URL: http://daffodil-ruddy-run.glitch.me/
Submission: On December 27 via manual from US

Summary

This website contacted 35 IPs in 6 countries across 35 domains to perform 71 HTTP transactions. The main IP is 3.231.39.129, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is daffodil-ruddy-run.glitch.me.
This is the only time daffodil-ruddy-run.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.231.39.129 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 51.68.161.17 16276 (OVH)
1 172.255.6.133 7979 (SERVERS-COM)
10 139.45.196.201 9002 (RETN-AS)
3 139.45.196.140 9002 (RETN-AS)
1 139.45.195.206 9002 (RETN-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.15 9002 (RETN-AS)
1 37.59.184.172 16276 (OVH)
3 54.241.51.109 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.111.10.140 33438 (HIGHWINDS2)
1 108.161.189.78 33438 (HIGHWINDS2)
1 172.255.6.232 7979 (SERVERS-COM)
1 4 104.19.134.80 13335 (CLOUDFLAR...)
2 148.251.53.118 24940 (HETZNER-AS)
1 3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 52.46.136.169 16509 (AMAZON-02)
1 52.46.131.85 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 172.217.21.226 15169 (GOOGLE)
1 139.45.195.106 9002 (RETN-AS)
2 206.189.18.245 14061 (DIGITALOC...)
1 1 104.19.130.80 13335 (CLOUDFLAR...)
1 172.67.191.226 13335 (CLOUDFLAR...)
6 78.140.188.188 35415 (WEBZILLA)
2 35.190.74.92 15169 (GOOGLE)
1 94.31.29.32 6461 (ZAYO-6461)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 139.45.196.11 9002 (RETN-AS)
1 23.37.55.153 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.19.131.80 13335 (CLOUDFLAR...)
71 35
Apex Domain
Subdomains
Transfer
10 shorte.st
cdn.shorte.st
api.shorte.st
ads.shorte.st
48 KB
10 kumteerg.com
kumteerg.com
88 KB
6 adskeeper.co.uk
cdn.adskeeper.co.uk
jsc.adskeeper.co.uk
c.adskeeper.co.uk
59 KB
6 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
146 KB
3 google-analytics.com
www.google-analytics.com
19 KB
3 doubleclick.net
googleads.g.doubleclick.net
3 bidvertiser.com
bdv.bidvertiser.com
11 KB
3 choupsee.com
choupsee.com
67 KB
3 onegalact.com
onegalact.com
1 KB
2 tradeadexchange.com
www.tradeadexchange.com
16 KB
2 google.com
adservice.google.com
945 B
2 google.de
adservice.google.de
945 B
2 amazon-adsystem.com
rcm-na.amazon-adsystem.com
765 B
2 a-ads.com
ad.a-ads.com
2 mellowads.com
mellowads.com
33 KB
1 gearbest.com
www.gearbest.com
1 shorteh.com
shorteh.com
1 KB
1 buysellads.net
cdn4.buysellads.net
40 KB
1 carbonads.net
srv.carbonads.net
969 B
1 zryydi.com
ssp.zryydi.com
1 buysellads.com
srv.buysellads.com
729 B
1 rtmark.net
my.rtmark.net
785 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 googleadservices.com
partner.googleadservices.com
258 B
1 assoc-amazon.com
ws-na.assoc-amazon.com
1 seaboblit.com
seaboblit.com
1 KB
1 servedby-buysellads.com
m.servedby-buysellads.com
16 KB
1 carbonads.com
cdn.carbonads.com
6 KB
1 cloudflare.com
cdnjs.cloudflare.com
1 KB
1 duetgypsyantis.com
duetgypsyantis.com
1 KB
1 stawhoph.com
stawhoph.com
1 coinpayu.com
coinpayu.com
149 KB
1 choogeet.net
choogeet.net
38 KB
1 waxtamnit.com
waxtamnit.com
1020 B
1 glitch.me
daffodil-ruddy-run.glitch.me
6 KB
71 35
Domain Requested by
10 kumteerg.com daffodil-ruddy-run.glitch.me
kumteerg.com
6 api.shorte.st cdn.shorte.st
4 pagead2.googlesyndication.com daffodil-ruddy-run.glitch.me
pagead2.googlesyndication.com
3 www.google-analytics.com daffodil-ruddy-run.glitch.me
www.google-analytics.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 cdn.shorte.st 1 redirects daffodil-ruddy-run.glitch.me
cdn.shorte.st
3 bdv.bidvertiser.com daffodil-ruddy-run.glitch.me
bdv.bidvertiser.com
3 choupsee.com daffodil-ruddy-run.glitch.me
choupsee.com
3 onegalact.com daffodil-ruddy-run.glitch.me
2 c.adskeeper.co.uk 1 redirects
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.tradeadexchange.com cdn.shorte.st
www.tradeadexchange.com
2 jsc.adskeeper.co.uk 1 redirects daffodil-ruddy-run.glitch.me
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 rcm-na.amazon-adsystem.com 2 redirects
2 ad.a-ads.com daffodil-ruddy-run.glitch.me
2 cdn.adskeeper.co.uk 1 redirects daffodil-ruddy-run.glitch.me
2 mellowads.com daffodil-ruddy-run.glitch.me
mellowads.com
1 www.gearbest.com cdn.shorte.st
1 shorteh.com 1 redirects
1 ads.shorte.st 1 redirects
1 cdn4.buysellads.net daffodil-ruddy-run.glitch.me
1 srv.carbonads.net cdn.carbonads.com
1 ssp.zryydi.com cdn.shorte.st
1 srv.buysellads.com m.servedby-buysellads.com
1 my.rtmark.net daffodil-ruddy-run.glitch.me
1 www.googletagservices.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ws-na.assoc-amazon.com daffodil-ruddy-run.glitch.me
1 seaboblit.com daffodil-ruddy-run.glitch.me
1 m.servedby-buysellads.com daffodil-ruddy-run.glitch.me
1 cdn.carbonads.com daffodil-ruddy-run.glitch.me
1 cdnjs.cloudflare.com daffodil-ruddy-run.glitch.me
1 duetgypsyantis.com daffodil-ruddy-run.glitch.me
1 stawhoph.com daffodil-ruddy-run.glitch.me
1 coinpayu.com daffodil-ruddy-run.glitch.me
1 choogeet.net daffodil-ruddy-run.glitch.me
1 waxtamnit.com daffodil-ruddy-run.glitch.me
1 daffodil-ruddy-run.glitch.me
71 40

This site contains links to these domains. Also see Links.

Domain
www.coinpayu.com
srv.carbonads.net
carbonads.net
shorte.st
Subject Issuer Validity Valid
kumteerg.com
R3
2020-12-15 -
2021-03-15
3 months crt.sh
choupsee.com
R3
2020-12-13 -
2021-03-13
3 months crt.sh
choogeet.net
R3
2020-12-13 -
2021-03-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-08 -
2021-07-08
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
ws-na.assoc-amazon.com
Amazon
2020-04-10 -
2021-03-16
a year crt.sh
*.googleadservices.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA
2020-10-27 -
2021-11-26
a year crt.sh
*.carbonads.net
Sectigo RSA Domain Validation Secure Server CA
2019-09-19 -
2021-10-12
2 years crt.sh
*.shorte.st
Sectigo RSA Domain Validation Secure Server CA
2019-10-18 -
2020-12-16
a year crt.sh
tradeadexchange.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-16 -
2022-07-01
2 years crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA
2019-08-23 -
2021-08-22
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.gearbest.com
DigiCert SHA2 Secure Server CA
2020-04-13 -
2021-07-13
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh

This page contains 11 frames:

Primary Page: http://daffodil-ruddy-run.glitch.me/
Frame ID: E3DD0F4C15CA79C1B16D5C57EE8FFF87
Requests: 56 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90
Frame ID: 1DC6A02AB97E8B8CFD03FB541C0D2362
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111
Frame ID: 0B0E76DDA7497B52D9A82B16A5DAA328
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Frame ID: DBDB000B68E1801A1E7D211F105B493F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 7F2E954FFF4D6C97B206170B85BD1B1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5743433547693559&output=html&h=280&slotname=6733166221&adk=720581973&adf=3025194257&pi=t.ma~as.6733166221&w=1200&fwrn=4&fwrnh=100&lmt=1609084211&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&flash=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609084275036&bpp=14&bdt=348&idt=53&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=104957034194&frm=20&pv=2&ga_vid=806958349.1609084275&ga_sid=1609084275&ga_hid=74202072&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069711&oid=3&pvsid=1400089674141694&pem=45&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=3XpgxEgmyQ&p=http%3A//daffodil-ruddy-run.glitch.me&dtd=71
Frame ID: 751688B38AA4FCD643A100851159BB1B
Requests: 1 HTTP requests in this frame

Frame: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=0303298465687&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=0303298465687&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Frame ID: F5CC252867E8B035975D476894EAB58A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5743433547693559&output=html&adk=1812271804&adf=1573534164&lmt=1609084211&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609084275332&bpp=4&bdt=643&idt=4&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=104957034194&frm=20&pv=1&ga_vid=806958349.1609084275&ga_sid=1609084275&ga_hid=74202072&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069711&oid=3&pvsid=1400089674141694&pem=45&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=10
Frame ID: 1D1049110D3898413E71817135643B2D
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: B1DD4E8CF06788893201A60EF95C9534
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367088663303033018
Frame ID: 5B110D5A325678965F84A42501D4F10B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 85A2DA808E1794377BB0AAC8300D43A0
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

71
Requests

66 %
HTTPS

28 %
IPv6

35
Domains

40
Subdomains

35
IPs

6
Countries

775 kB
Transfer

1915 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • http://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000 HTTP 301
  • https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
Request Chain 20
  • http://cdn.shorte.st/link-converter.min.js HTTP 301
  • https://cdn.shorte.st/link-converter.min.js
Request Chain 22
  • http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 301
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 302
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Request Chain 40
  • http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120110165115 HTTP 301
  • https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120110165115
Request Chain 57
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 60
  • http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=3&cp.enc_url=&cp.type=overlay&cp.asid=2ed0e9c758632bec71b0b275c309fba3c873eedb HTTP 302
  • https://shorteh.com/afu.php?zoneid=1241630 HTTP 302
  • https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367088663303033018
Request Chain 67
  • http://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4yNDgsImRvbUNvbXBsZXRlIjo0LjMyOSwicGFnZUxvYWRUaW1lIjo0LjMzMywicmVxdWVzdFN0YXJ0VGltZSI6MC4wMjYsInJlc3BvbnNlRW5kVGltZSI6MC4yNzR9fQ== HTTP 301
  • https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4yNDgsImRvbUNvbXBsZXRlIjo0LjMyOSwicGFnZUxvYWRUaW1lIjo0LjMzMywicmVxdWVzdFN0YXJ0VGltZSI6MC4wMjYsInJlc3BvbnNlRW5kVGltZSI6MC4yNzR9fQ==

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
daffodil-ruddy-run.glitch.me/
6 KB
6 KB
Document
General
Full URL
http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
3.231.39.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-39-129.compute-1.amazonaws.com
Software
/
Resource Hash
4758fa183f562bff5c8da5b6f274c13c5e6be62a13568f3fceea0b15cf5194d3

Request headers

Host
daffodil-ruddy-run.glitch.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Type
text/html; charset=utf-8
Content-Length
6038
Connection
keep-alive
vary
Origin
accept-ranges
bytes
last-modified
Sun, 27 Dec 2020 15:50:11 GMT
cache-control
max-age=0
etag
W/"1796-176a4e48f38"
pop.js
mellowads.com/
423 B
1 KB
Script
General
Full URL
http://mellowads.com/pop.js?ref=4E0983D3C420
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9a1ddc849f1dfd909ad542c261804a7fafad43205a97ee8dddd7dc91c49fdc

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache
Connection
keep-alive
CF-RAY
608433ace9342c22-FRA
Content-Length
496
cf-request-id
07467ea01000002c2293aa7000000001
Expires
-1
/
onegalact.com/
0
0
Script
General
Full URL
http://onegalact.com/
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS
ip17.ip-51-68-161.eu
Software
nginx /
Resource Hash

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
21431
waxtamnit.com/fGZK1mdRMO3Lzx3/
0
1020 B
Script
General
Full URL
http://waxtamnit.com/fGZK1mdRMO3Lzx3/21431
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
172.255.6.133 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
21432
onegalact.com/pFFQARKPePsD/
0
1 KB
Script
General
Full URL
http://onegalact.com/pFFQARKPePsD/21432
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS
ip17.ip-51-68-161.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
tag.min.js
kumteerg.com/pfe/current/
42 KB
12 KB
Script
General
Full URL
https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-a6a9"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
tag.min.js
choupsee.com/pfe/current/
42 KB
12 KB
Script
General
Full URL
https://choupsee.com/pfe/current/tag.min.js?z=3808000
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.140 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-a6a9"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
micro.tag.min.js
choogeet.net/pfe/current/
129 KB
38 KB
Script
General
Full URL
https://choogeet.net/pfe/current/micro.tag.min.js?z=3461354
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.195.206 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:34 GMT
Server
nginx
ETag
W/"5fd22426-20534"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
468X60.gif
coinpayu.com/static/advertiser_banner/
148 KB
149 KB
Image
General
Full URL
https://coinpayu.com/static/advertiser_banner/468X60.gif
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:14 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1333110
cf-polished
status=not_needed
content-length
151259
cf-request-id
07467ea0260000dfbfd025f000000001
last-modified
Sat, 12 Dec 2020 10:50:40 GMT
server
cloudflare
etag
"5fd4a080-24edb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w%2BRaSLF%2BemOiN3NwqkaBIMXkrDVIjgLvA6DNNdAHec0kN%2BsfpycAJ1gAbCNLFSgMqw1n4j4opQcgMZ174OH1pycQ9JHhQT36MmRMiDYHF8Q00wUWG8YerhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
expires
Mon, 11 Jan 2021 05:32:44 GMT
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
608433ad0c62dfbf-FRA
cf-bgj
imgq:100,h2pri
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
133 KB
46 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47107
x-xss-protection
0
server
cafe
etag
13290078405355148527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Dec 2020 15:51:14 GMT
afu.php
stawhoph.com/
0
0
Script
General
Full URL
http://stawhoph.com/afu.php?zoneid=3807985
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
139.45.195.15 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
16229
duetgypsyantis.com/txrerrgoIMFbsRz8/
0
1 KB
Script
General
Full URL
http://duetgypsyantis.com/txrerrgoIMFbsRz8/16229
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
37.59.184.172 , France, ASN16276 (OVH, FR),
Reverse DNS
ip172.ip-37-59-184.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Keep-Alive
timeout=20
BidVertiser.dbm
bdv.bidvertiser.com/
10 KB
10 KB
Script
General
Full URL
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
-1
Cache-Control
no-store
Connection
close
Content-Length
10318
Content-Type
text/javascript
dataTables.bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/dataTables.bootstrap.min.css
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
129131
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
757
cf-request-id
07467ea00c000096dac229e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e33-10c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v5eyNxWOCkdMxjWnM1kEbEYShgpzHzuGSeWtBjLCeOr%2FIDS4A%2BaDEmTKYNXI27ffkj1bSLAHxdLt8P6JZEqamIVb7e5CZ2TE7XxTnTzHs4PSxlVIs58gXS1ltjn%2BthF6EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
608433ace95996da-FRA
expires
Fri, 17 Dec 2021 15:51:14 GMT
carbon.js
cdn.carbonads.com/
15 KB
6 KB
Script
General
Full URL
http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Oct 2020 20:53:30 GMT
Server
NetDNA-cache/2.2
ETag
W/"3d43-5b2ad3d436e46"
Vary
Accept-Encoding
X-Cache
MISS
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
monetization.js
m.servedby-buysellads.com/
61 KB
16 KB
Script
General
Full URL
http://m.servedby-buysellads.com/monetization.js
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c36d0137fae67049d8ed418abfca53f793ad4532fbbbea0d0479e04ec94ca5c0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Sep 2020 16:42:42 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
C94B6D797BA424E0
ETag
W/"9f6e8e31f2c6d5c51d33f86a6cdf4b3c"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
x-amz-id-2
nc7urrxK0+Hcj3Qx6Vga3Rv26rLrGZr7ER6dGw/H5xM4mBTYTv8ZisqDPM98sRvQEjG9o+oNMKI=
Expires
Mon, 28 Dec 2020 15:51:14 GMT
21435
seaboblit.com/1clkn/
0
1 KB
Script
General
Full URL
http://seaboblit.com/1clkn/21435
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
172.255.6.232 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
tracking.js
cdn.adskeeper.co.uk/transit/
Redirect Chain
  • http://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
  • https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
2 KB
1 KB
Script
General
Full URL
https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:14 GMT
content-encoding
br
cf-cache-status
HIT
age
6655
cf-polished
origSize=3494
last-modified
Mon, 04 May 2020 12:18:45 GMT
x-amz-request-id
26476E7C015EF407
x-amz-id-2
bHdNRv1iEdjnymt/U2Hkto2sZvEAZi5QZl45tYy8Pdz21gHHDnpdEpG28CwuRuuyA+1y62fbY0M=
cf-bgj
minify
server
cloudflare
etag
W/"1c5cadbe93778de01d8453e269cb0be3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-request-id
07467ea08700000897e2ab5000000001
cf-ray
608433adad990897-CDG
expires
Sun, 27 Dec 2020 19:51:14 GMT

Redirect headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
608433ad0ea9ee5c-CDG
cf-request-id
07467ea0280000ee5c4e24f000000001
Expires
Sun, 27 Dec 2020 16:51:14 GMT
1507210
ad.a-ads.com/ Frame 1DC6
0
0
Document
General
Full URL
http://ad.a-ads.com/1507210?size=728x90
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://daffodil-ruddy-run.glitch.me/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://daffodil-ruddy-run.glitch.me/
Content-Encoding
gzip
wrez
mellowads.com/js/
81 KB
32 KB
Script
General
Full URL
http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1
Requested by
Host: mellowads.com
URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Protocol
HTTP/1.1
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Sun, 27 Dec 2020 15:51:03 GMT
Server
cloudflare
X-AspNet-Version
4.0.30319
Vary
User-Agent
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
608433aeaea52c22-FRA
cf-request-id
07467ea12600002c22ac8e8000000001
Expires
Mon, 27 Dec 2021 15:51:03 GMT
/
onegalact.com/
0
0
Script
General
Full URL
http://onegalact.com/
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS
ip17.ip-51-68-161.eu
Software
nginx /
Resource Hash

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
link-converter.min.js
cdn.shorte.st/
Redirect Chain
  • http://cdn.shorte.st/link-converter.min.js
  • https://cdn.shorte.st/link-converter.min.js
116 KB
43 KB
Script
General
Full URL
https://cdn.shorte.st/link-converter.min.js
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1015
cf-request-id
07467ea18200004a86caa18000000001
x-ua-compatible
IE=Edge
last-modified
Thu, 09 Aug 2018 13:48:43 GMT
server
cloudflare
etag
W/"5b6c463b-1d196"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k2khW4f%2Buhz7pqNlLO%2FnDBVYdFkUpRGT3XH4Jvs3fOWMMLHsaWni2jxYiY12Vn661AhdjC9QnQEzfLqpWf5ZmlEhQ8keIf1AGu%2B18aGSOrPqNNCmxvu4xg20"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-server-id
shn07
cache-control
max-age=14400
cf-ray
608433af3c924a86-FRA
expires
Sun, 27 Dec 2020 16:34:20 GMT

Redirect headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
CF-Cache-Status
HIT
NEL
{"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
606
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PAlVRqVUHhE0Jm6B27Fa2%2FGzRgJLaWci8Ozl64EA0K%2BpK33ZQSknlWe%2FRj6E06QWk114GFu42sCMvNXaswVN7aGKb2t19SkPHFEtfuR6qO0hH6b695QRaX%2BF"}],"group":"cf-nel","max_age":604800}
Location
https://cdn.shorte.st/link-converter.min.js
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
608433aeef87bece-FRA
Content-Length
0
cf-request-id
07467ea1560000bece453ec000000001
1507210
ad.a-ads.com/ Frame 0B0E
0
0
Document
General
Full URL
http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Server
148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.118.53.251.148.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://daffodil-ruddy-run.glitch.me/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger
X-Original-Referer
http://daffodil-ruddy-run.glitch.me/
Content-Encoding
gzip
cm
ws-na.assoc-amazon.com/widgets/ Frame DBDB
Redirect Chain
  • http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
  • https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
  • https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
0
0
Document
General
Full URL
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
ws-na.assoc-amazon.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://daffodil-ruddy-run.glitch.me/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
Server
Server
Cache-Control
must-revalidate
Pragma
no-cache
Expires
-1
p3p
policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset
UTF-8
Access-Control-Allow-Origin
*
Vary
User-Agent
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8

Redirect headers

Server
Server
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
360
Connection
keep-alive
x-amz-rid
MWVY3QYSXKPAQVMD7J8Q
Location
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
zone
kumteerg.com/
716 B
1 KB
Fetch
General
Full URL
https://kumteerg.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=
Requested by
Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b58ffbb4f7775ac57aa736e8570486663d0bea6b86b159c739fded90dad7258d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
ccde179d13d21e4f8a294a26133fb17b
Date
Sun, 27 Dec 2020 15:51:15 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
716
universal.min.js
kumteerg.com/pfe/current/
188 KB
54 KB
Fetch
General
Full URL
https://kumteerg.com/pfe/current/universal.min.js?v=3.1.281
Requested by
Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-2ef30"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
zone
choupsee.com/
716 B
1 KB
Fetch
General
Full URL
https://choupsee.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=
Requested by
Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.140 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b58ffbb4f7775ac57aa736e8570486663d0bea6b86b159c739fded90dad7258d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
081959dc7b6bf87e8a7ec02906d3af16
Date
Sun, 27 Dec 2020 15:51:15 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
716
universal.min.js
choupsee.com/pfe/current/
188 KB
54 KB
Fetch
General
Full URL
https://choupsee.com/pfe/current/universal.min.js?v=3.1.281
Requested by
Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.140 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-2ef30"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/
234 KB
87 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Dec 2020 15:51:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 7F2E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://daffodil-ruddy-run.glitch.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 27 Dec 2020 10:01:15 GMT
expires
Sun, 10 Jan 2021 10:01:15 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
cache-control
public, max-age=1209600
age
21000
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
199 B
258 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=daffodil-ruddy-run.glitch.me&callback=_gfp_s_&client=ca-pub-5743433547693559
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f226.1e100.net
Software
cafe /
Resource Hash
0f16016a5e56b0e7f112a75c5fa905324a043d3b62c01eb6ae3f495b7e83b0b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
168 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=daffodil-ruddy-run.glitch.me&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
168 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=daffodil-ruddy-run.glitch.me&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7516
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5743433547693559&output=html&h=280&slotname=6733166221&adk=720581973&adf=3025194257&pi=t.ma~as.6733166221&w=1200&fwrn=4&fwrnh=100&lmt=1609084211&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&flash=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609084275036&bpp=14&bdt=348&idt=53&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=104957034194&frm=20&pv=2&ga_vid=806958349.1609084275&ga_sid=1609084275&ga_hid=74202072&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069711&oid=3&pvsid=1400089674141694&pem=45&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=3XpgxEgmyQ&p=http%3A//daffodil-ruddy-run.glitch.me&dtd=71
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5743433547693559&output=html&h=280&slotname=6733166221&adk=720581973&adf=3025194257&pi=t.ma~as.6733166221&w=1200&fwrn=4&fwrnh=100&lmt=1609084211&rafmt=1&psa=0&format=1200x280&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&flash=0&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609084275036&bpp=14&bdt=348&idt=53&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=104957034194&frm=20&pv=2&ga_vid=806958349.1609084275&ga_sid=1609084275&ga_hid=74202072&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=8&ady=102&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069711&oid=3&pvsid=1400089674141694&pem=45&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=3XpgxEgmyQ&p=http%3A//daffodil-ruddy-run.glitch.me&dtd=71
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://daffodil-ruddy-run.glitch.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 27 Dec 2020 15:51:15 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 27-Dec-2020 16:06:15 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607690616793149"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28334
x-xss-protection
0
expires
Sun, 27 Dec 2020 15:51:15 GMT
custom
kumteerg.com/ Frame
0
0
Other
General
Full URL
https://kumteerg.com/custom
Protocol
HTTP/1.1
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://daffodil-ruddy-run.glitch.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
kumteerg.com/
39 B
502 B
Fetch
General
Full URL
https://kumteerg.com/custom
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
ddc1926b335695e5152ce699df664de0
Date
Sun, 27 Dec 2020 15:51:15 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
gid.js
my.rtmark.net/
65 B
785 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=dae493920ec74884a72303b82f69fc6a&zoneId=3808000&checkDuplicate=true&ymid=&var=
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.106 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ac90b265f479de9bf7a8db3b55a4120d36132f2241f94d926cf5e4dfc06c41f8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
65
bidvertiser.dbm
bdv.bidvertiser.com/
0
330 B
Script
General
Full URL
http://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=0191788646131&DIF=2
Requested by
Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol
HTTP/1.1
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Len
0
Date
Sunday, 27-Dec-2020 15:51:15 GMT
Cache-Control
no-store
Last-Modified
Saturday, 28-Dec-2019 15:51:15 GMT
CONNECTION
Close
P3P
policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type
text/javascript; charset=utf-8
Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame F5CC
0
0
Document
General
Full URL
http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=0303298465687&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=0303298465687&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Requested by
Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol
HTTP/1.1
Server
54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
bdv.bidvertiser.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://daffodil-ruddy-run.glitch.me/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

Date
Sunday, 27-Dec-2020 15:51:15 GMT
Cache-Control
no-store
Last-Modified
Saturday, 28-Dec-2019 15:51:15 GMT
Set-Cookie
bdv_c12p=235; domain=.bidvertiser.com; path=/; expires=Mon, 28-Dec-2020 15:51:15 GMT bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Mon, 28-Dec-2020 15:51:15 GMT
P3P
policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type
text/html; charset=utf-8
Content-Len
5919
CONNECTION
Close
CKYD553E.json
srv.buysellads.com/ads/
642 B
729 B
XHR
General
Full URL
http://srv.buysellads.com/ads/CKYD553E.json?segment=placement:eefiojre9hugu9rgtrtfrg
Requested by
Host: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js
Protocol
HTTP/1.1
Server
206.189.18.245 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-10.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
0cc7a13b0b2c0d3d7404cd3d88edb626552252ca9bc9de32456a4b46ae0545fd

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
Server
//srv.buysellads.com
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
close
Content-Length
477
adskeeper.uk.16162.js
jsc.adskeeper.co.uk/a/d/
Redirect Chain
  • http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120110165115
  • https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120110165115
201 KB
55 KB
Script
General
Full URL
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120110165115
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
br
cf-cache-status
HIT
age
796
cf-polished
origSize=205752
last-modified
Thu, 10 Dec 2020 12:15:05 GMT
x-amz-request-id
AB3232CC8CEE8896
x-amz-id-2
WJ5AwrJqv1Ta3daHSIPc5I31CCCnucHzDapTd4oA4fWj4epU0EgtQZHVcTku/DzbbYnw7ynfs6I=
cf-bgj
minify
server
cloudflare
etag
W/"2b75edd098a9c576d71b01ee14cc45d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-request-id
07467ea2bc000008972d3f1000000001
cf-ray
608433b128d00897-CDG
expires
Sun, 27 Dec 2020 19:51:15 GMT

Redirect headers

Date
Sun, 27 Dec 2020 15:51:15 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120110165115
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
608433b0fcee049b-CDG
cf-request-id
07467ea2a10000049ba109c000000001
Expires
Sun, 27 Dec 2020 16:51:15 GMT
integrator.js
adservice.google.de/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=daffodil-ruddy-run.glitch.me&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=daffodil-ruddy-run.glitch.me&meb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1D10
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5743433547693559&output=html&adk=1812271804&adf=1573534164&lmt=1609084211&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609084275332&bpp=4&bdt=643&idt=4&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=104957034194&frm=20&pv=1&ga_vid=806958349.1609084275&ga_sid=1609084275&ga_hid=74202072&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069711&oid=3&pvsid=1400089674141694&pem=45&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5743433547693559&output=html&adk=1812271804&adf=1573534164&lmt=1609084211&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ea=0&flash=0&host=ca-host-pub-1556223355139109&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609084275332&bpp=4&bdt=643&idt=4&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=104957034194&frm=20&pv=1&ga_vid=806958349.1609084275&ga_sid=1609084275&ga_hid=74202072&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21069711&oid=3&pvsid=1400089674141694&pem=45&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://daffodil-ruddy-run.glitch.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 27 Dec 2020 15:51:15 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlUyfB5mVDLWt47NwSNFBzTmhvv_nHNGehSkYgRgOLaJsMnJS6UbTMQTTba; expires=Fri, 21-Jan-2022 15:51:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Sun, 27 Dec 2020 15:51:15 GMT
cache-control
private
/
ssp.zryydi.com/bid/
0
0
Script
General
Full URL
https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1609084275347
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.191.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

sh-overlay.css
cdn.shorte.st/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.shorte.st/css/sh-overlay.css
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
967
cf-request-id
07467ea29e00004a860c05a000000001
x-ua-compatible
IE=Edge
last-modified
Thu, 09 Aug 2018 13:48:43 GMT
server
cloudflare
etag
W/"5b6c463b-dd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nwJ2nVZBSyk6Wjx%2BRaHK84sdUi5sF5v7Ha%2B7PiB88fm3%2Bi%2FbjDen1qowFyTsMzJWl%2BZoLuWvXDmozsgTvkuvh6eBOgKe%2BuJG6zq42%2Bk1IYODwUnmDAp9LlKo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-server-id
shn10
cache-control
max-age=14400
cf-ray
608433b0f95d4a86-FRA
expires
Sun, 27 Dec 2020 16:35:08 GMT
CKYICKQI.json
srv.carbonads.net/ads/
1 KB
969 B
Script
General
Full URL
https://srv.carbonads.net/ads/CKYICKQI.json?segment=placement:dsawrewreafera&callback=_carbonads_go
Requested by
Host: cdn.carbonads.com
URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.189.18.245 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-10.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
c54ad7dc48a87764fc739e7182700006a7be516fb5ee774107d4bdbc6b1f4c85

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
Server
//srv.buysellads.com
Content-Length
730
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/
74 B
844 B
XHR
General
Full URL
https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.40-0+deb8u12
Resource Hash
e6c8d36a1bf77e47750de7ddc7f26930c817b94040efecfe1f5c7b2b3f7f0e5a

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sun, 27 Dec 2020 15:51:16 GMT
Server
nginx
X-Powered-By
PHP/5.6.40-0+deb8u12
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
X-Server-ID
shn08
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-UA-Compatible
IE=Edge
0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/ Frame
0
0
Other
General
Full URL
https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Protocol
HTTP/1.1
Server
78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://daffodil-ruddy-run.glitch.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Content-Type
application/json
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers
origin, content-type, accept
Access-Control-Allow-Methods
POST
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Date
Sun, 27 Dec 2020 15:51:15 GMT
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
X-Server-ID
shn05
X-UA-Compatible
IE=Edge
defaultSkin.min.js
kumteerg.com/pfe/current/
56 KB
19 KB
Fetch
General
Full URL
https://kumteerg.com/pfe/current/defaultSkin.min.js
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-de6b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
truncated
/ Frame B1DD
255 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
kumteerg.com/ Frame
0
0
Other
General
Full URL
https://kumteerg.com/custom
Protocol
HTTP/1.1
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://daffodil-ruddy-run.glitch.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 27 Dec 2020 15:51:15 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
kumteerg.com/
39 B
502 B
Fetch
General
Full URL
https://kumteerg.com/custom
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
03b5d199ff1902dab87e677729bf9ad7
Date
Sun, 27 Dec 2020 15:51:15 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
display.php
www.tradeadexchange.com/a/
6 KB
2 KB
Script
General
Full URL
https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
92.74.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
1542656925-explore-themes-1.jpg
cdn4.buysellads.net/uu/1/23814/
39 KB
40 KB
Image
General
Full URL
https://cdn4.buysellads.net/uu/1/23814/1542656925-explore-themes-1.jpg
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
eef5dc8f5b1eed5388f0d058f00aa43853ebe2b460b66167ece7632e5e810fed

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
last-modified
Mon, 19 Nov 2018 19:48:46 GMT
server
NetDNA-cache/2.2
x-amz-request-id
6705F7B571C0DA64
etag
"96bad07debb02ff0860b5fad132b52d6"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
content-length
40178
x-amz-id-2
S/RQGLFdVrwzKiPG0uylvwnAdGsFu3tlRbIOpDDk/lhXpRB8UH5Ni9NrV4TW8GGwFMzGbdpn+pQ=
expires
Wed, 22 Dec 2021 15:51:15 GMT
display.php
www.tradeadexchange.com/ad/
62 KB
13 KB
Script
General
Full URL
https://www.tradeadexchange.com/ad/display.php?stamat=m%7CEqdjY3djaQdHkAH0dEdHP3xP.b10%2C2t5FkDDYpjxJXsMWHSh7wBG6VAx_Q9TxSSvYJWOcEw4dSpf7D6GmDmyZSIE8TU3Rf5JfCV5UIoLDL7XypVKwg-FjfCltSEkn7hJbpfh2SXkWpx7cxTFor-Pw5rOWUi3bakgeDt_H4Ls0EESx1DddAQ%2C%2C&cbrandom=0.8046144700517255&cbtitle=Trying%20to%20reach%20the%20most%20ads%20since%202020&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by
Host: www.tradeadexchange.com
URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
92.74.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
29c747ad9b7b9295cde2b30ecb05948ad79a00371a4a87934c67f43ed75e2153

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:15 GMT
content-encoding
gzip
alt-svc
clear
server
openresty
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
link
<www.logarithmicframe.com>; rel=dns-prefetch,<www.logarithmicframe.com>; rel=preconnect,<www.tradeadexchange.com>; rel=dns-prefetch,<www.tradeadexchange.com>; rel=preconnect
via
1.1 google
2ed0e9c758632bec71b0b275c309fba3c873eedb
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ Frame
0
0
Other
General
Full URL
https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/2ed0e9c758632bec71b0b275c309fba3c873eedb
Protocol
HTTP/1.1
Server
78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
http://daffodil-ruddy-run.glitch.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Content-Type
application/json
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers
origin, content-type, accept
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Date
Sun, 27 Dec 2020 15:51:16 GMT
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
X-Server-ID
shn12
X-UA-Compatible
IE=Edge
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3669
date
Sun, 27 Dec 2020 14:50:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 27 Dec 2020 16:50:07 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
2ed0e9c758632bec71b0b275c309fba3c873eedb
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/
456 B
1 KB
XHR
General
Full URL
https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/2ed0e9c758632bec71b0b275c309fba3c873eedb
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.40-0+deb8u12
Resource Hash
67e97c5c0f4d57ea0d863ed8555030e50eb84d99a791be4b3cfcd1154cfb5c3b

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/html

Response headers

Date
Sun, 27 Dec 2020 15:51:16 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.40-0+deb8u12
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
X-Server-ID
shn05
Cache-Control
no-cache
Transfer-Encoding
chunked
Access-Control-Allow-Headers
Content-Type
X-UA-Compatible
IE=Edge
collect
www.google-analytics.com/j/
2 B
77 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=74202072&t=pageview&_s=1&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&_u=YAhAAEABAAAAAC~&jid=1219941331&gjid=1573209748&cid=806958349.1609084275&tid=UA-42296749-1&_gid=1541973902.1609084276&_r=1&_slc=1&z=24420069
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Dec 2020 15:51:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://daffodil-ruddy-run.glitch.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
promotion-bestseller-special-1308.html
www.gearbest.com/ Frame 5B11
Redirect Chain
  • http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.pro...
  • https://shorteh.com/afu.php?zoneid=1241630
  • https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367088663303033018
0
0
Document
General
Full URL
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367088663303033018
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.55.153 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-55-153.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
www.gearbest.com
:scheme
https
:path
/promotion-bestseller-special-1308.html?lkid=45687009&cid=367088663303033018
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
pragma
public
last-modified
Sun, 27 Dec 2020 15:51:16 GMT
gbcdnlang
en
access-control-allow-origin
*
access-control-allow-methods
GET, POST
ng-cache
EXPIRED
content-encoding
gzip
x-edgeconnect-midmile-rtt
0 0
x-edgeconnect-origin-mex-latency
214 214
x-akamai-transformed
9 47001 0 pmb=mRUM,1
cache-control
public, max-age=60
expires
Sun, 27 Dec 2020 15:52:17 GMT
date
Sun, 27 Dec 2020 15:51:17 GMT
vary
Accept-Encoding User-Agent
set-cookie
AKAM_CLIENTID=3adcddc7323bc2ceb68083f3dd4953b4; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Sun, 27-Dec-2020 16:51:17 GMT; path=/; domain=gearbest.com; secure; HttpOnly

Redirect headers

Server
nginx
Date
Sun, 27 Dec 2020 15:51:16 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Pragma
no-cache
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin
* *
X-Trace-Id
ced4c7122d93c374001d59fc697314c3
Link
<https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect" <https://www.gearbest.com>; rel="dns-prefetch preconnect",<https://propeller-tracking.com>; rel="dns-prefetch preconnect"
Referrer-Policy
no-referrer
Location
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367088663303033018
Set-Cookie
OAID=dbf378308da1404cbdc3623c714728ee; expires=Mon, 27 Dec 2021 15:51:16 GMT; secure; SameSite=None oaidts=1609084276; expires=Mon, 27 Dec 2021 15:51:16 GMT; secure; SameSite=None
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
custom
kumteerg.com/ Frame
0
0
Other
General
Full URL
https://kumteerg.com/custom
Protocol
HTTP/1.1
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://daffodil-ruddy-run.glitch.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 27 Dec 2020 15:51:18 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
sodar
pagead2.googlesyndication.com/getconfig/
9 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
070d516a18cb073fc3ef931e3eb252437895f404073d5cab4a8a6bf78c4dfc4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 27 Dec 2020 15:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6798
x-xss-protection
0
custom
kumteerg.com/
39 B
502 B
Fetch
General
Full URL
https://kumteerg.com/custom
Requested by
Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.201 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
c72b9df249f39719c5937927c3132821
Date
Sun, 27 Dec 2020 15:51:18 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sodar2.js
tpc.googlesyndication.com/sodar/
16 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 15:51:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Sun, 27 Dec 2020 15:51:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 85A2
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://daffodil-ruddy-run.glitch.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://daffodil-ruddy-run.glitch.me/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Sun, 27 Dec 2020 14:53:05 GMT
expires
Mon, 27 Dec 2021 14:53:05 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3493
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=1400089674141694&bg=!0tGl0fHNAAUbEDgJG1jM_RV6_rOCxAIAAABfUgAAAAdoAQcKAXROuqnTLJrl8wDyFbaV9nHiRzliP-X74XKgxQ0IMgWYH2TvoPdAOzkqIlVaSwtYBWK5wYtWS9baMc0NUUr84BNSjWnEhTAfYvtBOBaywPARNy22A5bLmhLmCis_-t1qZoM37GUdZISNckUoKqo_crVWmYKMA_Rdi9PSCbxPOCqTwp2p6RDqMIYZocBgGGyhzgcoZtO1rxrLupPO3I2a821cxjCwUD3DiQKRcn49UA98jnaV9mxKM4GCPw1dGeH2btsfYFfPkmav7K_YEhR1OkFXs9Zp5rsiEUcW2JL9IGXgK0AiN6ERjJ5q6qbdkO186rvixZDG640VsD2HXRitj0iAZ6KtaIABejmrJxziNOatmc3NGmSiLaNk59upKXWYHhxuC0XHoE-ycEkTxydSHKnMSCy5lFwVlNGPeN-5ox56qs5pddwRwebUa2mgvYLHWBy2ESPVckCIMymt0Qud-9sNRpLOkdoG-k-krZTS8kKgGTKB9viZAddR8LQVnMI9FtFgNTQGG1mHcbk-nN7_kWlZdi3BMAP8n3usBhc86aWbyqgpqX5-J53Cl79iMVNvUESeh-0kqk8oiJLsAD0BJMCv8MIod0oFwNcUciztM5IRwHaiSKnVHYGztnoWhi47sT9I_EPffEROFYPI3sUxeqISdanYmdibQ8yPozhi6fgPhaLzwo0ZFeLxA8HwQbDgEHirtGS4iVw07w3LNfnYPLVNTTTdcaNE94jY_03AvnwWiCv-Cq_EKzijjj9QAcTVAJ5tvma6oVWZ3sF3aL7N3MQ9Q5qGu776HEtDqtNB7HUfw0NSxAykfZF4AKaOCRu4s4iBEihaQl72BtnS2QLfHS7VQVj2Mk7f_L-5CEioyp-y9ZBk3neux4txYT6uVgI7ap8v2XzGJIYXC9FKoCVdwGXmvIqqjjRIr3g-u4ZJMK_Tx8zTE2t-ftxJhKQFoNjhqA4uwy5TaacCzS9Zoj0OWSVe-1IOGEkvY5HWKpgtd5Gv3A0fTtIVpOYYpda4DjxlCTUDMoFjfF7UZt4MpU06uLBOBBvOKEJENd1lP48IUUKT0q27pBV4HIo9YHXYDekGGQCvzBnMk5YjmZG2Pf59fh5SZcaMC8MCSvv3tz7l0Ts
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Dec 2020 15:51:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
metric
c.adskeeper.co.uk/
Redirect Chain
  • http://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRy...
  • https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInR...
43 B
665 B
Image
General
Full URL
https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4yNDgsImRvbUNvbXBsZXRlIjo0LjMyOSwicGFnZUxvYWRUaW1lIjo0LjMzMywicmVxdWVzdFN0YXJ0VGltZSI6MC4wMjYsInJlc3BvbnNlRW5kVGltZSI6MC4yNzR9fQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Dec 2020 15:51:19 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
cd337606-8c14-48b4-a495-496b9dc61ba0
access-control-allow-headers
Content-Type, Cache-Control, X-Requested-With, User-Agent, Referer
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-method
HEAD, OPTIONS, POST
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
608433ca3fbd0897-CDG
content-type
image/gif
cf-request-id
07467eb26700000897d6aab000000001
server
cloudflare

Redirect headers

Date
Sun, 27 Dec 2020 15:51:19 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC4yNDgsImRvbUNvbXBsZXRlIjo0LjMyOSwicGFnZUxvYWRUaW1lIjo0LjMzMywicmVxdWVzdFN0YXJ0VGltZSI6MC4wMjYsInJlc3BvbnNlRW5kVGltZSI6MC4yNzR9fQ==
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
608433ca1d370853-CDG
cf-request-id
07467eb24b00000853b01e0000000001
Expires
Sun, 27 Dec 2020 16:51:19 GMT
11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/2ed0e9c758632bec71b0b275c309fba3c873eedb/ Frame
0
0
Other
General
Full URL
https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/2ed0e9c758632bec71b0b275c309fba3c873eedb/11
Protocol
HTTP/1.1
Server
78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://daffodil-ruddy-run.glitch.me
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Content-Type
application/json
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers
origin, content-type, accept
Access-Control-Allow-Methods
POST
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Date
Sun, 27 Dec 2020 15:51:25 GMT
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
X-Server-ID
shn05
X-UA-Compatible
IE=Edge
11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/2ed0e9c758632bec71b0b275c309fba3c873eedb/
15 B
784 B
XHR
General
Full URL
https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/2ed0e9c758632bec71b0b275c309fba3c873eedb/11
Requested by
Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.140.188.188 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.40-0+deb8u12
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 27 Dec 2020 15:51:25 GMT
Server
nginx
X-Powered-By
PHP/5.6.40-0+deb8u12
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
http://daffodil-ruddy-run.glitch.me
X-Server-ID
shn11
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-UA-Compatible
IE=Edge
collect
www.google-analytics.com/j/
1 B
118 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=74202072&t=event&_s=2&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&ec=interstitial&ea=callback&el=success&_u=aAhAAEABAAAAAC~&jid=1061678102&gjid=1393803630&cid=806958349.1609084275&tid=UA-42296749-1&_gid=1541973902.1609084276&_r=1&z=1274983275
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://daffodil-ruddy-run.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Dec 2020 15:51:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://daffodil-ruddy-run.glitch.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| el object| _0x1f04 function| _0x5c2b object| ntfcSDK object| adsbygoogle object| _0x50ed function| _0x49de object| _0x3af5 function| _0x2aa1 object| _0x89a6 function| _0x59dd object| zfgformats object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| T8CC function| r311 object| shortest function| shortestApplication function| shortestMonetization function| domready object| bean function| reqwest string| popns object| ShortestPop function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _0x43c6 function| _0xca39 object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode string| BDVHDRFUNCS number| statechanged object| bdvscripts object| myScript string| myScriptSrc object| docscripts number| bdvfound number| docscripts_index string| tmpScriptSrc string| queryString string| dec_pid string| dec_bid number| doppdano object| mybvD string| nocachen undefined| bvdbgwrbnr undefined| bvdbimgbnr object| _mq number| BDVADCNT object| bdvcheckBody string| ifrdom object| _anmq string| BDVINJFUNC string| loctitle number| tref string| win_name string| docref string| currjs1loc string| trcref number| locfoundmeta string| bvlockeywords object| bvkwarray object| bvmeta number| bvx number| bvy number| bvtttilemx undefined| kw2try undefined| gapp object| bdvmntppchk object| bdvmntsldchk string| bdvbnr2_rnd object| bdvfrstobjwrp object| bdvsndobj object| params string| method function| getQuerystring3 function| bdvfixqs function| bdvbnrsetCookie function| bdvbnrgetCookie function| bdv_setifrmsize function| bdvprocess number| iyayay number| sndmx1277387 object| _bsa function| _bsa_go function| _bsa_serving_callback object| _bsa_queue string| ignoretargeting object| script number| mgWidgetID object| _mgtq object| _carbonads function| _carbonads_go object| _carbon_where function| _bsap_serving_callback object| onClickExcludes object| bgcolor boolean| mgCanLoad16162 boolean| mgFallback16162 boolean| mgShortWidget16162 boolean| mgUseConvertedCode16162 string| mgRootId16162 function| inIframe function| checkDocumentBody function| documentAsyncWriteElementFromHtml function| ReopenUrlBuilder object| browser object| builder string| url object| scriptElement object| scriptCFASync object| firstScript function| r1ff function| O7hh function| n3VV function| G7hh function| Q0mm function| w0FF function| g0QQ function| X0QQ string| fe5033758 object| maWrez object| config object| _0xbdeb object| stamat boolean| _0xfav3451dft135 function| NqPnfu8553061950471479 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa object| myiframe function| ga object| google_tag_data object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: RUL
Value: EPXaov8FGPXBp44GIi8BNmGQ498dqB5FAI8SunvIf_C1GWXobMRimuCX8hFkHkWGanjYj10OFjZJAkJcRQ|cs=AP6Md-VozxX3MI4OGNBAXgXb63A3
.daffodil-ruddy-run.glitch.me/ Name: _gat_shstTracker
Value: 1
.daffodil-ruddy-run.glitch.me/ Name: _gid
Value: GA1.3.1541973902.1609084276
.doubleclick.net/ Name: IDE
Value: AHWqTUlUyfB5mVDLWt47NwSNFBzTmhvv_nHNGehSkYgRgOLaJsMnJS6UbTMQTTba
.daffodil-ruddy-run.glitch.me/ Name: _ga
Value: GA1.3.806958349.1609084275
daffodil-ruddy-run.glitch.me/ Name: shortest-last-redirect-time
Value: 1609084276291
daffodil-ruddy-run.glitch.me/ Name: shortest-entry-capping-v2
Value: 1
daffodil-ruddy-run.glitch.me/ Name: cookies-enable
Value: 1

44 Console Messages

Source Level URL
Text
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
[object HTMLDivElement]
console-api log URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ads.shorte.st
adservice.google.com
adservice.google.de
api.shorte.st
bdv.bidvertiser.com
c.adskeeper.co.uk
cdn.adskeeper.co.uk
cdn.carbonads.com
cdn.shorte.st
cdn4.buysellads.net
cdnjs.cloudflare.com
choogeet.net
choupsee.com
coinpayu.com
daffodil-ruddy-run.glitch.me
duetgypsyantis.com
googleads.g.doubleclick.net
jsc.adskeeper.co.uk
kumteerg.com
m.servedby-buysellads.com
mellowads.com
my.rtmark.net
onegalact.com
pagead2.googlesyndication.com
partner.googleadservices.com
rcm-na.amazon-adsystem.com
seaboblit.com
shorteh.com
srv.buysellads.com
srv.carbonads.net
ssp.zryydi.com
stawhoph.com
tpc.googlesyndication.com
waxtamnit.com
ws-na.assoc-amazon.com
www.gearbest.com
www.google-analytics.com
www.googletagservices.com
www.tradeadexchange.com
104.19.130.80
104.19.131.80
104.19.134.80
108.161.189.78
139.45.195.106
139.45.195.15
139.45.195.206
139.45.196.11
139.45.196.140
139.45.196.201
148.251.53.118
172.217.21.226
172.217.23.98
172.255.6.133
172.255.6.232
172.67.191.226
206.189.18.245
23.111.10.140
23.37.55.153
2606:4700:20::681a:46b
2606:4700:20::681a:56b
2606:4700:20::681a:c1a
2606:4700::6810:125e
2606:4700::6810:e633
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:816::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:81f::2001
2a00:1450:4001:820::200e
3.231.39.129
35.190.74.92
37.59.184.172
51.68.161.17
52.46.131.85
52.46.136.169
54.241.51.109
78.140.188.188
94.31.29.32
01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532
070d516a18cb073fc3ef931e3eb252437895f404073d5cab4a8a6bf78c4dfc4c
0cc7a13b0b2c0d3d7404cd3d88edb626552252ca9bc9de32456a4b46ae0545fd
0f16016a5e56b0e7f112a75c5fa905324a043d3b62c01eb6ae3f495b7e83b0b8
26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd
29c747ad9b7b9295cde2b30ecb05948ad79a00371a4a87934c67f43ed75e2153
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01
3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc
4758fa183f562bff5c8da5b6f274c13c5e6be62a13568f3fceea0b15cf5194d3
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
67e97c5c0f4d57ea0d863ed8555030e50eb84d99a791be4b3cfcd1154cfb5c3b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f
897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99
8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac90b265f479de9bf7a8db3b55a4120d36132f2241f94d926cf5e4dfc06c41f8
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474
b58ffbb4f7775ac57aa736e8570486663d0bea6b86b159c739fded90dad7258d
bd9a1ddc849f1dfd909ad542c261804a7fafad43205a97ee8dddd7dc91c49fdc
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c36d0137fae67049d8ed418abfca53f793ad4532fbbbea0d0479e04ec94ca5c0
c54ad7dc48a87764fc739e7182700006a7be516fb5ee774107d4bdbc6b1f4c85
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6c8d36a1bf77e47750de7ddc7f26930c817b94040efecfe1f5c7b2b3f7f0e5a
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b
eef5dc8f5b1eed5388f0d058f00aa43853ebe2b460b66167ece7632e5e810fed
f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881