Submitted URL: http://autoupdate.thesafestupdatesforthefuture.win/?pcl=fuhIo9wq4YcTmFZhhr1-nLACAyxTYJpDgUjp7Yob4f4.&cid=289906552074&sid=994201&v_id=dDHnIALwMbJGq...
Effective URL: http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhc...
Submission: On April 25 via manual from US

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 39 HTTP transactions. The main IP is 2400:cb00:2048:1::681c:f1f, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is viralfived.com.
This is the only time viralfived.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2400:cb00:204... 13335 (CLOUDFLAR...)
25 192.99.150.161 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 192.99.150.33 16276 (OVH)
5 172.217.7.130 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
39 9
Domain Requested by
25 d3.birdyflap.com viralfived.com
d3.birdyflap.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com viralfived.com
d3.birdyflap.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 www.googletagservices.com d3.birdyflap.com
1 ajax.googleapis.com d3.birdyflap.com
1 viralfived.com
39 7

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G2
2017-04-21 -
2017-07-14
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G2
2017-04-12 -
2017-07-05
3 months crt.sh
*.google-analytics.com
Google Internet Authority G2
2017-04-12 -
2017-07-05
3 months crt.sh

This page contains 3 frames:

Frame: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Frame ID: 17693.1
Requests: 3 HTTP requests in this frame

Frame: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Frame ID: 17709.1
Requests: 17 HTTP requests in this frame

Frame: http://d3.birdyflap.com/indexmobnoad.php
Frame ID: 17709.2
Requests: 19 HTTP requests in this frame

Screenshot


Page Statistics

39
Requests

23 %
HTTPS

63 %
IPv6

7
Domains

7
Subdomains

9
IPs

2
Countries

546 kB
Transfer

747 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set r2.php
viralfived.com/
Redirect Chain
  • http://mpjri.voluumtrk.com/efef8ec2-fe2c-471b-a99c-8338482157bc?s={PIXEL_PARAMS}
  • http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9s...
643 B
481 B
Document
General
Full URL
http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8=
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681c:f1f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.4.16
Resource Hash
49614c9b25c52afbd5719852d88c518d1e7f46cc25183f9f7ed755cae484579e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
viralfived.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Via
1.1 varnish-v4
Vary
Accept-Encoding, User-Agent
Content-Type
text/html
Server
cloudflare-nginx
Age
0
Set-Cookie
__cfduid=dbe7fa4faf5381e0c555a26238529a4f01493119366; expires=Wed, 25-Apr-18 11:22:46 GMT; path=/; domain=.viralfived.com; HttpOnly
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
X-Varnish
101356956 101356957
Content-Encoding
gzip
X-UA-Device
pc
Connection
keep-alive
CF-RAY
3550ed2597782654-FRA

Redirect headers

Pragma
no-cache
Date
Tue, 25 Apr 2017 11:22:45 GMT
Server
nginx
Location
http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8=
Set-Cookie
efef8ec2-fe2c-471b-a99c-8338482157bc-v4=efef8ec2-fe2c-471b-a99c-8338482157bc; Domain=mpjri.voluumtrk.com; Path=/; HttpOnly voluum-cid-v4=%7B%0A%20%20%22cid%22%20%3A%20%22wVN8M7RKNGLOLJT4HQSBC1IG%22%2C%0A%20%20%22caid%22%20%3A%20%22efef8ec2-fe2c-471b-a99c-8338482157bc%22%0A%7D; Domain=mpjri.voluumtrk.com; Expires=Wed, 25-Apr-2018 11:22:45 GMT; Path=/; HttpOnly
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/
0
0

/
d3.birdyflap.com/
0
0

/
d3.birdyflap.com/ Frame 1770
5 KB
2 KB
Document
General
Full URL
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 / PHP/5.4.16
Resource Hash
199bf6a4349cf704096ca5ca597f79632a19dc016dc6c24ee6dbc63e5f2f7907

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8=
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.10.2
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive
Keep-Alive
timeout=2
reset.css
d3.birdyflap.com/css/ Frame 1770
1 KB
625 B
Stylesheet
General
Full URL
http://d3.birdyflap.com/css/reset.css
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
34ba2fa6bc860a5da24add172ef3247f7cf85d16940e20b01d07249d8e4de221

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
W/"53df949b-4b8"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 1770
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ajax/libs/jquery/3.1.1/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ajax.googleapis.com
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 25 Apr 2017 10:09:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4410
status
200
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
30244
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Apr 2018 10:09:16 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 1770
2 KB
1 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f8b0:4004:80c::2002 , United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
4e0fb7ec88b2a7261510b6505861e7e60d7c6ac9f2e99ce39aefe34a77e997e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/tag/js/gpt.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagservices.com
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 25 Apr 2017 11:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490
status
200
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length
1234
x-xss-protection
1; mode=block
last-modified
Fri, 21 Apr 2017 20:07:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2017 11:14:36 GMT
track_common.js
d3.birdyflap.com/ Frame 1770
2 KB
2 KB
Script
General
Full URL
http://d3.birdyflap.com/track_common.js?t=10
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
e6d87b3cb6d86b7ef2b88143e6117830e8f232ef0980550a7dd2f2e4f791ec20

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Last-Modified
Mon, 27 Mar 2017 12:31:01 GMT
Server
nginx/1.10.2
ETag
"58d90605-7b1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1969
birdyflap.png
d3.birdyflap.com/ Frame 1770
1 KB
1 KB
Image
General
Full URL
http://d3.birdyflap.com/birdyflap.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
9c52093fb2189c4d26feb412afddd599fd1738c644e774bcb40e746b79c7c6d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Last-Modified
Fri, 21 Apr 2017 21:53:08 GMT
Server
nginx/1.10.2
ETag
"58fa7f44-5f3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1523
analytics.js
www.google-analytics.com/ Frame 1770
29 KB
12 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f8b0:4004:805::200e , United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
61da77dc7395b8c6962f484e6267e45929eac24cba88059273fd2ab9f0c7f472
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Apr 2017 16:40:28 GMT
server
Golfe2
age
2979
date
Tue, 25 Apr 2017 10:33:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
12163
expires
Tue, 25 Apr 2017 12:33:07 GMT
ip.php
192.99.150.33/serve/ Frame 1770
4 B
35 B
Image
General
Full URL
http://192.99.150.33/serve/ip.php?link_id=pubt_d3
Requested by
Host: viralfived.com
URL: http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8=
Protocol
HTTP/1.1
Server
192.99.150.33 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns518631.ip-192-99-150.net
Software
nginx/1.10.2 / PHP/5.6.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
192.99.150.33
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:31:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.10.2
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Keep-Alive
timeout=2
indexmobnoad.php
d3.birdyflap.com/ Frame 1770
2 KB
689 B
Document
General
Full URL
http://d3.birdyflap.com/indexmobnoad.php
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 / PHP/5.4.16
Resource Hash
bf0c8ebe460ffee5131f234b8b4e105b012bbf59904026581b91f46d86a83b94

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.10.2
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive
Keep-Alive
timeout=2
6ghgesn.jpg
d3.birdyflap.com/ Frame 1770
233 KB
233 KB
Image
General
Full URL
http://d3.birdyflap.com/6ghgesn.jpg
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
81bd4960a267332835b833cd9db63cb5e22f53030fbabc1e181107ea8ed0c78f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Last-Modified
Tue, 12 Aug 2014 07:20:03 GMT
Server
nginx/1.10.2
ETag
"53e9c023-3a4cd"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
238797
pubads_impl_114.js
securepubads.g.doubleclick.net/gpt/ Frame 1770
174 KB
59 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.7.130 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
iad30s08-in-f130.1e100.net
Software
sffe /
Resource Hash
ead8c15c8a48f00560e696b4d9990cfdd14f974f4bbacce076e87ba2e3efb73b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_114.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Wed, 19 Apr 2017 18:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
493666
status
200
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
60883
x-xss-protection
1; mode=block
last-modified
Thu, 13 Apr 2017 21:34:34 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Apr 2018 18:15:01 GMT
reset.css
d3.birdyflap.com/css/ Frame 1770
1 KB
625 B
Stylesheet
General
Full URL
http://d3.birdyflap.com/css/reset.css
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
34ba2fa6bc860a5da24add172ef3247f7cf85d16940e20b01d07249d8e4de221

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://d3.birdyflap.com/indexmobnoad.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
W/"53df949b-4b8"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=2
main.css
d3.birdyflap.com/css/ Frame 1770
7 KB
2 KB
Stylesheet
General
Full URL
http://d3.birdyflap.com/css/main.css
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
ee416da636b7c4fe488a67c294f60a6dc3172ecf430e8f143ccd61eb64176d59

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://d3.birdyflap.com/indexmobnoad.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:46 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Tue, 12 Aug 2014 05:30:19 GMT
Server
nginx/1.10.2
ETag
W/"53e9a66b-1cd3"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
Keep-Alive
timeout=2
replay.png
d3.birdyflap.com/assets/ Frame 1770
596 B
596 B
Image
General
Full URL
http://d3.birdyflap.com/assets/replay.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
551f9915f23b3a2bb55e4c347f3f6696d83380193c6b78279724777600119491

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/indexmobnoad.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-254"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
596
jquery.min.js
d3.birdyflap.com/js/ Frame 1770
91 KB
91 KB
Script
General
Full URL
http://d3.birdyflap.com/js/jquery.min.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-16bb3"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
93107
jquery.transit.min.js
d3.birdyflap.com/js/ Frame 1770
7 KB
7 KB
Script
General
Full URL
http://d3.birdyflap.com/js/jquery.transit.min.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-1d53"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
7507
buzz.min.js
d3.birdyflap.com/js/ Frame 1770
9 KB
9 KB
Script
General
Full URL
http://d3.birdyflap.com/js/buzz.min.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
1c9635777ecd259f968d71cf02b8d677399428a540c930f7968ad9e794bffde3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-2571"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
9585
main.js
d3.birdyflap.com/js/ Frame 1770
13 KB
13 KB
Script
General
Full URL
http://d3.birdyflap.com/js/main.js
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
537adef280ac7e4a1d10baed16d2851147f7268cdc06e9c5c17a2f63e2d7f6f7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-327f"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
12927
collect
www.google-analytics.com/r/ Frame 1770
35 B
44 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j52&a=352020098&t=pageview&_s=1&dl=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&dr=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&ul=en-us&de=UTF-8&dt=Birdy%20Flap&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=25.0%20r0&_u=AEAAAMABI~&jid=1685614544&gjid=1005115286&cid=1387354891.1493119367&tid=UA-97206283-7&_r=1&z=1796316582
Requested by
Host: viralfived.com
URL: http://viralfived.com/r2.php?c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a&u=aHR0cDovL2QzLmdvZmxhcHB5LmNvbS8/dXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f8b0:4004:805::200e , United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&_v=j52&a=352020098&t=pageview&_s=1&dl=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&dr=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&ul=en-us&de=UTF-8&dt=Birdy%20Flap&sd=24-bit&sr=1600x1200&vp=1598x1132&je=0&fl=25.0%20r0&_u=AEAAAMABI~&jid=1685614544&gjid=1005115286&cid=1387354891.1493119367&tid=UA-97206283-7&_r=1&z=1796316582
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2017 11:22:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
sky.png
d3.birdyflap.com/assets/ Frame 1770
4 KB
4 KB
Image
General
Full URL
http://d3.birdyflap.com/assets/sky.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
21330fb84665a5339050a428daae96149f34daa1eeeaa7495a85d69949773deb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/css/main.css
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-1183"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
4483
ceiling.png
d3.birdyflap.com/assets/ Frame 1770
110 B
110 B
Image
General
Full URL
http://d3.birdyflap.com/assets/ceiling.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
c3bdaeb271c2bdc489af4dc291caea560f4cc9c2387791fd34231e4c44c8f18d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/css/main.css
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-6e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
110
bird.png
d3.birdyflap.com/assets/ Frame 1770
282 B
282 B
Image
General
Full URL
http://d3.birdyflap.com/assets/bird.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
f2f1f75684acc7eda5057b0e9563fa8f5c220d7c057d614b31683b8f3d1cc760

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/css/main.css
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-11a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
282
splash.png
d3.birdyflap.com/assets/ Frame 1770
2 KB
2 KB
Image
General
Full URL
http://d3.birdyflap.com/assets/splash.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
e59bab94c637841df5dd0469abd712b7714bd120afad39722006a0fa1a9fa138

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/css/main.css
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-699"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
1689
scoreboard.png
d3.birdyflap.com/assets/ Frame 1770
3 KB
3 KB
Image
General
Full URL
http://d3.birdyflap.com/assets/scoreboard.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
04b31aeb1c55c4dc00d01a8c7f2ab64ca1463ebbebcaa721558249a25fc76ff4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/css/main.css
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-b4f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
2895
land.png
d3.birdyflap.com/assets/ Frame 1770
278 B
278 B
Image
General
Full URL
http://d3.birdyflap.com/assets/land.png
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
341b5be980a888fa63ec3149984413201d9af46a651966c026b20716ca1701b8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/css/main.css
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/css/main.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-116"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=2
Content-Length
278
sfx_wing.ogg
d3.birdyflap.com/assets/sounds/ Frame 1770
8 KB
8 KB
Media
General
Full URL
http://d3.birdyflap.com/assets/sounds/sfx_wing.ogg
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
b24398c3c87092f2ece69c88344e5555f91540e86db606f695e90d75db3ded9a

Request headers

Pragma
no-cache
Accept-Encoding
identity;q=1, *;q=0
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-1e30"
Content-Type
audio/ogg
Content-Range
bytes 0-7727/7728
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
7728
sfx_point.ogg
d3.birdyflap.com/assets/sounds/ Frame 1770
13 KB
13 KB
Media
General
Full URL
http://d3.birdyflap.com/assets/sounds/sfx_point.ogg
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
72f0629053abc19b619794a8f7f69712c8f1d41def80dad2984bfa9ff1278430

Request headers

Pragma
no-cache
Accept-Encoding
identity;q=1, *;q=0
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-33b3"
Content-Type
audio/ogg
Content-Range
bytes 0-13234/13235
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
13235
sfx_hit.ogg
d3.birdyflap.com/assets/sounds/ Frame 1770
15 KB
15 KB
Media
General
Full URL
http://d3.birdyflap.com/assets/sounds/sfx_hit.ogg
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
fe72b3d19a1d4fa4d56419d7b52344651c02b915d2d2f167edc1184978a88381

Request headers

Pragma
no-cache
Accept-Encoding
identity;q=1, *;q=0
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-3d36"
Content-Type
audio/ogg
Content-Range
bytes 0-15669/15670
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
15670
sfx_die.ogg
d3.birdyflap.com/assets/sounds/ Frame 1770
18 KB
18 KB
Media
General
Full URL
http://d3.birdyflap.com/assets/sounds/sfx_die.ogg
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
7820c7edfa811a9f83372603b5c6934054e3e86e29fdc3909955d4ef8c0f7680

Request headers

Pragma
no-cache
Accept-Encoding
identity;q=1, *;q=0
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-49fe"
Content-Type
audio/ogg
Content-Range
bytes 0-18941/18942
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
18942
sfx_swooshing.ogg
d3.birdyflap.com/assets/sounds/ Frame 1770
13 KB
13 KB
Media
General
Full URL
http://d3.birdyflap.com/assets/sounds/sfx_swooshing.ogg
Requested by
Host: d3.birdyflap.com
URL: http://d3.birdyflap.com/indexmobnoad.php
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
7b45a18945358a18f02c04e4e09440cce4f707e89b73d5f1e8e88bc600eddce7

Request headers

Pragma
no-cache
Accept-Encoding
identity;q=1, *;q=0
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-
Accept
*/*
Referer
http://d3.birdyflap.com/indexmobnoad.php
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/indexmobnoad.php
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 25 Apr 2017 11:22:47 GMT
Last-Modified
Mon, 04 Aug 2014 14:11:39 GMT
Server
nginx/1.10.2
ETag
"53df949b-3581"
Content-Type
audio/ogg
Content-Range
bytes 0-13696/13697
Connection
keep-alive
Keep-Alive
timeout=2
Content-Length
13697
container.html
tpc.googlesyndication.com/safeframe/1-0-8/html/ Frame 1770
3 KB
2 KB
Other
General
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-8/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
HTTP/1.1
Server
2607:f8b0:4004:805::2001 , United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Accept-Encoding
gzip, deflate, sdch
Host
tpc.googlesyndication.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
*/*
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Connection
keep-alive
Cache-Control
no-cache
Purpose
prefetch
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 18 Apr 2017 23:02:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 18 Apr 2017 21:46:52 GMT
Server
sffe
Age
562793
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
1747
X-XSS-Protection
1; mode=block
Expires
Wed, 18 Apr 2018 23:02:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1770
467 B
344 B
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-1&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367372&frm=20&biw=1598&bih=1132&oid=3&adx=50&ady=32&adk=1718805622&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=16&icsg=46&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.7.130 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
iad30s08-in-f130.1e100.net
Software
cafe /
Resource Hash
67db2abeca84f81088324e9c573fd5451fa3d66b457d50d8cb84a1f1d5ff63c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-1&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367372&frm=20&biw=1598&bih=1132&oid=3&adx=50&ady=32&adk=1718805622&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=16&icsg=46&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 25 Apr 2017 11:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
335
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Apr-2017 11:37:47 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1770
467 B
345 B
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-2&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367379&frm=20&biw=1598&bih=1132&oid=3&adx=50&ady=298&adk=3329898511&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=17&icsg=2094&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.7.130 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
iad30s08-in-f130.1e100.net
Software
cafe /
Resource Hash
c74b4881bc189937be78de43fcf9a9b41cec14c9c578d0a4d9f6e7f117925870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-2&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367379&frm=20&biw=1598&bih=1132&oid=3&adx=50&ady=298&adk=3329898511&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=17&icsg=2094&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 25 Apr 2017 11:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
336
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Apr-2017 11:37:47 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1770
467 B
346 B
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-3&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367383&frm=20&biw=1598&bih=1132&oid=3&adx=1009&ady=32&adk=922247008&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=18&icsg=10286&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.7.130 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
iad30s08-in-f130.1e100.net
Software
cafe /
Resource Hash
908efeddb56ff11878b0dff50d7f4a0e58c7172666d9d0eed61a06073af24888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-3&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367383&frm=20&biw=1598&bih=1132&oid=3&adx=1009&ady=32&adk=922247008&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=18&icsg=10286&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 25 Apr 2017 11:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
337
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Apr-2017 11:37:47 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 1770
467 B
347 B
Script
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-4&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367385&frm=20&biw=1598&bih=1132&oid=3&adx=1009&ady=298&adk=3497385534&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=19&icsg=43054&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_114.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.7.130 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
iad30s08-in-f130.1e100.net
Software
cafe /
Resource Hash
ed08fa7256185cfc5b61c8f25351557b2c80b9ac4e503371b7a3265b923f82cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2859189584799273&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809080&sc=0&sfv=1-0-8&iu=%2F26001828%2Fgf-300x250-4&sz=300x250%7C336x280&cust_params=pubt%3Dd3&cookie_enabled=1&lmt=1493119367&dt=1493119367385&frm=20&biw=1598&bih=1132&oid=3&adx=1009&ady=298&adk=3497385534&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&u_sd=1&flash=25.0.0&url=http%3A%2F%2Fd3.birdyflap.com%2F%3Futm_campaign%3Dxp2%26utm_medium%3Dbanner2%26utm_source%3Dxpollo%26c%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a&ref=http%3A%2F%2Fviralfived.com%2Fr2.php%3Fc%3DwVN8M7RKNGLOLJT4HQSBC1IG%26p%3De88ee0d3-a1bc-42dc-9901-594b0a233a0a%26u%3DaHR0cDovL2QzLmdvZmxhcHB5LmNvbS8%2FdXRtX2NhbXBhaWduPXhwMiZ1dG1fbWVkaXVtPWJhbm5lcjImdXRtX3NvdXJjZT14cG9sbG8%3D&dssz=19&icsg=43054&std=0&vrg=114&vrp=114&ga_vid=1387354891.1493119367&ga_sid=1493119367&ga_hid=352020098
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

date
Tue, 25 Apr 2017 11:22:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
338
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Tue, 25-Apr-2017 11:37:47 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
d3.birdyflap.com/ Frame 1770
571 B
200 B
Other
General
Full URL
http://d3.birdyflap.com/favicon.ico
Protocol
HTTP/1.1
Server
192.99.150.161 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
206f42d520769f5a05fa12453b0f4d567026fbe55bde8620043bef201b7f9540

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
d3.birdyflap.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
Cookie
_ga=GA1.2.1387354891.1493119367; _gat=1; __gads=ID=8cf8a6ad1357ad1f:T=1493119367:S=ALNI_MYE7dCVEGp6_EUZGnk11t4ZDJ-U_A
Connection
keep-alive
Cache-Control
no-cache
Referer
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date
Tue, 25 Apr 2017 11:22:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.10.2
Transfer-Encoding
chunked
Content-Type
text/html
Connection
keep-alive
Keep-Alive
timeout=2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
d3.birdyflap.com
URL
http://d3.birdyflap.com/?utm_campaign=xp2&utm_medium=banner2&utm_source=xpollo&c=wVN8M7RKNGLOLJT4HQSBC1IG&p=e88ee0d3-a1bc-42dc-9901-594b0a233a0a

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.birdyflap.com/ Name: __gads
Value: ID=8cf8a6ad1357ad1f:T=1493119367:S=ALNI_MYE7dCVEGp6_EUZGnk11t4ZDJ-U_A
.birdyflap.com/ Name: _gat
Value: 1
.birdyflap.com/ Name: _ga
Value: GA1.2.1387354891.1493119367

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d3.birdyflap.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
viralfived.com
www.google-analytics.com
www.googletagservices.com
d3.birdyflap.com
www.google-analytics.com
172.217.7.130
192.99.150.161
192.99.150.33
2400:cb00:2048:1::681c:f1f
2607:f8b0:4004:802::200a
2607:f8b0:4004:805::2001
2607:f8b0:4004:805::200e
2607:f8b0:4004:80c::2002
04b31aeb1c55c4dc00d01a8c7f2ab64ca1463ebbebcaa721558249a25fc76ff4
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
199bf6a4349cf704096ca5ca597f79632a19dc016dc6c24ee6dbc63e5f2f7907
1c9635777ecd259f968d71cf02b8d677399428a540c930f7968ad9e794bffde3
206f42d520769f5a05fa12453b0f4d567026fbe55bde8620043bef201b7f9540
21330fb84665a5339050a428daae96149f34daa1eeeaa7495a85d69949773deb
341b5be980a888fa63ec3149984413201d9af46a651966c026b20716ca1701b8
34ba2fa6bc860a5da24add172ef3247f7cf85d16940e20b01d07249d8e4de221
49614c9b25c52afbd5719852d88c518d1e7f46cc25183f9f7ed755cae484579e
4e0fb7ec88b2a7261510b6505861e7e60d7c6ac9f2e99ce39aefe34a77e997e0
537adef280ac7e4a1d10baed16d2851147f7268cdc06e9c5c17a2f63e2d7f6f7
551f9915f23b3a2bb55e4c347f3f6696d83380193c6b78279724777600119491
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d
61da77dc7395b8c6962f484e6267e45929eac24cba88059273fd2ab9f0c7f472
67db2abeca84f81088324e9c573fd5451fa3d66b457d50d8cb84a1f1d5ff63c2
72f0629053abc19b619794a8f7f69712c8f1d41def80dad2984bfa9ff1278430
7820c7edfa811a9f83372603b5c6934054e3e86e29fdc3909955d4ef8c0f7680
7b45a18945358a18f02c04e4e09440cce4f707e89b73d5f1e8e88bc600eddce7
81bd4960a267332835b833cd9db63cb5e22f53030fbabc1e181107ea8ed0c78f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
908efeddb56ff11878b0dff50d7f4a0e58c7172666d9d0eed61a06073af24888
96d3bf038966f99afc2c91b78a83c887caf0456db1e58ed2c7be2504dde9e810
9c52093fb2189c4d26feb412afddd599fd1738c644e774bcb40e746b79c7c6d2
b24398c3c87092f2ece69c88344e5555f91540e86db606f695e90d75db3ded9a
bf0c8ebe460ffee5131f234b8b4e105b012bbf59904026581b91f46d86a83b94
c3bdaeb271c2bdc489af4dc291caea560f4cc9c2387791fd34231e4c44c8f18d
c74b4881bc189937be78de43fcf9a9b41cec14c9c578d0a4d9f6e7f117925870
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59bab94c637841df5dd0469abd712b7714bd120afad39722006a0fa1a9fa138
e6d87b3cb6d86b7ef2b88143e6117830e8f232ef0980550a7dd2f2e4f791ec20
ead8c15c8a48f00560e696b4d9990cfdd14f974f4bbacce076e87ba2e3efb73b
ed08fa7256185cfc5b61c8f25351557b2c80b9ac4e503371b7a3265b923f82cc
ee416da636b7c4fe488a67c294f60a6dc3172ecf430e8f143ccd61eb64176d59
f2f1f75684acc7eda5057b0e9563fa8f5c220d7c057d614b31683b8f3d1cc760
fe72b3d19a1d4fa4d56419d7b52344651c02b915d2d2f167edc1184978a88381