
H/1.1 200
OK it-banner-frame.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ Frame E437 2 KB
1 KB 32ms
32ms Stylesheet
text/css 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 05 Jan 2022 16:41:51 GMT

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E098 274 KB
97 KB 53ms
53ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Sun, 10 Jan 2021 16:41:51 GMT

GET
H/1.1 200
OK c Show response
serve.popads.net/ 0
272 B 177ms
157ms Script
application/javascript 216.21.13.16
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://serve.popads.net/c?_=BAoAX_suTgFf-y5OgAGBAsAAID7vL6awRZjDs3ezYwqjuXqzBueQ30bIS4trfKs5Pf8HwQBHMEUCIFsYsNggynLTnyvoDBm1V89yurJQlfMq-gZiHNGiUCjBAiEA0OKSX6oO7xunrXlennqp_U-uRllVX8hkiAfq3L8nT4bCACAB9Jj2guu7bcxeFlXMZCh4ZfiKTy7vu2WZiAgMPEBMKcQAECoBBPgBklQUAAAAAAAAAALFABBERox_LksyhSpGPPljG1bJwwBHMEUCIQC68R8a1WdvWLYLYr6Yaw47divfaNq3QrfshV6VH8KYNgIgSmrXWei6exWaNwAVD8oS0hOI00zjuloHgPO9JzrUxQk&v=4&siteId=1&minBid=&popundersPerIP=67,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: HTTP/1.1
Server: 216.21.13.16 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:51 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Sun, 17 Jan 2021 16:41:51 GMT

GET
H2 200 gen_6x.png
p405661.mycdn.co/ext/onn/floating/ Frame E437 8 KB
8 KB 113ms
40ms Image
image/png 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p405661.mycdn.co/ext/onn/floating/gen_6x.png
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6cf20199950a0a467226ba745aa8b262cd002306cf1360b7af6693f218c9813d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:51 GMT
last-modified: Mon, 05 Feb 2018 08:26:33 GMT
server: NetDNA-cache/2.2
etag: "5a781539-1fab"
x-cache: HIT
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 8107
expires: Wed, 05 Jan 2022 16:41:51 GMT

GET
H/1.1 200
OK top-close-2.png
p405661.mycdn.co/img/new-comp/ 1 KB
1 KB 39ms
39ms Image
image/png 94.31.29.128
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p405661.mycdn.co/img/new-comp/top-close-2.png
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.128.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9

Request headers

Referer: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:52 GMT
Last-Modified: Mon, 14 Nov 2016 16:34:57 GMT
Server: NetDNA-cache/2.2
ETag: "5829e7b1-464"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1124
Expires: Wed, 05 Jan 2022 16:41:52 GMT

GET
H2 200 display.php Show response
www.tradeadexchange.com/ad/ 62 KB
13 KB 287ms
286ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/ad/display.php?stamat=m%7CEqdjY3djaQdHkAH0dEdHP3xP.b10%2C2t5FkDDYpjxJXsMWHSh7wBG6VAx_Q9TxSSvYJWOcEw4dSpf7D6GmDmyZSIE8TU3Rf5JfCV5UIoLDL7XypVKwg-FjfCltSEkn7hJbpfh2SXkWpx7cxTFor-Pw5rOWUi3bakgeDt_H4Ls0EESx1DddAQ%2C%2C&cbrandom=0.3577618674432226&cbtitle=Trying%20to%20reach%20the%20most%20ads%20since%202020&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by: Host: www.tradeadexchange.com
URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 0950bc4fdbeef665a11da6081ecfdcc6dd41da5867e7934913ca38e52ebc0c3b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 16:41:52 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <www.logarithmicframe.com>; rel=dns-prefetch,<www.logarithmicframe.com>; rel=preconnect,<www.tradeadexchange.com>; rel=dns-prefetch,<www.tradeadexchange.com>; rel=preconnect
via: 1.1 google

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 400ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=153210625&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=212402610&wv-part=1&browser-info=ti%3A8%3Aet%3A1610296913%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210110174149%3Abt%3A1%3Ast%3A1610296913%3Au%3A1610296910497280092

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:53 GMT
last-modified: Sun, 10-Jan-2021 16:41:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:41:53 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=32149792&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=212402610&wv-part=1&browser-info=ti%3A8%3Aet%3A1610296911%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210110174149%3Ast%3A1610296913%3Au%3A1610296910497280092

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:53 GMT
last-modified: Sun, 10-Jan-2021 16:41:53 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:41:53 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame E098 0
230 B 111ms
55ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 16:41:53 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET rid
match.adsrvr.org/track/ Frame E098 0
0

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame E098 3 KB
3 KB 361ms
119ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v762
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 16:41:53 GMT
Last-Modified: Mon, 06 Jul 2020 13:30:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f032768-a4e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2638
Expires: Tue, 12 Jan 2021 16:41:53 GMT

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame E098 36 B
652 B 247ms
229ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v762
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 16:41:53 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Tue, 12 Jan 2021 16:41:53 GMT

POST
H2 204 e Show response
s.seedtag.com/e/ 0
296 B 397ms
69ms XHR
text/plain 34.96.106.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/e
Requested by: Host: config.seedtag.com
URL: https://config.seedtag.com/v/1025/loader/st_3.60e8e9c122be98d8ef4c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 16:41:54 GMT
via: 1.1 google
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear

OPTIONS
H/1.1 200
OK 102748362283bddf66e0efe55bf2844c135e0c2c
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ Frame 0
0 65ms
65ms Other
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/102748362283bddf66e0efe55bf2844c135e0c2c
Protocol: HTTP/1.1
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Sun, 10 Jan 2021 16:41:54 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn07
X-UA-Compatible: IE=Edge

GET
H3-Q050

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4942
date: Sun, 10 Jan 2021 15:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 10 Jan 2021 17:19:32 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 102748362283bddf66e0efe55bf2844c135e0c2c Show response
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ 456 B
1 KB 107ms
106ms XHR
text/html 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/102748362283bddf66e0efe55bf2844c135e0c2c
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: e576b9841162211d377d34ee66117ba54d9fd0d3fdce6e3fd9a57151b5fa37f2

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/html

Response headers

Date: Sun, 10 Jan 2021 16:41:54 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn08
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type
X-UA-Compatible: IE=Edge

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
77 B 14ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1372187573&t=pageview&_s=1&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&_u=YEBAAEABAAAAAC~&jid=1989507767&gjid=1192418752&cid=2031020402.1610296914&tid=UA-42296749-1&_gid=1914206120.1610296914&_r=1&_slc=1&z=2094876074

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

promotion-bestseller-special-1308.html
www.gearbest.com/ Frame DA4D
Redirect Chain

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.pro...
https://shorteh.com/afu.php?zoneid=1241630
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=372174833837945445

0
0

425ms
358ms

Document
text/html

104.109.72.141
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=372174833837945445
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.72.141 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-72-141.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /promotion-bestseller-special-1308.html?lkid=45687009&cid=372174833837945445
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
pragma: public
last-modified: Sun, 10 Jan 2021 16:40:48 GMT
gbcdnlang: en
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: HIT
content-encoding: gzip
content-length: 48312
x-edgeconnect-midmile-rtt: 0 0
x-edgeconnect-origin-mex-latency: 208 208
cache-control: public, max-age=60
expires: Sun, 10 Jan 2021 16:42:55 GMT
date: Sun, 10 Jan 2021 16:41:55 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=0449eb2ab95f91664aff8f49d24d6229; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Sun, 10-Jan-2021 17:41:55 GMT; path=/; domain=gearbest.com; secure; HttpOnly

Redirect headers

Server: nginx
Date: Sun, 10 Jan 2021 16:41:54 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: e506cd55e7c4eca5dad37369e1a750c8
Link: <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect" <https://www.gearbest.com>; rel="dns-prefetch preconnect",<https://propeller-tracking.com>; rel="dns-prefetch preconnect"
Referrer-Policy: no-referrer
Location: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=372174833837945445
Set-Cookie: OAID=b2ff220828f8495e809d03bfe5db1495; expires=Mon, 10 Jan 2022 16:41:54 GMT; secure; SameSite=None oaidts=1610296914; expires=Mon, 10 Jan 2022 16:41:54 GMT; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=226822868&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=212402610&wv-part=2&browser-info=ti%3A8%3Aet%3A1610296913%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210110174149%3Abt%3A1%3Ast%3A1610296915%3Au%3A1610296910497280092

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:55 GMT
last-modified: Sun, 10-Jan-2021 16:41:55 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:41:55 GMT

GET
H2 200 multi Show response
resumersvo.fun/ 4 KB
2 KB 119ms
118ms XHR
text/plain 65.9.73.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/multi?tid=898034&red=1&cs=NnRodnAHQl1OFVVMWRRBBhFfQEAG&abt=0&v=1.0.49.2&sm=76&k=&sts=64&prn=0&emb=0&fs=1&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=1&uloc=&if=0&_zFnA=1610296918391&crc=1
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: d93b3b27de22040034efe880ef324f2ddc966fc74b8c2ed883074bfffe6c8f24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:41:58 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1887
via: 1.1 cfe504a64f6a3eed0237f039e09f6185.cloudfront.net (CloudFront)
x-amz-cf-id: ONwKE9N8rYxLQpkF4u4CJI617YqPQ_9HA52hSlkTTeML5tbdR6PoqQ==

GET
DATA 200
OK truncated
/ Frame DE6D 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 44ms
43ms Other
text/plain 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 10 Jan 2021 16:41:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 396ms
307ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a7c0cacb42d77a6810bf8fb500cbbd1e
Date: Sun, 10 Jan 2021 16:41:59 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 6587 0
0 127ms
26ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by: Host: s.aolcdn.com
URL: http://s.aolcdn.com/ads/adswrappermsni.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F716) /
Resource Hash

Request headers

:method: GET
:authority: tag.idsync.analytics.yahoo.com
:scheme: https
:path: /sp-frame.html?referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDSYNC=18z8~1vts; A3=d=AQABBFUu-18CEPZvg5c3LiMvYvi6kOW7ieEFEgEBAQF__F8FYAAAAAAA_SMAAA&S=AQAAAuZwA8MyacXvEtcSBf6BXI0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

content-encoding: gzip
age: 226
content-type: text/html
date: Sun, 10 Jan 2021 16:41:58 GMT
etag: "9fad51d2a83b0a4de3eb75724ba26b2c+gzip"
last-modified: Mon, 23 Mar 2020 22:06:06 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-amz-id-2: ONvAaj5Z17ZZIa1b4XYHF26s3tDVl3VuIo2p583WrrzhwLunjQViZCZnv2qbfD6vlX/NA0HDuZU=
x-amz-request-id: C928A6F5DBE9B9EA
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3087

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 400ms
135ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 59ms
58ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=696493685&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=212402610&wv-part=3&browser-info=ti%3A8%3Aet%3A1610296918%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210110174149%3Abt%3A1%3Ast%3A1610296920%3Au%3A1610296910497280092

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:42:00 GMT
last-modified: Sun, 10-Jan-2021 16:42:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:42:00 GMT

OPTIONS
H/1.1 200
OK 11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/102748362283bddf66e0efe55bf2844c135e0c2c/ Frame 0
0 69ms
68ms Other
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/102748362283bddf66e0efe55bf2844c135e0c2c/11
Protocol: HTTP/1.1
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Sun, 10 Jan 2021 16:42:03 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn11
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 11 Show response
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/102748362283bddf66e0efe55bf2844c135e0c2c/ 15 B
784 B 79ms
78ms XHR
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/102748362283bddf66e0efe55bf2844c135e0c2c/11
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 10 Jan 2021 16:42:03 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn12
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
215 B 13ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1372187573&t=event&_s=2&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&ec=interstitial&ea=callback&el=success&_u=aEBAAEABAAAAAC~&jid=245532735&gjid=252142501&cid=2031020402.1610296914&tid=UA-42296749-1&_gid=1914206120.1610296914&_r=1&z=1242767648

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:42:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%...
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610296905058%3As%3A1600x1200x24%3As...

43 B
71 B

47ms
47ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174204%3Aet%3A1610296925%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A684%3Als%3A82475799041%3Arqn%3A2%3Arn%3A57285836%3Ahid%3A212402610%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C13628%2C13628%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296925%3Au%3A1610296910497280092

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:42:05 GMT
last-modified: Sun, 10-Jan-2021 16:42:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:42:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:42:04 GMT
last-modified: Sun, 10-Jan-2021 16:42:04 GMT
location: /watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610296905058%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210110174204%3Aet%3A1610296925%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A684%3Als%3A82475799041%3Arqn%3A2%3Arn%3A57285836%3Ahid%3A212402610%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C13628%2C13628%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610296925%3Au%3A1610296910497280092
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:42:04 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
192 B 45ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=580821391&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=212402610&wv-part=4&browser-info=ti%3A8%3Aet%3A1610296923%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210110174149%3Abt%3A1%3Ast%3A1610296925%3Au%3A1610296910497280092

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 16:42:05 GMT
last-modified: Sun, 10-Jan-2021 16:42:05 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 10-Jan-2021 16:42:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.webglstats.com
URL: http://cdn.webglstats.com/stat.js

Domain: i45mnsbygvkw.s.adsco.re
URL: https://i45mnsbygvkw.s.adsco.re/

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Verdicts & Comments Add Verdict or Comment

490 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 16:01:28	Name: PugT Value: 1610296918
.pubmatic.com/	1970-01-19 16:01:28	Name: SPugT Value: 1610296918
.pubmatic.com/	1970-01-19 17:27:52	Name: KADUSERCOOKIE Value: 20771EA9-94AA-4C18-AF0E-72D114B4C3A3
.pubmatic.com/	1970-01-19 16:01:28	Name: KRTBCOOKIE_699 Value: 22727-AAKnr06_9l0AAA_K0G_hvg
.pubmatic.com/	1970-01-19 17:27:52	Name: KRTBCOOKIE_466 Value: 16530-1fde2a10-d3eb-44e5-a3da-98807ebe79f0
.pubmatic.com/	1970-01-19 17:27:52	Name: KRTBCOOKIE_377 Value: 6810-4c4a48c3-76aa-4148-98ae-7b3bbf6460f8&KRTB&22918-4c4a48c3-76aa-4148-98ae-7b3bbf6460f8&KRTB&23031-4c4a48c3-76aa-4148-98ae-7b3bbf6460f8
.pubmatic.com/	1970-01-19 16:01:28	Name: KRTBCOOKIE_409 Value: 22966-ouNt3HS6iiGsbrgUwQeBWH_J&KRTB&23212-ouNt3HS6iiGsbrgUwQeBWH_J
.pubmatic.com/	1970-01-19 16:01:28	Name: KRTBCOOKIE_391 Value: 22924-7478939185731027635
.pubmatic.com/	1970-01-19 17:27:52	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 16:01:28	Name: KRTBCOOKIE_1101 Value: 23040-6916172595387758735
.doubleclick.net/	1970-01-19 15:18:17	Name: test_cookie Value: CheckForPermission

62 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 22) Message: triggered on event listener
console-api	log	(Line 1) Message: SDK installer already started
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	log	URL: https://c.adsco.re/(Line 15) Message:
console-api	debug	URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js(Line 1) Message: [object HTMLImageElement]
console-api	warning	URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: http://daffodil-ruddy-run.glitch.me/(Line 106) Message: CMP IS FOUND
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 21) Message: sending ad server request
console-api	warning	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 1) Message: USP is not accessible
console-api	warning	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 1) Message: USP is not accessible
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
a.exosrv.com
accounts.google.com
ad.a-ads.com
ads.pubmatic.com
ads.shorte.st
adsco.re
ajax.googleapis.com
api.rlcdn.com
api.shorte.st
bdv.bidvertiser.com
c.adsco.re
c0.pubmine.com
c1.popads.net
cdn.adskeeper.co.uk
cdn.carbonads.com
cdn.pixfuture.com
cdn.shorte.st
cdn.thisiswaldo.com
cdn.webglstats.com
cdn4.buysellads.net
cdnjs.cloudflare.com
choogeet.net
choupsee.com
clksite.com
cm.adskeeper.com
cms.analytics.yahoo.com
coinpayu.com
config.seedtag.com
d2sbzwmcg5amr3.cloudfront.net
daffodil-ruddy-run.glitch.me
djv99sxoqpv11.cloudfront.net
duetgypsyantis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i45mnsbygvkw.l.adsco.re
i45mnsbygvkw.n.adsco.re
i45mnsbygvkw.s.adsco.re
infopicked.com
ipfind.co
jsc.adskeeper.co.uk
jsc.adskeeper.com
kumteerg.com
log.outbrainimg.com
m.servedby-buysellads.com
match.adsrvr.org
mc.yandex.ru
mellowads.com
mug.criteo.com
my.rtmark.net
onegalact.com
p405661.clksite.com
p405661.mycdn.co
p93920.clksite.com
p93920.mycdn.co
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rcm-na.amazon-adsystem.com
resumersvo.fun
s-img.adskeeper.com
s.adtelligent.com
s.aolcdn.com
s.pubmine.com
s.seedtag.com
seaboblit.com
securepubads.g.doubleclick.net
serve.popads.net
served-by.pixfuture.com
servicer.adskeeper.com
shorteh.com
srv.buysellads.com
srv.carbonads.net
ssp.zryydi.com
stawhoph.com
syndication.exosrv.com
tag.idsync.analytics.yahoo.com
tcheck.outbrainimg.com
waxtamnit.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws-na.assoc-amazon.com
www.facebook.com
www.gearbest.com
www.google-analytics.com
www.googletagservices.com
www.maxonclick.com
www.tradeadexchange.com
yiatelychur.top
cdn.webglstats.com
i45mnsbygvkw.s.adsco.re
match.adsrvr.org
104.109.72.141
104.18.134.145
104.19.133.80
104.28.10.139
104.85.0.200
104.85.1.87
104.85.5.185
108.161.189.78
13.224.194.15
13.224.195.73
139.45.195.210
139.45.195.41
139.45.196.135
139.45.196.140
139.45.196.73
139.45.197.10
152.195.51.15
162.252.214.5
172.255.6.120
172.255.6.140
172.255.6.216
173.192.101.24
176.34.151.72
178.250.0.157
185.200.118.90
192.0.77.38
212.82.100.182
216.21.13.16
216.58.212.130
23.111.10.140
2600:9000:206f:1200:1d:bf0d:abc0:21
2600:9000:206f:9a00:4:164e:ca00:93a1
2600:9000:21f3:9600:9:46dc:4700:93a1
2606:2800:233:af6:eab:2108:1892:6d8
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:20::681a:46b
2606:4700:20::681a:a9c
2606:4700:20::681a:c1a
2606:4700::6810:135e
2606:4700::6810:e633
2606:4700::6811:a7ba
2606:4700::6812:1041
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::200d
2a00:1450:4001:815::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::200a
2a02:2638::1c
2a02:6b8::1:119
2a02:6ea0:c700::2
2a03:2880:f11c:8183:face:b00c:0:25de
2a0c:5c81:5095:0:225:90ff:fefa:245d
34.120.207.148
34.96.106.9
35.190.68.123
35.190.74.92
38.132.109.186
5.9.10.165
50.18.199.66
51.68.161.17
52.46.129.238
52.46.131.85
54.144.253.4
54.241.51.109
65.9.73.96
68.183.0.10
68.183.31.14
70.42.32.63
78.140.188.189
94.31.29.128
94.31.29.32
95.211.229.246
01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532
0641b31d2db6c35cbfec3abfa2c9bcc68b12d89a360516ce036434300d504c74
0950bc4fdbeef665a11da6081ecfdcc6dd41da5867e7934913ca38e52ebc0c3b
0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33
115ed11fb9457bb897579d4be870323771379eda1d31ffa4337da93659bcc73f
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
1697e8fa18fe0b69a030d38bc0b3926ed6d60e57c5dd688c8b47e8ff92c68d6a
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a
192e49a8d791354fa0e62f05a4f046dc04e39893079f1cf69d3ab3864e2fb686
1fefc9a19a4703a9c44f58f5b0c20e535a159538a7f7ea4ac73693f1c9db95a2
24580946988609af838d85babe85f0bebcd98d915114ee35c976cc53a06b2ae8
26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cdc12003dc13afe1b6ba697c9263d2c56a4e5e1f022652f16b25953ac817097
2def46db644d5513206ef78f0be798c1f5a7d55df6e27d82acc38639f9cf8598
2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01
3af7490cec130b4e0206fd3287678e799a03a52ee76f57148d50a01b9fb67f7d
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc
409202db0a453f8e10367e4e738f534c0a12061c8c92fc04002c537845db4b27
41e15b4366bb05b811306dc171440cca2fcf4b30daa852d87a133302af1953bb
439be6ee27c2379f767b58d89665a65a9c57eadcce46c73125c34567baa00c5e
43e106423124c8c69f1ac878e1878c72963587027aa365aa13f4a43168ac7262
46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee
4a91ba238fe6799e5380c4ce3758876a223b8dbda14f148dd35a54d2c1dc8322
4f3535c1ba5b0d1210fd94af9d2bb9d22d66ff8d838b8df061a9a02b55c9d566
4fb757f341e88edb10374e2eb71d3df29cb4c2056c5ec02bfd568babbeb89a49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cc12b8e6fef0d8c4401b7b321261a0d368c2f9e9b73d3a153ed4fa879d0e3e
5504976a030e043cdf74d4188d228864d69318778a28770baa89568e1bd591a5
5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de
5e0a9e9b6a8061cb91728a76e9421f4ccfa71eb1e0e6569e69ac317d272eb712
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6709e8f6509a8ddc6c8bfd3ddf61fe3a3b58ac5e9e5c66fcf0a5dc49eaf0fd1b
698fd453625cdc09bbdbf4b4d71482a4a570697d56823942b8ce595651a0aa32
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf20199950a0a467226ba745aa8b262cd002306cf1360b7af6693f218c9813d
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
7270613b7866c23f006989da8e3d3f5e68e1c184c150805b3ac192d9ce0ec523
7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04
7df0f27e6ac9d1127463c13a9fa85b97aad5c291b9b9edf392e7a3ddfba8ee7b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
882787a0442650a7bc84fbf8c572e553816c8cd2e03207de179ebc912b8ac611
897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec
8b2e3c865abcb065fcea67bfdcaf3f1a014a36f3e58c281b24d5e58da51aed15
91c089f0bc1cc847f181f3dd6c8465b92e37ff6fef4a08548d97d4b3ea75a955
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
95fddf78880041d45ca14979cd85bc1bc6e1ab896fef029842a369946352c060
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a10892b76f375f3fb834e8b0e6fc4a2112447da6e4102192b493df6714b59b73
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a66da98aee5576cdb9c1f2061dc1597b8aa8bd1106486afc8178aba1fec85ce0
a83093a54a6a75a140c2d6acc919a5b554b00157643187e1c0867309f0be16aa
a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568
ab7b62eec10f8436af666ec3e69a71e5fa80a42d95be921a89d4e54e8781ea5f
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474
b3d022ca726902692e0a7aa58d16c2a5035fc75d79bc535ee08c6bc088cdacae
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8959686cc46acb8404316e1630868aee3bdd8b6f51c49e013f5d99b764c2313
bc18cebf9ec696c9ee88f9093fb06c46f1d08f51a81e8422d947dff801e78e0c
bc2911940a4342d3eb49a3a3c64508eef9f408a8b52b08ee3fb73f8386454674
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
cdbd021051aa1c7dc15d1d2baf1b0753aeb83ebfb451a11d052413816d3345a4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07ed027959f2b890f83ac74f1bf38d0dde75a1d2d41f1971a19f5192239d5aa
d0f0833303c0b76784f9154233676698e456f56a40b2b764f43d85c4eae522c2
d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074
d32fe43f75cf01124fc4dd679132975abdb425a78b05cef9338ec992096da717
d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9
d93b3b27de22040034efe880ef324f2ddc966fc74b8c2ed883074bfffe6c8f24
daec5c7215c14c6d0e55c9323c8e31512e3fdf7aef7ab79069c57072facbf7fc
e1ca87767e7e2fd4db938b392b409e52cc3cfa5899774ba63d1041c651daa8e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e576b9841162211d377d34ee66117ba54d9fd0d3fdce6e3fd9a57151b5fa37f2
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b
f057ddc3ba51772f4676ec30fc61376aa92dd14eac79fc572bb30db998fbe714
f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdd61689a68e1ab4e129db1c18a5f7f12ec823ea6c9e74b9875be6b6cdfcc58a
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

daffodil-ruddy-run.glitch.me Open in urlscan Pro 54.144.253.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

167 Requests

59 %HTTPS

32 %IPv6

64 Domains

90 Subdomains

71 IPs

9 Countries

2600 kBTransfer

6530 kBSize

11 Cookies

11 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

daffodil-ruddy-run.glitch.me Open in urlscan Pro
54.144.253.4 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

59 %
HTTPS

32 %
IPv6

64
Domains

90
Subdomains

71
IPs

9
Countries

2600 kB
Transfer

6530 kB
Size

11
Cookies

167 HTTP transactions
3 data transactions