urlscan.io logo urlscan.io
SecurityTrails logo

river-cloth-1.glitch.me Open in urlscan Pro
52.22.72.237  Public Scan

Go To Rescan Add Verdict Report
URL: http://river-cloth-1.glitch.me/
Submission: On June 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 14 domains to perform 25 HTTP transactions. The main IP is 52.22.72.237, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is river-cloth-1.glitch.me.
This is the only time river-cloth-1.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.22.72.237 14618 (AMAZON-AES)
3 151.101.37.131 54113 (FASTLY)
5 54.192.94.22 16509 (AMAZON-02)
2 172.217.21.194 15169 (GOOGLE)
1 63.34.193.70 16509 (AMAZON-02)
1 2 2.16.186.80 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.232.130 16625 (AKAMAI-AS)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
1 92.123.166.33 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 34.235.248.21 14618 (AMAZON-AES)
25 16
1    52.22.72.237 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-72-237.compute-1.amazonaws.com
river-cloth-1.glitch.me
3    151.101.37.131 (Amsterdam, Netherlands)

ASN54113 (FASTLY - Fastly, US)
ads.blogherads.com
5    54.192.94.22 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-22.fra2.r.cloudfront.net
tagan.adlightning.com
2    172.217.21.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    63.34.193.70 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-34-193-70.eu-west-1.compute.amazonaws.com
in.xspadvertising.com
2    2.16.186.80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
gslbeacon.lijit.com
1    92.123.166.33 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-166-33.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2600:9000:200c:b400:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
js.agkn.com
1    34.235.248.21 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-235-248-21.compute-1.amazonaws.com
d.agkn.com
Domain Requested by
5 tagan.adlightning.com ads.blogherads.com
tagan.adlightning.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 ads.blogherads.com river-cloth-1.glitch.me
2 gslbeacon.lijit.com 1 redirects tagan.adlightning.com
2 b.scorecardresearch.com 1 redirects river-cloth-1.glitch.me
2 securepubads.g.doubleclick.net ads.blogherads.com
securepubads.g.doubleclick.net
1 d.agkn.com js.agkn.com
1 js.agkn.com ads.blogherads.com
1 stats.g.doubleclick.net
1 www.googletagmanager.com ads.blogherads.com
1 eus.rubiconproject.com tagan.adlightning.com
1 acdn.adnxs.com tagan.adlightning.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 in.xspadvertising.com ads.blogherads.com
1 river-cloth-1.glitch.me
25 16

This site contains links to these domains. Also see Links.

Domain
www.shemedia.com
corporate.shemedia.com
Subject Issuer Validity Valid
z.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-31 -
2019-09-20		 4 months crt.sh
*.adlightning.com
Amazon		 2018-08-31 -
2019-09-30		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

1970-01-01 -
1970-01-01		 a few seconds crt.sh
*.google.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://river-cloth-1.glitch.me/
Frame ID: 6A04BEC9EB6B3EF3A3622663D9C07913
Requests: 21 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E6053ACA56CBA5ACF6D9A5502A24C63F
Requests: 1 HTTP requests in this frame

Frame: http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2&dnr=1
Frame ID: ACACA264F4CC156D15833AACA5E740FA
Requests: 1 HTTP requests in this frame

Frame: http://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 8665F9FEA96F9F2FA8F294703FA0B6B4
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=77776295&gdpr=1&gdpr_consent=&url=http%3A%2F%2Friver-cloth-1.glitch.me%2F&bpid=sheknows&c=%7B%22bpid%22%3A%22sheknows%22%2C%22loc%22%3A%22http%3A%2F%2Friver-cloth-1.glitch.me%2F%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 618DDF84EC5675E46556A5D31660E43D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

25
Requests

68 %
HTTPS

38 %
IPv6

14
Domains

16
Subdomains

16
IPs

6
Countries

405 kB
Transfer

1050 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://b.scorecardresearch.com/b?c1=2&c2=6034790&ns__t=1561517850080&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2Friver-cloth-1.glitch.me%2F&c9= HTTP 302
  • http://b.scorecardresearch.com/b2?c1=2&c2=6034790&ns__t=1561517850080&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2Friver-cloth-1.glitch.me%2F&c9=
Request Chain 15
  • http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2 HTTP 302
  • http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2&dnr=1

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
river-cloth-1.glitch.me/ 		643 B
936 B 		Document
General
Check archive.org
Download Go to
Full URL
http://river-cloth-1.glitch.me/
Protocol
HTTP/1.1
Server
52.22.72.237 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-22-72-237.compute-1.amazonaws.com
Software
/ Express
Resource Hash
dfa9ce5fc07473d7bfa0b9a03cce161f0f1fd427e2d232788f5f08c80e62ec9e

Request headers

Host
river-cloth-1.glitch.me
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Jun 2019 02:57:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
643
Connection
keep-alive
x-powered-by
Express
accept-ranges
bytes
cache-control
public, max-age=0
last-modified
Wed, 26 Jun 2019 02:57:01 GMT
etag
W/"283-16b91b70c48"
blogherads.js
ads.blogherads.com/static/ 		413 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/blogherads.js
Requested by
Host: river-cloth-1.glitch.me
URL: http://river-cloth-1.glitch.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.37.131 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3a33dbd5ef546282eeb12b6e6a5485f97db9618942803d3e53352c644483901

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:29 GMT
via
1.1 varnish
age
2015
x-cache
HIT
status
200
content-encoding
br
x-amz-request-id
92988D623E06075D
x-amz-id-2
Zxs2omQIg4A/mzKr/jlerIqaw4v74VXNBc2wsjhh9NBFbnA6ESSmJlGRVNPtBnMoFMQ9lbGiqQU=
x-served-by
cache-ams21025-AMS
access-control-allow-origin
*
last-modified
Wed, 26 Jun 2019 02:23:48 GMT
x-timer
S1561517850.995965,VS0,VE0
etag
"9c3b3cfe7298356a94a38b9843e1bd40"
vary
x-gdpr, Accept-Encoding
content-type
application/javascript
x-country
EU
cache-control
max-age=14400
accept-ranges
none
x-cache-hits
12
header.js
ads.blogherads.com/bh/37/379/379668/1797640/ 		1 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/37/379/379668/1797640/header.js
Requested by
Host: river-cloth-1.glitch.me
URL: http://river-cloth-1.glitch.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.37.131 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
9a7e6fbd253b0eda6eb87ddf3f335ccf7405c9aa06496c64be517e7b0933b8ce

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:29 GMT
content-encoding
gzip
age
25732
x-cache
HIT
status
200
x-country
EU
content-length
649
x-amz-id-2
FyLdVWf10pBd72lAX0KIdR8mbl7MZS4P5tHvgjh48nbcDlmPk7Y8xtI8Qz8JZ4/9OrlGcCPssYU=
x-served-by
cache-ams21025-AMS
access-control-allow-origin
*
last-modified
Tue, 25 Jun 2019 09:51:53 GMT
x-timer
S1561517850.995996,VS0,VE1
etag
"510e0f92e5524a87471774dba486b225"
vary
x-gdpr, Accept-Encoding
x-amz-request-id
69372DC28AC178ED
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
1
blacklist_script.js
tagan.adlightning.com/sheknows/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/blacklist_script.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-22.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d70fb6bef8e9b87437b8dba1c72d3791070c467e9bca13509dd68b24aad6a756

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
a9CHQYMi7FjRAi3XZ_1Y7oxzpQIky.si
content-encoding
gzip
age
687
x-cache
Hit from cloudfront
status
200
date
Wed, 26 Jun 2019 02:46:18 GMT
content-length
28659
x-amz-meta-git_commit
d3bf1da
last-modified
Wed, 26 Jun 2019 00:29:24 GMT
server
AmazonS3
etag
"c97c740ec7903990355ff608aed615ce"
content-type
application/javascript
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
NaQJrr48XxNiNz2RL3vmfd2jjijIeeXwZeQdBK3n4JPYaEpFn2shCQ==
blocking_script.js
tagan.adlightning.com/sheknows/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/blocking_script.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-22.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ce0afab515a8c03f4013ce19fef1e826f0ade339e627d82d9b4fdb2fa8a7f3f

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
5g6vVZ0b1VzdYLNheN8WJJIZWex3eZXf
content-encoding
gzip
age
37731
x-cache
Hit from cloudfront
status
200
date
Tue, 25 Jun 2019 16:29:05 GMT
content-length
12445
x-amz-meta-git_commit
d3bf1da
last-modified
Wed, 19 Jun 2019 16:28:23 GMT
server
AmazonS3
etag
"931f97d98e3d7d672108877a02743d89"
content-type
application/javascript
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
SC01Q6dll8hpnMpA8d__soGoaLnsgOXeeCixJuMBoP96KWSnC10J2g==
op.js
tagan.adlightning.com/sheknows/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/op.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-22.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe0de33193b4027c64cea65f5957cfb415846c93ae248948461288542f80b860

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hUCF2xX7HPrHcNd9WrqQV_6gZmuvwnxl
content-encoding
gzip
age
710
x-cache
Hit from cloudfront
status
200
date
Wed, 26 Jun 2019 02:46:18 GMT
content-length
13062
x-amz-meta-git_commit
d3bf1da
last-modified
Wed, 26 Jun 2019 00:29:29 GMT
server
AmazonS3
etag
"52717f722d2c7a4be10152b690a08a68"
content-type
application/javascript
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
zFpTERUCSt-QW3lKhE4sQ109kBnpERJDYD55xcBVMRYnPFHSn782Mw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
3abc7651953ccb4c244a744442658f8fd76f5d66a6c0c295d489dabf16125446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"204 / 931 of 1000 / last-modified: 1561501021"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
11185
x-xss-protection
0
expires
Wed, 26 Jun 2019 02:57:30 GMT
sheknows.js
in.xspadvertising.com/ingest/ 		0
103 B 		Script
General
Check archive.org
Download Go to
Full URL
http://in.xspadvertising.com/ingest/sheknows.js?k=entertainment
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
, ,
Server
63.34.193.70 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-34-193-70.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 26 Jun 2019 02:57:30 GMT
Server
nginx
b2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/b?c1=2&c2=6034790&ns__t=1561517850080&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2Friver-cloth-1.glitch.me%2F&c9=
  • http://b.scorecardresearch.com/b2?c1=2&c2=6034790&ns__t=1561517850080&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2Friver-cloth-1.glitch.me%2F&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/b2?c1=2&c2=6034790&ns__t=1561517850080&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2Friver-cloth-1.glitch.me%2F&c9=
Requested by
Host: river-cloth-1.glitch.me
URL: http://river-cloth-1.glitch.me/
Protocol
HTTP/1.1
Security
, ,
Server
2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2019 02:57:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/b2?c1=2&c2=6034790&ns__t=1561517850080&ns_c=UTF-8&cv=3.1&c8=&c7=http%3A%2F%2Friver-cloth-1.glitch.me%2F&c9=
Pragma
no-cache
Date
Wed, 26 Jun 2019 02:57:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
SMPN_comScore_175x32_Food.jpg
ads.blogherads.com/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/SMPN_comScore_175x32_Food.jpg
Requested by
Host: river-cloth-1.glitch.me
URL: http://river-cloth-1.glitch.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.37.131 Amsterdam, Netherlands, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
b8709b8bfd2f3683f9b1a84807db1235b69445f42a99c531ce663cda7fce35cc

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:30 GMT
via
1.1 varnish
age
1938
x-cache
HIT
status
200
content-encoding
br
x-amz-request-id
F9FD29932031AE97
x-amz-id-2
041AD3BUcyQxalAYEy3/PDE4mRDKqVHUEu1wkmXQ86OSVgFd9UvF+wyb8Z72L6AKXLPq5dMFBbU=
x-served-by
cache-ams21025-AMS
access-control-allow-origin
*
last-modified
Mon, 24 Jun 2019 23:01:34 GMT
x-timer
S1561517850.097387,VS0,VE0
etag
"0776ef58615c9fe6bce4d46e582c8ead"
vary
x-gdpr, accept-encoding
content-type
image/jpeg
x-country
EU
cache-control
max-age=14400
accept-ranges
none
x-cache-hits
2
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=river-cloth-1.glitch.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=river-cloth-1.glitch.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019061701.js
securepubads.g.doubleclick.net/gpt/ 		149 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
ac33bcd662b21c0fc9e61c2a5c40ed6ff4fb4dbb9a2123ccbdee883a71269e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jun 2019 13:05:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
55859
x-xss-protection
0
expires
Wed, 26 Jun 2019 02:57:30 GMT
b-d3bf1da.js
tagan.adlightning.com/sheknows/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-d3bf1da.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-22.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ce0afab515a8c03f4013ce19fef1e826f0ade339e627d82d9b4fdb2fa8a7f3f

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 19 Jun 2019 16:28:41 GMT
content-encoding
gzip
age
556130
x-cache
Hit from cloudfront
status
200
content-length
12445
x-amz-meta-git_commit
d3bf1da
last-modified
Wed, 19 Jun 2019 16:28:23 GMT
server
AmazonS3
etag
"931f97d98e3d7d672108877a02743d89"
x-amz-version-id
0l23u54AyR3x_0TkYZhx1Qs1BfLsVQ7R
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
bswKlEVTTWkYAZ0FJTLA-Kvk1P8dtDtQn9-NpoWmbnSD4yaZSVfJfg==
bl-d3bf1da-77a37350.js
tagan.adlightning.com/sheknows/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/bl-d3bf1da-77a37350.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-22.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d70fb6bef8e9b87437b8dba1c72d3791070c467e9bca13509dd68b24aad6a756

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 00:29:56 GMT
content-encoding
gzip
age
8855
x-cache
Hit from cloudfront
status
200
content-length
28659
x-amz-meta-git_commit
d3bf1da
last-modified
Wed, 26 Jun 2019 00:29:24 GMT
server
AmazonS3
etag
"c97c740ec7903990355ff608aed615ce"
x-amz-version-id
QXmEys5qg.XQf2MtPzThXDhZPjkIYizW
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Ny4pm_7DRmomhvnZZHzCeY50TSFub6waYyTFaLzybN74mUiRvtu1Wg==
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E605 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://river-cloth-1.glitch.me/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://river-cloth-1.glitch.me/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Thu, 25 Jun 2020 02:57:30 GMT
Date
Wed, 26 Jun 2019 02:57:30 GMT
Connection
keep-alive
Cookie set beacon
gslbeacon.lijit.com/ Frame ACAC
Redirect Chain
  • http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2
  • http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2&dnr=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2&dnr=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
gslbeacon.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://river-cloth-1.glitch.me/
Accept-Encoding
gzip, deflate
Cookie
ljt_reader=af1f7b78fd60b9247244fa08
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://river-cloth-1.glitch.me/

Response headers

Server
nginx
Date
Wed, 26 Jun 2019 02:57:30 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Application-Context
application:prod:9080
Set-Cookie
tpro=eJxNUMtuhDAM%2FBefI%2BTw2i2%2F0b1VVRQFA5FCggJUqlb8e52wi3qb8UzGnjwhbBNF6J7gNjsTdChgDr0yYffbya75D8XVBg8dlAXCISDSQDFaP36SjmZ6UJxX6L6%2BBSwxDNZRyrXehDkjiagWt7MFi%2FImoELV4pu0qFjP7C4AVZWxvPMaE5yjMUdcEItawBh1r1YzZWcjwAd%2FSg2%2FGsn3Z7OBZu2ywJ4Lpvu1OVP1btKMF7%2B%2BAwuUAvQQlZ4zY0mvVvtMOGay65Jxmw6crOsj%2BZTlQ05n%2Fy%2FlpnXJDn2eL%2B%2BqqtOw4vZKlu80yeSWW%2FC8UfXHy9P8%2B7DmOI4%2FvRJ50A%3D%3D;Path=/;Domain=.lijit.com;Expires=Thu, 25-Jun-2020 02:57:30 GMT;Max-Age=31536000 ljtrtb_refresh=false;Path=/;Domain=.lijit.com;Expires=Sun, 30-Jun-2019 02:57:30 GMT;Max-Age=345600 ljtrtbexp=eJxlkDsSgDAIBe%2BS2iIgn%2BDVHO%2BeGa1YywXeZ7iHjEs8NDXN5zG0Y0TnE4i1d0yYy%2BxsSDPYJ%2BwF91WVv8mCBp0EnoudCg9BJ4deP5aYpu8e%2BdoaPhsKpkgm;Path=/;Domain=.lijit.com;Expires=Thu, 25-Jun-2020 02:57:30 GMT;Max-Age=31536000
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ap2ams1

Redirect headers

Server
nginx
Date
Wed, 26 Jun 2019 02:57:30 GMT
Content-Length
0
X-Application-Context
application:prod:9080
Set-Cookie
ljt_reader=af1f7b78fd60b9247244fa08;Path=/;Domain=.lijit.com;Expires=Thu, 25-Jun-2020 02:57:30 GMT;Max-Age=31536000
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
http://gslbeacon.lijit.com/beacon?viewId=sheknows_auction_api&rand=1805235508&informer=4358773&-type=fpads&loc=river-cloth-1.glitch.me&v=1.2&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ap2ams1
usync.html
eus.rubiconproject.com/ Frame 8665 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Server
92.123.166.33 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a92-123-166-33.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://river-cloth-1.glitch.me/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://river-cloth-1.glitch.me/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 19 Jun 2019 15:30:37 GMT
Content-Encoding
gzip
Content-Length
7570
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=20152
Expires
Wed, 26 Jun 2019 08:33:22 GMT
Date
Wed, 26 Jun 2019 02:57:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		108 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDNHFH&l=dataLayer_SKM
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b6be395ffe4623f4f88278f9ce91a15b1672d78c70b389df168140a573a3ecf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:57:30 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25082
x-xss-protection
0
expires
Wed, 26 Jun 2019 02:57:30 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDNHFH&l=dataLayer_SKM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5392
date
Wed, 26 Jun 2019 01:27:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 26 Jun 2019 03:27:38 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Jun 2019 02:38:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1154
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
0
expires
Wed, 26 Jun 2019 03:38:16 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&aip=1&a=774783491&t=pageview&_s=1&dl=http%3A%2F%2Friver-cloth-1.glitch.me%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAAgQAj~&jid=2045778782&gjid=1004057304&cid=1502091734.1561517850&tid=UA-72491114-4&_gid=1980162743.1561517850&gtm=2wg6c0TDNHFH&cd35=8352&cd36=bh.willbakeforbooks1797640&cd37=entertainment&cd38=_na_&cd39=_na_&cd40=2019-06-26T02%3A57%3A30.427%2B00%3A00&cd42=&cd43=http%3A%2F%2Friver-cloth-1.glitch.me%2F&cd44=&cd45=GTM-TDNHFH&cd46=15&cd103=b7295b25-0787-45cb-877d-bf5e6115df4a&z=34070495
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Jun 2019 04:23:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1031663
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-72491114-4&cid=1502091734.1561517850&jid=2045778782&gjid=1004057304&_gid=1980162743.1561517850&_u=aGAAgQAj~&z=1605918522
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 26 Jun 2019 02:57:30 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.js
js.agkn.com/prod/v0/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.agkn.com/prod/v0/tag.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
, ,
Server
2600:9000:200c:b400:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer
http://river-cloth-1.glitch.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 25 Jun 2019 23:38:36 GMT
Via
1.1 f131f7f70cfd3a8b96a854e1f446f33b.cloudfront.net (CloudFront)
Last-Modified
Tue, 04 Dec 2018 22:35:38 GMT
Server
AmazonS3
Age
93396
ETag
"a5442c681a576408c25edbf365995343"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3167
X-Amz-Cf-Id
nM2eWzXvZ0bQAKgTgsnGKDP3LTFWgxC7OEasRCjtkKkF4gGVW6vJvw==
Cookie set /
d.agkn.com/iframe/8613/ Frame 618D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://d.agkn.com/iframe/8613/?che=77776295&gdpr=1&gdpr_consent=&url=http%3A%2F%2Friver-cloth-1.glitch.me%2F&bpid=sheknows&c=%7B%22bpid%22%3A%22sheknows%22%2C%22loc%22%3A%22http%3A%2F%2Friver-cloth-1.glitch.me%2F%22%2C%22gdpr%22%3A%221%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Server
34.235.248.21 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-235-248-21.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://river-cloth-1.glitch.me/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://river-cloth-1.glitch.me/

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Wed, 26 Jun 2019 02:57:30 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AGgAgs96LlKabUFyyGy5ShU%2BWYLq%2Fxz%2FK;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkpZubJKWbmwAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length
480
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| blogherads object| __core-js_shared__ object| MoatUA object| googletag object| regeneratorRuntime object| dataLayer_SKM string| _skmPageViewId object| _comscore function| udm_ object| ns_p object| COMSCORE object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| pt_0x5ef5 function| pt_0x5d9f object| blacklist function| i4fduo8szk0 object| j8_0x3ee4 function| j8_0x27b7 function| blocker function| 1evbol2yfw8w object| qE_0x43ad function| qE_0xcf7b function| op function| 2pkv9xhkcg0 boolean| vjk7ey1xlog object| 69h0d6c17uo undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id boolean| _skmNoGACookies object| google_tag_manager function| _SKM_firstPageView string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setUpAgknTag function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.blogherads.com
adservice.google.com
adservice.google.de
b.scorecardresearch.com
d.agkn.com
eus.rubiconproject.com
gslbeacon.lijit.com
in.xspadvertising.com
js.agkn.com
river-cloth-1.glitch.me
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tagan.adlightning.com
www.google-analytics.com
www.googletagmanager.com
151.101.37.131
172.217.21.194
2.16.186.80
2.18.232.130
2600:9000:200c:b400:15:efbc:e300:93a1
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2008
2a00:1450:4001:81f::200e
2a00:1450:400c:c08::9c
34.235.248.21
52.22.72.237
54.192.94.22
63.34.193.70
72.251.249.13
92.123.166.33
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
3abc7651953ccb4c244a744442658f8fd76f5d66a6c0c295d489dabf16125446
6ce0afab515a8c03f4013ce19fef1e826f0ade339e627d82d9b4fdb2fa8a7f3f
7b6be395ffe4623f4f88278f9ce91a15b1672d78c70b389df168140a573a3ecf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9a7e6fbd253b0eda6eb87ddf3f335ccf7405c9aa06496c64be517e7b0933b8ce
ac33bcd662b21c0fc9e61c2a5c40ed6ff4fb4dbb9a2123ccbdee883a71269e28
b8709b8bfd2f3683f9b1a84807db1235b69445f42a99c531ce663cda7fce35cc
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
d70fb6bef8e9b87437b8dba1c72d3791070c467e9bca13509dd68b24aad6a756
dfa9ce5fc07473d7bfa0b9a03cce161f0f1fd427e2d232788f5f08c80e62ec9e
e3a33dbd5ef546282eeb12b6e6a5485f97db9618942803d3e53352c644483901
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe0de33193b4027c64cea65f5957cfb415846c93ae248948461288542f80b860