daffodil-ruddy-run.glitch.me Open in urlscan Pro
52.3.60.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://daffodil-ruddy-run.glitch.me/
Submission: On January 14 via manual (January 14th 2021, 1:25:07 am UTC) from US

Summary HTTP 227 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 92 IPs in 11 countries across 71 domains to perform 227 HTTP transactions. The main IP is 52.3.60.128, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is daffodil-ruddy-run.glitch.me.

This is the only time daffodil-ruddy-run.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.3.60.128 52.3.60.128	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2606:4700:303... 2606:4700:3035::6818:7e98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:8916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.68.161.17 51.68.161.17	16276 (OVH) (OVH)
1	146.59.211.253 146.59.211.253	16276 (OVH) (OVH)
10	139.45.196.135 139.45.196.135	9002 (RETN-AS) (RETN-AS)
3	139.45.196.200 139.45.196.200	9002 (RETN-AS) (RETN-AS)
1	139.45.195.206 139.45.195.206	9002 (RETN-AS) (RETN-AS)
1	2600:9000:21c... 2600:9000:21c7:2800:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:234... 2606:2800:234:4cc4:5670:35d5:1e00:b394	15133 (EDGECAST) (EDGECAST)
1	2600:9000:21c... 2600:9000:21c7:e800:1d:bf0d:abc0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.35.253.58 13.35.253.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4b05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.196.65 139.45.196.65	9002 (RETN-AS) (RETN-AS)
1	2606:2800:233... 2606:2800:233:af6:eab:2108:1892:6d8	15133 (EDGECAST) (EDGECAST)
3 8	173.192.101.24 173.192.101.24	36351 (SOFTLAYER) (SOFTLAYER)
1	37.59.184.172 37.59.184.172	16276 (OVH) (OVH)
3	213.196.2.2 213.196.2.2	7979 (SERVERS-COM) (SERVERS-COM)
3	54.241.51.109 54.241.51.109	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.10.140 23.111.10.140	33438 (HIGHWINDS2) (HIGHWINDS2)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2)
1	51.178.195.174 51.178.195.174	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6812:1041	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	35.190.68.123 35.190.68.123	15169 (GOOGLE) (GOOGLE)
3	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
9	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	51.68.161.27 51.68.161.27	16276 (OVH) (OVH)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
3	85.10.201.130 85.10.201.130	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:214... 2600:9000:214f:b400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	52.52.67.66 52.52.67.66	16509 (AMAZON-02) (AMAZON-02)
2	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	79.125.73.87 79.125.73.87	16509 (AMAZON-02) (AMAZON-02)
1	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	139.45.195.41 139.45.195.41	9002 (RETN-AS) (RETN-AS)
11	52.222.141.90 52.222.141.90	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:809::200d	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:20:... 2606:4700:20::681a:46b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.77.38 192.0.77.38	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
2	2606:4700:e0:... 2606:4700:e0::ac40:6b0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.200.118.90 185.200.118.90	9009 (M247) (M247)
2	38.132.109.186 38.132.109.186	9009 (M247) (M247)
2	185.200.116.90 185.200.116.90	9009 (M247) (M247)
2 2	52.46.129.238 52.46.129.238	16509 (AMAZON-02) (AMAZON-02)
1	52.46.135.132 52.46.135.132	16509 (AMAZON-02) (AMAZON-02)
1	134.209.16.110 134.209.16.110	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	104.19.134.80 104.19.134.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.133.80 104.19.133.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.133.145 104.18.133.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	94.31.29.128 94.31.29.128	6461 (ZAYO-6461) (ZAYO-6461)
1	178.128.255.177 178.128.255.177	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 12	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a0c:5c81:516... 2a0c:5c81:5161::2	55081 (24SHELLS) (24SHELLS)
1	104.21.20.75 104.21.20.75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	78.140.188.189 78.140.188.189	35415 (WEBZILLA) (WEBZILLA)
2	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2)
1	13.226.169.25 13.226.169.25	16509 (AMAZON-02) (AMAZON-02)
1	216.21.13.17 216.21.13.17	53334 (TUT-AS) (TUT-AS)
4	54.154.46.83 54.154.46.83	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:20:... 2606:4700:20::ac43:4671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.59.56.9 216.59.56.9	53334 (TUT-AS) (TUT-AS)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
10	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::ac43:4a21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	139.45.196.11 139.45.196.11	9002 (RETN-AS) (RETN-AS)
1	23.43.126.245 23.43.126.245	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.190.74.92 35.190.74.92	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80a::2003	15169 (GOOGLE) (GOOGLE)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
1	34.96.106.9 34.96.106.9	15169 (GOOGLE) (GOOGLE)
2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	152.195.51.15 152.195.51.15	15133 (EDGECAST) (EDGECAST)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
227	92

1 52.3.60.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-60-128.compute-1.amazonaws.com

daffodil-ruddy-run.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6818:7e98 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.popmyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popmyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8916 (United States)

ASN13335 (CLOUDFLARENET, US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.161.17 (France)

ASN16276 (OVH, FR)
PTR: ip17.ip-51-68-161.eu

onegalact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.211.253 (Norway)

ASN16276 (OVH, FR)
PTR: ip253.ip-146-59-211.eu

waxtamnit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.135 (Ascension Island)

ASN9002 (RETN-AS, GB)

kumteerg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.200 (Ascension Island)

ASN9002 (RETN-AS, GB)

choupsee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.206 (Ascension Island)

ASN9002 (RETN-AS, GB)

choogeet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:2800:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)

a.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:e800:1d:bf0d:abc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2sbzwmcg5amr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-58.fra6.r.cloudfront.net

djv99sxoqpv11.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b05 (United States)

ASN13335 (CLOUDFLARENET, US)

coinpayu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.65 (Ascension Island)

ASN9002 (RETN-AS, GB)

stawhoph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:af6:eab:2108:1892:6d8 (United States)

ASN15133 (EDGECAST, US)

s.aolcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.192.101.24 (Dallas, United States) 3 redirects

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com

p405661.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p93920.clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clksite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.infopicked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.59.184.172 (France)

ASN16276 (OVH, FR)
PTR: ip172.ip-37-59-184.eu

duetgypsyantis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.196.2.2 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.bcloudhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.241.51.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-51-109.us-west-1.compute.amazonaws.com

bdv.bidvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.10.140 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

cdn.carbonads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2, US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.195.174 (France)

ASN16276 (OVH, FR)
PTR: ip174.ip-51-178-195.eu

seaboblit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1041 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.68.123 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 123.68.190.35.bc.googleusercontent.com

www.maxonclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.161.27 (France)

ASN16276 (OVH, FR)
PTR: ip27.ip-51-68-161.eu

thetarhaw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.10.201.130 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85-10-201-130.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.67.66 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-66.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::2 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

c1.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.125.73.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.41 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.141.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)

resumersvo.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:46b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.38 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6b0b (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

vdkveszksxtv.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1ebhpl12oqp.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

vdkveszksxtv.n.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1ebhpl12oqp.n.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

vdkveszksxtv.s.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1ebhpl12oqp.s.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.129.238 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

rcm-na.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.135.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

ws-na.assoc-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.16.110 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.80 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.133.80 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.133.145 (United States)

ASN13335 (CLOUDFLARENET, US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 94.31.29.128 (United Kingdom)

ASN6461 (ZAYO-6461, US)

p405661.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p93920.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p0.mycdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.255.177 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.carbonads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5161::2 (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.20.75 (United States)

ASN13335 (CLOUDFLARENET, US)

ssp.zryydi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 78.140.188.189 (Netherlands)

ASN35415 (WEBZILLA, NL)

api.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.169.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)

yiatelychur.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.21.13.17 (United States)

ASN53334 (TUT-AS, US)

serve.popads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.154.46.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4671 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.56.9 (United States)

ASN53334 (TUT-AS, US)

displayvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a21 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ads.shorte.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.11 (Ascension Island) 1 redirects

ASN9002 (RETN-AS, GB)

shorteh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.43.126.245 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.74.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)

www.tradeadexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.106.9 (United States)

ASN15169 (GOOGLE, US)

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.51.15 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Switzerland)

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	adsco.re c.adsco.re 6.adsco.re 4.adsco.re adsco.re vdkveszksxtv.l.adsco.re vdkveszksxtv.n.adsco.re vdkveszksxtv.s.adsco.re m1ebhpl12oqp.l.adsco.re m1ebhpl12oqp.n.adsco.re m1ebhpl12oqp.s.adsco.re	34 KB
15	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com	953 KB
12	yandex.ru 2 redirects mc.yandex.ru	98 KB
11	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com	225 KB
11	resumersvo.fun resumersvo.fun	4 KB
10	mycdn.co p405661.mycdn.co p93920.mycdn.co p0.mycdn.co	187 KB
10	shorte.st 2 redirects cdn.shorte.st api.shorte.st ads.shorte.st	48 KB
10	kumteerg.com kumteerg.com	88 KB
9	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	333 KB
8	adskeeper.com jsc.adskeeper.com servicer.adskeeper.com cm.adskeeper.com s-img.adskeeper.com c.adskeeper.com	108 KB
5	criteo.com 2 redirects gum.criteo.com mug.criteo.com	3 KB
5	google.com accounts.google.com www.google.com	669 B
5	revcontent.com assets.revcontent.com trends.revcontent.com	84 KB
5	infopicked.com infopicked.com beta.infopicked.com	42 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	162 KB
4	seedtag.com config.seedtag.com s.seedtag.com	138 KB
4	googlesyndication.com pagead2.googlesyndication.com	179 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
3	adskeeper.co.uk 1 redirects jsc.adskeeper.co.uk cdn.adskeeper.co.uk	67 KB
3	pubmine.com s.pubmine.com c0.pubmine.com	52 KB
3	a-ads.com ad.a-ads.com
3	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	55 KB
3	bidvertiser.com bdv.bidvertiser.com	9 KB
3	bcloudhost.com www.bcloudhost.com
3	clksite.com 3 redirects p405661.clksite.com p93920.clksite.com clksite.com	744 B
3	choupsee.com choupsee.com	67 KB
3	onegalact.com onegalact.com	1 KB
2	yahoo.com tag.idsync.analytics.yahoo.com cms.analytics.yahoo.com
2	rlcdn.com api.rlcdn.com	447 B
2	tradeadexchange.com www.tradeadexchange.com	16 KB
2	googletagservices.com www.googletagservices.com	38 KB
2	pubmatic.com ads.pubmatic.com	168 KB
2	buysellads.net cdn4.buysellads.net	32 KB
2	amazon-adsystem.com 2 redirects rcm-na.amazon-adsystem.com	765 B
2	freychang.fun freychang.fun	1 KB
2	displayvertising.com www.displayvertising.com displayvertising.com	10 KB
2	popads.net c1.popads.net serve.popads.net	10 KB
2	cloudflare.com cdnjs.cloudflare.com	3 KB
2	cloudfront.net d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net	206 KB
2	exosrv.com a.exosrv.com syndication.exosrv.com	39 KB
2	mellowads.com mellowads.com	41 KB
2	popmyads.com 1 redirects cdn.popmyads.com popmyads.com	31 KB
1	gearbest.com www.gearbest.com
1	shorteh.com 1 redirects shorteh.com	1 KB
1	yiatelychur.top yiatelychur.top	502 B
1	zryydi.com ssp.zryydi.com
1	adtelligent.com s.adtelligent.com
1	carbonads.net srv.carbonads.net	969 B
1	buysellads.com srv.buysellads.com	1 KB
1	assoc-amazon.com ws-na.assoc-amazon.com
1	facebook.com www.facebook.com
1	rtmark.net my.rtmark.net	785 B
1	ipfind.co ipfind.co	587 B
1	consensu.org quantcast.mgr.consensu.org
1	thetarhaw.com thetarhaw.com	1 KB
1	maxonclick.com www.maxonclick.com	71 B
1	googleapis.com ajax.googleapis.com	33 KB
1	seaboblit.com seaboblit.com	1 KB
1	servedby-buysellads.com m.servedby-buysellads.com	16 KB
1	carbonads.com cdn.carbonads.com	6 KB
1	duetgypsyantis.com duetgypsyantis.com	1 KB
1	aolcdn.com s.aolcdn.com	10 KB
1	stawhoph.com stawhoph.com
1	coinpayu.com coinpayu.com	149 KB
1	thisiswaldo.com cdn.thisiswaldo.com	85 KB
1	choogeet.net choogeet.net	38 KB
1	waxtamnit.com waxtamnit.com	1016 B
1	glitch.me daffodil-ruddy-run.glitch.me	24 KB
0	adsrvr.org Failed match.adsrvr.org Failed
0	webglstats.com Failed cdn.webglstats.com Failed
227	71

	Domain	Requested by
12	mc.yandex.ru	2 redirects daffodil-ruddy-run.glitch.me mc.yandex.ru
11	resumersvo.fun	d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net
10	kumteerg.com	daffodil-ruddy-run.glitch.me kumteerg.com
9	served-by.pixfuture.com	daffodil-ruddy-run.glitch.me served-by.pixfuture.com
8	s-img.mgid.com	daffodil-ruddy-run.glitch.me
6	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com daffodil-ruddy-run.glitch.me
6	api.shorte.st	cdn.shorte.st
6	securepubads.g.doubleclick.net	1 redirects daffodil-ruddy-run.glitch.me securepubads.g.doubleclick.net www.googletagservices.com
5	p405661.mycdn.co	p405661.clksite.com p405661.mycdn.co daffodil-ruddy-run.glitch.me
4	trends.revcontent.com	assets.revcontent.com daffodil-ruddy-run.glitch.me
4	p93920.mycdn.co	p93920.clksite.com p405661.mycdn.co daffodil-ruddy-run.glitch.me
4	adsco.re	c.adsco.re
4	6.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
4	c.adsco.re	c1.popads.net c.adsco.re www.displayvertising.com
4	infopicked.com	daffodil-ruddy-run.glitch.me p405661.mycdn.co
4	pagead2.googlesyndication.com	daffodil-ruddy-run.glitch.me pagead2.googlesyndication.com
3	gum.criteo.com	2 redirects assets.revcontent.com
3	www.google.com	cdn.shorte.st www.gstatic.com
3	www.google-analytics.com	daffodil-ruddy-run.glitch.me www.google-analytics.com
3	s-img.adskeeper.com	daffodil-ruddy-run.glitch.me
3	config.seedtag.com	daffodil-ruddy-run.glitch.me config.seedtag.com
3	cdn.shorte.st	1 redirects daffodil-ruddy-run.glitch.me cdn.shorte.st
3	ad.a-ads.com	daffodil-ruddy-run.glitch.me
3	bdv.bidvertiser.com	daffodil-ruddy-run.glitch.me bdv.bidvertiser.com
3	www.bcloudhost.com	daffodil-ruddy-run.glitch.me
3	choupsee.com	daffodil-ruddy-run.glitch.me choupsee.com
3	onegalact.com	daffodil-ruddy-run.glitch.me
2	api.rlcdn.com	ads.pubmatic.com
2	ad.doubleclick.net	1 redirects daffodil-ruddy-run.glitch.me
2	www.tradeadexchange.com	cdn.shorte.st www.tradeadexchange.com
2	mug.criteo.com	daffodil-ruddy-run.glitch.me
2	www.googletagservices.com	daffodil-ruddy-run.glitch.me
2	cm.adskeeper.com	jsc.adskeeper.com
2	ads.pubmatic.com	daffodil-ruddy-run.glitch.me
2	cdn4.buysellads.net	daffodil-ruddy-run.glitch.me
2	log.outbrainimg.com	widgets.outbrain.com
2	fonts.gstatic.com	daffodil-ruddy-run.glitch.me
2	jsc.adskeeper.co.uk	1 redirects daffodil-ruddy-run.glitch.me
2	rcm-na.amazon-adsystem.com	2 redirects
2	freychang.fun	d2sbzwmcg5amr3.cloudfront.net djv99sxoqpv11.cloudfront.net
2	4.adsco.re	daffodil-ruddy-run.glitch.me c.adsco.re
2	accounts.google.com	daffodil-ruddy-run.glitch.me
2	s.pubmine.com	daffodil-ruddy-run.glitch.me
2	widgets.outbrain.com	daffodil-ruddy-run.glitch.me widgets.outbrain.com
2	cdnjs.cloudflare.com	daffodil-ruddy-run.glitch.me
2	mellowads.com	daffodil-ruddy-run.glitch.me mellowads.com
1	cms.analytics.yahoo.com
1	tag.idsync.analytics.yahoo.com	s.aolcdn.com
1	s.seedtag.com	config.seedtag.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	c.adskeeper.com	daffodil-ruddy-run.glitch.me
1	www.gstatic.com	www.google.com
1	p0.mycdn.co	clksite.com
1	www.gearbest.com	cdn.shorte.st
1	shorteh.com	1 redirects
1	ads.shorte.st	1 redirects
1	cdn.adskeeper.co.uk	daffodil-ruddy-run.glitch.me
1	servicer.mgid.com	jsc.mgid.com
1	cdn.mgid.com	daffodil-ruddy-run.glitch.me
1	displayvertising.com	www.displayvertising.com
1	serve.popads.net	c1.popads.net
1	yiatelychur.top	daffodil-ruddy-run.glitch.me
1	servicer.adskeeper.com	jsc.adskeeper.com
1	ssp.zryydi.com	cdn.shorte.st
1	s.adtelligent.com	cdn.thisiswaldo.com
1	jsc.mgid.com	daffodil-ruddy-run.glitch.me
1	m1ebhpl12oqp.s.adsco.re	c.adsco.re
1	m1ebhpl12oqp.n.adsco.re	c.adsco.re
1	m1ebhpl12oqp.l.adsco.re	c.adsco.re
1	widget-pixels.outbrain.com	daffodil-ruddy-run.glitch.me
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	srv.carbonads.net	cdn.carbonads.com
1	beta.infopicked.com	daffodil-ruddy-run.glitch.me
1	clksite.com	1 redirects
1	srv.buysellads.com	m.servedby-buysellads.com
1	ws-na.assoc-amazon.com	daffodil-ruddy-run.glitch.me
1	vdkveszksxtv.s.adsco.re	c.adsco.re
1	vdkveszksxtv.n.adsco.re	c.adsco.re
1	vdkveszksxtv.l.adsco.re	c.adsco.re
1	c0.pubmine.com	daffodil-ruddy-run.glitch.me
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.facebook.com	daffodil-ruddy-run.glitch.me
1	my.rtmark.net	daffodil-ruddy-run.glitch.me
1	syndication.exosrv.com	a.exosrv.com
1	www.displayvertising.com	daffodil-ruddy-run.glitch.me
1	c1.popads.net	daffodil-ruddy-run.glitch.me
1	ipfind.co	cdn.thisiswaldo.com
1	quantcast.mgr.consensu.org	cdn.thisiswaldo.com
1	assets.revcontent.com	daffodil-ruddy-run.glitch.me
1	thetarhaw.com	daffodil-ruddy-run.glitch.me
1	www.maxonclick.com	daffodil-ruddy-run.glitch.me
1	jsc.adskeeper.com	daffodil-ruddy-run.glitch.me
1	ajax.googleapis.com	daffodil-ruddy-run.glitch.me
1	p93920.clksite.com	1 redirects
1	seaboblit.com	daffodil-ruddy-run.glitch.me
1	m.servedby-buysellads.com	daffodil-ruddy-run.glitch.me
1	cdn.carbonads.com	daffodil-ruddy-run.glitch.me
1	duetgypsyantis.com	daffodil-ruddy-run.glitch.me
1	p405661.clksite.com	1 redirects
1	s.aolcdn.com	daffodil-ruddy-run.glitch.me
1	stawhoph.com	daffodil-ruddy-run.glitch.me
1	coinpayu.com	daffodil-ruddy-run.glitch.me
1	djv99sxoqpv11.cloudfront.net	daffodil-ruddy-run.glitch.me
1	d2sbzwmcg5amr3.cloudfront.net	daffodil-ruddy-run.glitch.me
1	a.exosrv.com	daffodil-ruddy-run.glitch.me
1	cdn.thisiswaldo.com	daffodil-ruddy-run.glitch.me
1	choogeet.net	daffodil-ruddy-run.glitch.me
1	waxtamnit.com	daffodil-ruddy-run.glitch.me
1	popmyads.com	daffodil-ruddy-run.glitch.me
1	cdn.popmyads.com	1 redirects
1	daffodil-ruddy-run.glitch.me
0	match.adsrvr.org Failed	ads.pubmatic.com
0	cdn.webglstats.com Failed	daffodil-ruddy-run.glitch.me
227	113

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.coinpayu.com
srv.carbonads.net
carbonads.net
srv.buysellads.com
widgets.adskeeper.com
www.adskeeper.com
widgets.mgid.com
brainberries.co
shorte.st
www.intango.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
kumteerg.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
choupsee.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
choogeet.net R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.ackcdn.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-07` - `2021-08-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.infopicked.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-14` - `2021-11-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
maxonclick.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-02-17`	9 months	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
assets.revcontent.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-16` - `2021-02-14`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
1503693843.rsc.cdn77.org Let's Encrypt Authority X3	`2020-11-14` - `2021-02-12`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
resumersvo.fun Amazon	`2020-10-22` - `2021-11-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2020-09-15` - `2021-09-26`	a year	crt.sh
c0.pubmine.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-10` - `2021-04-09`	2 years	crt.sh
*.l.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-14`	2 years	crt.sh
*.n.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-29`	2 years	crt.sh
*.s.adsco.re Sectigo RSA Domain Validation Secure Server CA	`2020-07-14` - `2022-07-29`	2 years	crt.sh
ws-na.assoc-amazon.com Amazon	`2020-04-10` - `2021-03-16`	a year	crt.sh
*.carbonads.net Sectigo RSA Domain Validation Secure Server CA	`2019-09-19` - `2021-10-12`	2 years	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
s.adtelligent.com R3	`2021-01-08` - `2021-04-08`	3 months	crt.sh
*.shorte.st Sectigo RSA Domain Validation Secure Server CA	`2019-10-18` - `2020-12-16`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gearbest.com DigiCert SHA2 Secure Server CA	`2020-04-13` - `2021-07-13`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
tradeadexchange.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-16` - `2022-07-01`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-31` - `2022-04-14`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.mycdn.co Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-10-22`	a year	crt.sh
*.idsync.analytics.yahoo.com DigiCert SHA2 Secure Server CA	`2019-04-17` - `2021-04-21`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh

This page contains 31 frames:

Primary Page: http://daffodil-ruddy-run.glitch.me/
Frame ID: 53144048E35FF0D44120098FA919B154
Requests: 166 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90
Frame ID: 7469B73B27250B62D709AC60ACC92980
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/ZVY1WXcENFY0SARrV38CFzoIfEUjcwcfE1clVyMACDVSbBYIJAZ3FAk5QD0RFzlbLVkLM0F8RSMAYRwtMhtiMgEuAl0BIQ8xQxQQHQRTNyUPFwRoBikVYzw1Hy4CECAsYWUbAAABXTIzIwd7MzoSMUU6MjACfhEDCxBCDAMuEnAUIxw9WhcmHQ9UMBQcAwQLQzwVfxs1DDICEyIsNH4jAFIFZBgYLGV3HDQtE0cWIhYXfBoYVhBzKjwGZVIbIy1jBz8bEh95IE9RBGQAUlcQeTc6Jh0HNUc/OlIROCYbAx8xEW5+IxM2An1sRSoDfxQRCw9AHzERblFrWj8jYhEQPw9NMToDOGxqJjc9UhAOIwN2IBQTH10LFSY4ezU1DjIQazEGHngdIDIHQQkcMBN8HjkONV4hUlcUUTMHPBdcNR0/F3AWPDYDDAEcJyZRHi02F2FtBypnZxQRAhRAGBwBblQePiQBbWAYPBd3FBELD1kMNl0iex1PMAFCKQ0/B28REVYUQgsxNHBfKhgLJgguJDcmbxEcFRlmDCU/Elo
Frame ID: 6F0E432D1078C0A81FE0BBBBE9A077E6
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/c3N0R1USERcqahJOFmEgAR9JYmc1VkYBMUEAFj0iHhATcjQeAUdpNh8cASMzARwaM3sdFgBiZzUYOg8fQycyNw07IRs2DyYyFgIdNRowEiU2FUZzBjQyFy0bNiEkAwZDRiIVZVZBMiMHByE3KxxHOjIFBSEkG3UDIQQgJA0LITwFMQsSDA4BNjBBKRQ1IjUXESUVIDA2VkEyDBM+OjMTBAkmNiMGPCcHDR0LAEYKZBQWMhA5HBAfIzQVO0wABB8EHAhkEBEzLTJCIQw3BxULExUENiIYCRAyKzMAORwxNn8DP0BMAAQbAFF1ExUELgQRNB8bBRA9NjF1JjI/IWoTHxUDHRY1JwM2AjEQMAwBGxUzMBcDEjwNHSFAAHcXQyEmITgcEDMVIkc9RS8NIRRNYmc1MR8ODDknMhUDQylMFwM2ITw+Gwk2IQUQPwk+AB0hGAQhIipDIA9sQzEyPxQVJBsPDTY5TSEiKTA2PmVLJSUGMRIkHD4HQxdDIxQXNiEtOR1VHjQ6HQNJPjQQEhsMbDIWDA
Frame ID: 2E8F74A442CF2DAB6FCE5C69D664EA92
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/RTE2cUokU1UcdSQMVFc/N10LVHgDFAQ3LndCVAs9KFJRRCsoQwVfKSleQxUsN15YBWQrVEJUeAN4eTYcLnwEOygGVkYnEhBGezALcFByNxASc2A8LwFJUhIOAFlvNCEueVQbH3RpYjMeCWR8OQ0DSW8nGBB+YSA5AXVdIy4GRlU+Hz0FczAMA1dyNAcXZFpIHAZZAxAOKWBzIBsAWnIkPhB3WjADEWBaIgsTdHo0DDJjYzQIHVJjEgETYAcVDCkBfCAbA2JgIBsNd1owAwZZVSYfBFZSIBsDYnUnH3JwWiskEHQGJh8EVnM3Dwh+biMDB2RnHRgAZBs0CA9wByYfPQBkNSEHZndBOhF1ZDMvAVkHKQA9a2cyCy5/YTApIWcHIx8HAEU+CT1BfjImEHlhCQgdcnc0HRB5AxUcPQBlNyYDZ3dADxJkByQdEHBRJggTZHIiLT1zdyIbC2daPC4QYAM1DxQFEBs5Kl9GTDw/VGAhGytjXTk
Frame ID: E262372EFB211679018C7F1E1452D595
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/WFNJS2o5MSomVTluK20fKj90blgednsNDmogKzEdNTAufgs1IXplCTQ8PC8MKjwnP0Q2Nj1uWB40HHsCEzAiDh0SKhgeDDEwIQcBYWYoeCx9YQsYWQ5iACEBPB8wBVsIEXkNJwpnMA4yHjovIQEwGHoeUhURE3MzNWckDhNgYy0cHQAfMwlbPWIYLCQhI3oZBzs9Bgg/AjUKCl0XERx8OjISIw0DCmIZGB4IHw08ExErfT8nNWJ9BSIKaiwMUxkwETgGEysMJDoMJCUKOTRhLDwCADB7BgISEhAgOmpifRoDLyoCeVMZMB08XTpjCzMhamJ9GgQaOQ94RywUASYwMDF5CRIVOS59IjECIgc5PwkCCA4sNg0ZWgEbcCA7ADd7LgQoMgIhGWAZMX4BAQI9PTsQFmx5LBEADBMwHxV9Bzg7OgYIDjIFegUAEyoACiYyZz0pWhkbKHgeMwIkcgQ9CzkJCGoFfClaGisACAErFjMGXDoLLnsOHxFseSwCFg94Dgxiem0AKzwnO1cuPA0pPCAweXpcKwAj
Frame ID: 633E297EFFCB9B02BCB8D18A8FCAFF96
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/aU1WQzEILzUuDghwNGVEGyFrZgMvaGQFVQM7b3pCESInM0dYfHggXQY4MiVDBiMibV8MOXNxdyMXHhV2MCMDC3YAKhMQWSguHy8IKhtmCQA8CC4AeRMYGARJOwQcO2gsAT0FSyMlYjJkEwQPBmcFCA8CBTwOPgkGOw8XCHcHOQIWRjwfHAUIKxwxBgMtH2MZdjp5AgFWChwdK14kCWcOSyh9MQl2AzoaBGAOGA9ycBMYADcDO30yFmk6PhIFVlkvGyQBLgkQAQAgCxQUYzp1GwJgLBcPcnMvDgQSXTt9MhZ2AxseEQA4Aw9ycy8bAxZrPH0TdGAuYG8LY1gcAw1ZIBcXEngDDBR3fygaGBJ8WAsRIGQRCgMvc1kYOnNhIRkfE3Y8Cx4BZA0FAAFaHw4EAXM7fg8FdCguMwhkHRwAKGQFDjEgfS4OGAtjEAcYJ2QRCwUod1oYPRl6OH4yC2NYHBEJRjgYECtJAxgSDWM7IxAOYwUHAg4AUWs8MF4HPWsiRRgHYnZ1AgM
Frame ID: 75F70D1C83A0E29B20A4E2A4D896076E
Requests: 1 HTTP requests in this frame

Frame: http://resumersvo.fun/WUVZR204JzoqUjh4O2EYKylkYl8fYGsBCTMzYH4eISooNxtodHckATYwPSEfNistaQM8MXx1KxwfDR03Oh0MADoNJgEUBR8jCRIVGhM+ARwILg8DNRoqPAAVDAkXBgYjB2hyGRwuCHY5HgcdDV0XBhA/OxATGwZcHAcqBC5qfQwAGgAJOAEODAQPFQYLExQWO2sUOgAFYCMXFV0MFBgWCwsDLREoazEbHzwxHRYvCjsADywcHhMbEAkRPR0VPCEcFRU8AxQYFR0RBwgAKGsxGwAFABE4dygXFBgVHQgADHEva3UsFiguETh3KAwDDB5cHwQQBjsdaBAeLAwEHA9dCwIMLwUoF2gFNRsrHCYlCwM7CTsLDRMvIysUCywgAREhEj9oEwsXLxAgGi9UYRRpEioBLCoiKhgEDSYXPQsPLwUpHWkBOBsoKSE8aBQNJl0cAhsBLG0EIT8sGwdgAj81DAAmBj0RHAYefy8qKAMpeDQ/KzstbSRcCT9gdT8
Frame ID: 348E9A896B243689B650C4C546381253
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111
Frame ID: F92AA91EBF9DBBC3EA74C4985B3DF081
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/zrt_lookup.html
Frame ID: DCEBDAA73AA86489202F1D41099C657A
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: 05357FA2F394DC608F5EE5D684F36366
Requests: 1 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Frame ID: 80FC971400D4A4B62142D44F4A6F8D90
Requests: 1 HTTP requests in this frame

Frame: http://ad.a-ads.com/1120283?size=120x90
Frame ID: 4D33A86458CC826B52A169556C41757A
Requests: 1 HTTP requests in this frame

Frame: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=58086111091683&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=58086111091683&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Frame ID: F04CE106CEE7AE51F1FCF774C40EC568
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: F91DC7A9D074CBEAD85A3DB78C1A46BC
Requests: 1 HTTP requests in this frame

Frame: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=3542x300x250x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=3542x300x250x700x_ADSLOT1&flag=true
Frame ID: 4EF3FD65677DC500660BDA8E9C111B7D
Requests: 1 HTTP requests in this frame

Frame: http://c.adsco.re/
Frame ID: DF0D0A83C34D15C9E9B6608544CB6E4D
Requests: 1 HTTP requests in this frame

Frame: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=1210141
Frame ID: 4166672A731EA65025278E6778308506
Requests: 5 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=555831
Frame ID: F6B00D351D4221AD5B6442A342FCE277
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7221FE4910DD86044D526866B9AB6FA2
Requests: 1 HTTP requests in this frame

Frame: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Frame ID: D179B3ABA8A8DB270019B436EE62ADFC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: B0D32DF59EE097A7B8E2A1EB3BBBEB8A
Requests: 14 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1610587474200975110759
Frame ID: E30A4A12AEC2AF8486035434C8E8B249
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 367793A02AA2FD58D9A00FE68193DFDB
Requests: 11 HTTP requests in this frame

Frame: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=373393532758528152
Frame ID: F1526639C06E66623710E7269B61AF0F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2RhZmZvZGlsLXJ1ZGR5LXJ1bi5nbGl0Y2gubWU6ODA.&hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&size=invisible&cb=drjggqjlqkgm
Frame ID: 947A282185AF3C67A5D9EF8A97D62726
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&cb=djacpukplca
Frame ID: F3F3EEDEABF56E0154E7DC351CB9BE84
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: F38387A335CE68C03398E0055670FDFF
Requests: 1 HTTP requests in this frame

Frame: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: B5A128F5BBE3C1726D14A399318ADE3F
Requests: 2 HTTP requests in this frame

Frame: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 906E9EADAB3875B1670DD229AAC353C7
Requests: 2 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: 807339644AF016B611FCE2E4050C9F05
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

227
Requests

60 %
HTTPS

36 %
IPv6

71
Domains

113
Subdomains

92
IPs

11
Countries

3913 kB
Transfer

9032 kB
Size

28
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://adsco.re/v
Title:

Search URL Search Domain Scan URL

URL: https://www.coinpayu.com/?r=tteggeufgy

Search URL Search Domain Scan URL

URL: https://srv.carbonads.net/ads/click/x/GTND42JJCTSDT53ECYBLYKQNC6YDPKJNCWYI4Z3JCYYIT23IFTBIL27KCWAIC27WCW7IVK77CWSITKQMCVYI65QKC6SD4K3MFTSDTK3EHJNCLSIZ?segment=placement:dsawrewreafera;

Search URL Search Domain Scan URL

URL: http://carbonads.net/?utm_source=dsawrewreafera&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=carbon
Title: ads via Carbon

Search URL Search Domain Scan URL

URL: http://srv.buysellads.com/ads/click/x/GTND42JJCTSDT53MCWS4YKQNC6YD6K3MCVBIKZ3JCYYITKQYCKSDL23KCWAIC27WCW7IVK77CWSITKQMCVYICKJKC6SD4K3MFTSDTK3EHJNCLSIZ?segment=placement:eefiojre9hugu9rgtrtfrg;
Title: DigitalOceanBuild, deploy and scale apps quickly using App Platform, DigitalOcean's fully managed solution.

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1056221

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7679855/i/57390646/2/pp/1/1?h=UBx2MA2pNcuWzXrJCi16vmiuaoG6aBT0kzNZf6yWebhvkaw4RUwahopdvvuISQUj&rid=423850ce-5607-11eb-8ded-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/7806761/i/57390646/2/pp/2/1?h=hueBqkMKQ3R5Hko-hlNmFTzGMjtlwtcE__TD3rs7GdFRRGXmfM6rlEUuXDh6tMsp&rid=423850ce-5607-11eb-8ded-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.adskeeper.com/ghits/5094938/i/57390646/2/pp/3/1?h=yBQ_04YkshG3CjNXsOneNyjs64VKz84yIOvzNCWu2E0U1aWLLngJmG8d9DS8r7iY&rid=423850ce-5607-11eb-8ded-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=daffodil-ruddy-run.glitch.me&utm_medium=referral&utm_campaign=widgets&utm_content=147802

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/20-surprising-facts-about-the-big-bang-theory-you-probably-didnt-know/

Search URL Search Domain Scan URL

URL: https://brainberries.co/movietv/11-movies-that-changed-our-idea-of-good-cgi-forever/

Search URL Search Domain Scan URL

URL: https://brainberries.co/people/10-plus-size-models-that-will-make-you-forget-about-your-girlfriend/

Search URL Search Domain Scan URL

URL: https://brainberries.co/interesting/the-10-best-secondary-education-systems-in-the-world/

Search URL Search Domain Scan URL

URL: https://shorte.st/?utm_source=daffodil-ruddy-run.glitch.me&utm_medium=overlay&utm_campaign=bottom
Title: Shorte.st

Search URL Search Domain Scan URL

URL: http://www.intango.com/adinfo/
Title: Page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.popmyads.com/pma.js HTTP 301
https://popmyads.com/x/pma

Request Chain 16

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom HTTP 301
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

Request Chain 24

http://p93920.clksite.com/adServe/banners?tid=93920_153711_0 HTTP 301
https://infopicked.com/adServe/banners?tid=93920_153711_0

Request Chain 39

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 65

http://cdn.shorte.st/link-converter.min.js HTTP 301
https://cdn.shorte.st/link-converter.min.js

Request Chain 84

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 301
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 302
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

Request Chain 89

http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1210422433 HTTP 301
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1210422433

Request Chain 90

http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5 HTTP 301
https://beta.infopicked.com/adServe/banners?tid=93920_153711_2&pause=5

Request Chain 144

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022434%3Aet%3A1610587474%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1311556304021%3Arqn%3A1%3Arn%3A391551722%3Ahid%3A540208388%3Ads%3A8%2C18%2C197%2C83%2C0%2C0%2C0%2C1353%2C33%2C%2C%2C%2C1669%3Afp%3A1048%3Awn%3A60535%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587474%3Au%3A16105874741039867228%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020 HTTP 302
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022434%3Aet%3A1610587474%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1311556304021%3Arqn%3A1%3Arn%3A391551722%3Ahid%3A540208388%3Ads%3A8%2C18%2C197%2C83%2C0%2C0%2C0%2C1353%2C33%2C%2C%2C%2C1669%3Afp%3A1048%3Awn%3A60535%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587474%3Au%3A16105874741039867228%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Request Chain 154

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 161

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=1&cp.enc_url=&cp.type=overlay&cp.asid=d25689c8f28ec01859555afe21d1d031edc3a7db HTTP 302
https://shorteh.com/afu.php?zoneid=1241630 HTTP 302
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=373393532758528152

Request Chain 174

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=155VpXx2V0VXRVpQLytDWTdiR2NXNWFERFJkYlBKdVJ6TWRtUFpoek93LytIb3VtQTYrOFlwYUg1RkEwT1hrZFpHUHRQWnJCRFVHQ2xmSGZkY1VEdC9LNXgycW4xekpXZTJtb2xiWWkyU2Q4b044VW10Wm4ycWFLeXZVTlp1RTdMUHBoK3h3ZjRRWWVmczF6ZDhFRTV4R3NIeVBxWFdyN2d1N1NCQTZ0Q3hnSW5NVGcrK0pJZ053MmF6UHp6ZElSbjI5ajQzTGR4bVBGNFdVdDZQelJKL01GZ1VSa2h0RlI5SHdYSVUxa2VzaWZqajZpYWRCdUpVMGJqT0IrS0ZMRWZNZmNSfA&cppv=2

Request Chain 177

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=4d-nDHxNM3JlNk85TjR3cEpjeTFaL2EzK1ZDMXZTVFo3YnlQcS9RVndsZ2hORUxZN3BoV2ZlYTByTDE2UDdQSXUyQ2l2MWNGOG5vMVBPbFBkaXNuY1kxblRIZUV2a2JIelpUS01McjlVdkZmekh6SVpJVXQ5a0lpL2ExSmpsSVhlbUNoWVBTZ3ovd0tJUGlwaGljNUN4LzRFbnN6UlpxSXpVdFhhRU5qSGd1MEpWRzlZakJvSDBWanlLNFJhS2NQOFNHRllqcjhXZlpwVVc0SmxLRFM2cG9HK2dmUzBGWUdoa01DdnIzaWZFekJYU3RSR2hUVERmbmR6b3U3OU9rRUNqNE4xfA&cppv=2

Request Chain 196

https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.291137174;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.291137174;dc_pre=CKTqwvOhmu4CFfvjuwgdSF0Jzw;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 204

http://trends.revcontent.com/event/generic HTTP 307
https://trends.revcontent.com/event/generic

Request Chain 224

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022449%3Aet%3A1610587489%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A148%3Als%3A1311556304021%3Arqn%3A2%3Arn%3A498013525%3Ahid%3A540208388%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587489%3Au%3A16105874741039867228 HTTP 302
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022449%3Aet%3A1610587489%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A148%3Als%3A1311556304021%3Arqn%3A2%3Arn%3A498013525%3Ahid%3A540208388%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587489%3Au%3A16105874741039867228

227 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
daffodil-ruddy-run.glitch.me/ 24 KB
24 KB 224ms
198ms Document
text/html 52.3.60.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 52.3.60.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-60-128.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e397f2c0de314b4ea8475b57a056c5a63ac9a1640ddbb4f604c938ff927cfb44

Request headers

Host: daffodil-ruddy-run.glitch.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 24416
Connection: keep-alive
x-amz-id-2: KLeyria9PCp8k2XXfTNnEt6XZwsAqYF6lJ88e+1ii4cCn7y+2swcUJOQbBaeyboXVwPSO0Z5zNE=
x-amz-request-id: 333251AF10ACB1A6
last-modified: Tue, 12 Jan 2021 23:30:44 GMT
etag: "67c3ebd2d920e5c00162f94f767541b3"
cache-control: no-cache
x-amz-version-id: bv_3_rNxarlGuzVwAzNovGzqNgxuTtmC
accept-ranges: bytes
server: AmazonS3

GET
H2

200

pma Show response
popmyads.com/x/
Redirect Chain

https://cdn.popmyads.com/pma.js
https://popmyads.com/x/pma

83 KB
30 KB

90ms
88ms

Script
text/html

2606:4700:3035::6818:7e98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popmyads.com/x/pma
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6818:7e98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: 876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.1.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mtLqCsWnSXiil4gZFJM0sPD3YI8rW1%2FZP75Uyrw2ridqGLShL8azDnRSf6whdg9CQ6dP7dosuQadsQytKj819XDQeKHAmb5I1fyfsGBWPXMuXzm4JDduGGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 61138ed4ae2c4a73-FRA
cf-request-id: 07a01798ea00004a7392145000000001

Redirect headers

date: Thu, 14 Jan 2021 01:24:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNlsUfDwkpcDONbdeMMpuDdGQ7AVAB3PQdc8ilho0ncFrqiVTJduv%2F0K8MQUm%2B7aVNIg%2FZwz8gRv1Vr0D%2BIwcImprPZFQ4mOW5C8eDxVEiSPZ2YFhLHVvgfLMp7v"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
location: https://popmyads.com/x/pma
cache-control: max-age=14400
cf-ray: 61138ed49e154a73-FRA
cf-request-id: 07a01798dc00004a735d37b000000001

GET
H/1.1 200
OK pop.js Show response
mellowads.com/ 423 B
1 KB 255ms
247ms Script
application/javascript 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62d9a62b05324342e28694241cec8d0100d3467e11969aa769b3f2217a327490

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
CF-RAY: 61138ed47c754a55-FRA
Content-Length: 499
cf-request-id: 07a01798cc00004a55ce0e6000000001
Expires: -1

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 113ms
82ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21431 Show response
waxtamnit.com/fGZK1mdRMO3Lzx3/ 0
1016 B 87ms
48ms Script
text/html 146.59.211.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://waxtamnit.com/fGZK1mdRMO3Lzx3/21431
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 146.59.211.253 , Norway, ASN16276 (OVH, FR),
Reverse DNS: ip253.ip-146-59-211.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK 21432 Show response
onegalact.com/pFFQARKPePsD/ 0
1 KB 117ms
86ms Script
application/javascript 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/pFFQARKPePsD/21432
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H/1.1 200
OK tag.min.js Show response
kumteerg.com/pfe/current/ 42 KB
12 KB 123ms
51ms Script
application/javascript 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK tag.min.js Show response
choupsee.com/pfe/current/ 42 KB
12 KB 117ms
44ms Script
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-a6a9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK micro.tag.min.js Show response
choogeet.net/pfe/current/ 129 KB
38 KB 121ms
51ms Script
application/javascript 139.45.195.206
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choogeet.net/pfe/current/micro.tag.min.js?z=3461354
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.195.206 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:34 GMT
Server: nginx
ETag: W/"5fd22426-20534"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 8636.js Show response
cdn.thisiswaldo.com/static/js/ 274 KB
85 KB 44ms
14ms Script
application/javascript 2600:9000:21c7:2800:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://cdn.thisiswaldo.com/static/js/8636.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2600:9000:21c7:2800:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

09a1424937d0fee49e8abed67d2f65f7db5b62ae944e187f8140f5e4751fce82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 13 Jan 2021 20:42:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 16940
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 13 Jan 2021 19:54:33 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "44725-5b8cd820e3bf6-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 697a26790d3ab8292d8546ca9be87bbd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 158CQ_zLtJxt0U2QuglWkR6oSbal25WPaUHwi8HnrzacaG6Y7gPPAg==

GET
H2 200 popunder1000.js Show response
a.exosrv.com/ 88 KB
38 KB 30ms
6ms Script
application/javascript 2606:2800:234:4cc4:5670:35d5:1e00:b394
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exosrv.com/popunder1000.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B0) /
Resource Hash: a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 23:44:03 GMT
server: ECS (fcn/40B0)
age: 6029
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 39122
expires: Thu, 14 Jan 2021 04:24:32 GMT

GET
H/1.1 200
OK / Show response
d2sbzwmcg5amr3.cloudfront.net/ 429 KB
140 KB 208ms
178ms Script
text/plain 2600:9000:21c7:e800:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2600:9000:21c7:e800:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 687b09a67acc167e375e4926760460f5c02fe7579ef8d44ef44028124782e52f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: AMS54-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 142794
Via: 1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Lwu5UXsosFCnjWhR4TWJILWKhP518XHD0LdUQWFdysckYZHMfQbcsw==

GET
H/1.1 200
OK / Show response
djv99sxoqpv11.cloudfront.net/ 199 KB
66 KB 215ms
185ms Script
text/plain 13.35.253.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.35.253.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-58.fra6.r.cloudfront.net
Software: /
Resource Hash: ea9064b2347a577b2783c872efc61b773abf8ae760e1fa5ff7d17d765afe2812

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
X-Amz-Cf-Pop: FRA6-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 66986
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
X-Amz-Cf-Id: XLJLC7JjVKN3LnOJP3LYJZkRbPb0qaxhVOTRuy3E83ZwtUf9rgZ7sw==

GET
H2 200 468X60.gif
coinpayu.com/static/advertiser_banner/ 148 KB
149 KB 55ms
23ms Image
image/gif 2606:4700:20::ac43:4b05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coinpayu.com/static/advertiser_banner/468X60.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 65030
cf-polished: status=not_needed
content-length: 151259
cf-request-id: 07a01799ce0000c295d2a5a000000001
last-modified: Wed, 13 Jan 2021 14:00:56 GMT
server: cloudflare
etag: "5ffefd18-24edb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ETCkYSSoyCHQ2dzJyZteU6TIWNBFF%2BXB0iVNMIBhjYU4Gn8cjpBtV65sL0dfDV9XjSTQ37JNssZ9TfMog6Srdv3pKyB1HU9AFq7Qh6lW12Dp2hVQVlrusgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
expires: Fri, 12 Feb 2021 07:20:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 61138ed61a7fc295-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfb9f03257d4f79e158116a6aef9e8bccce6f4d713e572854086449ab4fa95bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47579
x-xss-protection: 0
server: cafe
etag: 9014331553649035567
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jan 2021 01:24:32 GMT

GET
H/1.1 200
OK afu.php Show response
stawhoph.com/ 0
0 76ms
46ms Script
text/html 139.45.196.65
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://stawhoph.com/afu.php?zoneid=3807985
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 139.45.196.65 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H/1.1 200
OK adswrappermsni.js Show response
s.aolcdn.com/ads/ 28 KB
10 KB 12ms
6ms Script
application/javascript 2606:2800:233:af6:eab:2108:1892:6d8
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://s.aolcdn.com/ads/adswrappermsni.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 95fddf78880041d45ca14979cd85bc1bc6e1ab896fef029842a369946352c060

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Age: 23694
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-amz-request-id: C0A202DEDBD5F8CC
x-amz-id-2: Nl7vAY7ak+m2+LYSW2wzIdN0exTQyC3zCJyeoonYWBEQ1iXK19bGdxj7pVa9/nHooOsTtP0kjQE=
x-amz-expiration: expiry-date="Mon, 26 May 5881631 00:00:00 GMT", rule-id="oath-standard-lifecycle"
Last-Modified: Sat, 14 Nov 2020 18:47:44 GMT
Server: ECAcc (frc/8E9E)
Etag: "94a8deeb78dcb94b81f2523ae1c9eb8b+gzip"
Vary: Accept-Encoding
x-amz-version-id: MpewYvXMv0mhQTNMLIwn9x2UhMWBqUKN
Cache-Control: public,max-age=86400
Content-Length: 9673
Content-Type: application/javascript

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom

35 KB
13 KB

412ms
136ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: b42777b2cecb5ede1afbf724b1000756446a461ecaca872447f5fcf7c8acc755

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK 16229 Show response
duetgypsyantis.com/txrerrgoIMFbsRz8/ 0
1 KB 133ms
98ms Script
text/html 37.59.184.172
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://duetgypsyantis.com/txrerrgoIMFbsRz8/16229

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

37.59.184.172 , France, ASN16276 (OVH, FR),

Reverse DNS

ip172.ip-37-59-184.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 403
Forbidden invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 81ms
52ms Script
application/javascript 213.196.2.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.196.2.2 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: nginx/1.19.0
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK BidVertiser.dbm Show response
bdv.bidvertiser.com/ 9 KB
9 KB 349ms
303ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e8a0f23698379e82e263e8c82744eb94f88f91b8ba4a2dad979cbcfa5f0d724b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: -1
Cache-Control: no-store
Connection: close
Content-Length: 9032
Content-Type: text/javascript

GET
H2 200 dataTables.bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/ 4 KB
1 KB 29ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/dataTables.bootstrap.min.css

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1632329
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 757
cf-request-id: 07a017996c0000dfbb530d9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-10c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bdncka0STqEqIvDtpAKJnIvzIy2OBoUCRFaapzGjwCtteU%2B%2FTpGy2%2BLVQeRqdPzVcH13pduj5C1aVDdU0OWeZli9VTuPplSz6LIJURy8Tl2Lw81Izbt1Zf5T7XwbgwYbFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61138ed57c21dfbb-FRA
expires: Tue, 04 Jan 2022 01:24:32 GMT

GET
H/1.1 200
OK carbon.js Show response
cdn.carbonads.com/ 15 KB
6 KB 201ms
182ms Script
application/javascript 23.111.10.140
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Oct 2020 20:53:30 GMT
Server: NetDNA-cache/2.2
ETag: W/"3d43-5b2ad3d436e46"
Vary: Accept-Encoding
X-Cache: MISS
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 61 KB
16 KB 56ms
20ms Script
application/javascript 108.161.189.78
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: http://m.servedby-buysellads.com/monetization.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 54cc12b8e6fef0d8c4401b7b321261a0d368c2f9e9b73d3a153ed4fa879d0e3e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jan 2021 19:32:22 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: B8810F51CD96B584
ETag: W/"d36ec65321db2da360d570618c3171a7"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: og+qnEKlclyb3eg+XWHNsgBjQQyt7dHCd1ONtGYAWXi253KkxudbT+cSABelmx5NZzYaDyCyHyY=
Expires: Fri, 15 Jan 2021 01:24:32 GMT

GET
H/1.1 200
OK 21435 Show response
seaboblit.com/1clkn/ 0
1 KB 126ms
98ms Script
application/javascript 51.178.195.174
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://seaboblit.com/1clkn/21435
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.178.195.174 , France, ASN16276 (OVH, FR),
Reverse DNS: ip174.ip-51-178-195.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2

200

banners Show response
infopicked.com/adServe/
Redirect Chain

http://p93920.clksite.com/adServe/banners?tid=93920_153711_0
https://infopicked.com/adServe/banners?tid=93920_153711_0

36 KB
13 KB

520ms
249ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://infopicked.com/adServe/banners?tid=93920_153711_0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: ab3cb31553ab2d4204fdc61060e7e8bddc704553750864f71b96b6e038117059

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://infopicked.com/adServe/banners?tid=93920_153711_0
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 13 Jan 2021 07:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64831
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jan 2022 07:24:01 GMT

GET
H2 200 pastebin.com.1056221.js Show response
jsc.adskeeper.com/p/a/ 230 KB
69 KB 235ms
219ms Script
text/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1680c41c227c4a5e0d9f2eea1afcdedc8197dc107d040a68fa56c23708933a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: AQ9PASBM5N5J5ZAR
content-length: 70157
x-amz-id-2: Ld9cGAcbDv6NOWgMb0GweEVmxjb5FxEV1CCQVuEXnCezaeW6bHbdwxDpBzzAKvlXY8C2t3/wcRc=
last-modified: Mon, 11 Jan 2021 11:18:49 GMT
server: cloudflare
etag: "4b0482e97ea5ddab4f28e0a88572890f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-request-id: 07a01799f400004a9d7783c000000001
accept-ranges: bytes
cf-ray: 61138ed65f264a9d-FRA
expires: Thu, 14 Jan 2021 05:24:32 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfb9f03257d4f79e158116a6aef9e8bccce6f4d713e572854086449ab4fa95bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9014331553649035567
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47579
X-XSS-Protection: 0
Expires: Thu, 14 Jan 2021 01:24:32 GMT

GET
H2 204 display.php Show response
www.maxonclick.com/a/ 0
71 B 192ms
127ms Script
text/plain 35.190.68.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.maxonclick.com/a/display.php?r=1142855
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.68.123 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 123.68.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 01:24:32 GMT
via: 1.1 google
server: openresty
alt-svc: clear

GET stat.js
cdn.webglstats.com/ 0
0

GET
H/1.1 200
OK outbrain.js Show response
widgets.outbrain.com/ 163 KB
55 KB 66ms
46ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://widgets.outbrain.com/outbrain.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 486fae0531e61d9b964b1ba45b62a7bdf66ceb313b7460e875654cc147179556

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Edge-Cache-Tag: widget-cheetah
Cookie: CheetahStaging=true
Connection: keep-alive
X-TraceId: dc7584df798713143d62a310ea44be30
Content-Length: 55431
Last-Modified: Tue, 12 Jan 2021 12:34:26 GMT
ETag: W/"28b3b-A0aXekxPZDX/ktFxvhTwOSbrhds"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Access-Control-Allow-Credentials: false
Timing-Allow-Origin: *, *
Expires: Thu, 14 Jan 2021 05:24:32 GMT

GET
H/1.1 200
OK headerbid_sticky_refresh.js Show response
served-by.pixfuture.com/www/delivery/ 2 KB
2 KB 206ms
174ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_sticky_refresh.js?v31
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 43e106423124c8c69f1ac878e1878c72963587027aa365aa13f4a43168ac7262

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Last-Modified: Mon, 26 Oct 2020 19:24:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f972288-775"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1909

GET
H/1.1 200
OK 21952 Show response
thetarhaw.com/ttXiMZNGJ9Dd6muR/ 0
1 KB 113ms
87ms Script
text/html 51.68.161.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://thetarhaw.com/ttXiMZNGJ9Dd6muR/21952

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

51.68.161.27 , France, ASN16276 (OVH, FR),

Reverse DNS

ip27.ip-51-68-161.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 292ms
97ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Last-Modified: Wed, 13 Jan 2021 17:57:03 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fff346f-d42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3394
Expires: Sat, 16 Jan 2021 01:24:32 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 306 KB
83 KB 63ms
22ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7644e16c3f1cebc16184feaf91e2074136366faf4a7dc16e5adf523905622b0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
last-modified: Wed, 13 Jan 2021 17:16:03 GMT
server: AmazonS3
x-amz-request-id: 4J0JAM5W6K3XANDR
etag: "5a431c3db107d41b86d368b4079d5bc7"
x-hw: 1610587472.cds015.pa1.hn,1610587472.cds047.pa1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 85017
x-amz-id-2: otQsPs+YWmkQawjfnTXqbE8nZiY84woUZ5YcVO8B84etGiOH/k9fytPxKqzoBNCVuRg+qaxR8j0=

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame 7469 0
0 70ms
48ms Document
text/html 85.10.201.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

85.10.201.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85-10-201-130.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK wrez Show response
mellowads.com/js/ 81 KB
40 KB 248ms
248ms Script
text/javascript 2606:4700::6810:8916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1
Requested by: Host: mellowads.com
URL: http://mellowads.com/pop.js?ref=4E0983D3C420
Protocol: HTTP/1.1
Server: 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Thu, 14 Jan 2021 01:24:46 GMT
Server: cloudflare
X-AspNet-Version: 4.0.30319
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
CF-RAY: 61138ed748514a55-FRA
Content-Length: 40288
cf-request-id: 07a0179a9200004a554f888000000001
Expires: Fri, 14 Jan 2022 01:24:46 GMT

GET
H/1.1 404
Not Found /
onegalact.com/ 0
0 52ms
50ms Script
text/html 51.68.161.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://onegalact.com/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 51.68.161.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ip17.ip-51-68-161.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/ 0
0 411ms
396ms Script
text/html 2600:9000:214f:b400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 14 Jan 2021 01:21:32 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 332
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/html
cache-control: public, max-age=7200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 1t5RR_LtbnRRZTjZKZiTHrSf3HnftbDQ8FN-9P4tqiFPA_TGFRQ7_g==

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

55 KB
19 KB

99ms
36ms

Script
text/javascript

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

efa6863cec6f5e541453d534eafe048ee1133e22294e69ceaa79d14d860795fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "754 / 960 of 1000 / last-modified: 1610579437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18976
x-xss-protection: 0
expires: Thu, 14 Jan 2021 01:24:32 GMT

Redirect headers

Date: Thu, 14 Jan 2021 01:04:37 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1195
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Thu, 14 Jan 2021 01:34:37 GMT

GET
H/1.1 200
OK me Show response
ipfind.co/ 363 B
587 B 385ms
361ms XHR
application/json 52.52.67.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Server: 52.52.67.66 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-67-66.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a8b9ac0eb1daef27c6386f35bed7b93c4c49d8a68f733275f8a07f740d53d1d6

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 235

GET
H/1.1 200
OK pop.js Show response
c1.popads.net/ 31 KB
10 KB 66ms
30ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: http://c1.popads.net/pop.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
X-77-NZT-Ray: ProOZyh2+7w=
X-Edge-POP: frankfurtDE
Transfer-Encoding: chunked
X-Cache: HIT
Connection: keep-alive
alt-svc: quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
X-77-NZT: AcO1ry/d++rvxQEAAA==
Last-Modified: Sun, 22 Nov 2020 20:51:03 GMT
Server: CDN77-Turbo
ETag: W/"5fbacf37-7a55"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
X-Edge-IP: 195.181.175.47
X-Age: 453
Expires: Thu, 14 Jan 2021 05:16:59 GMT

GET
H2 200 cloudinary-jquery-file-upload.min.js Show response
www.displayvertising.com/ 31 KB
9 KB 104ms
32ms Script
application/x-javascript 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.displayvertising.com/cloudinary-jquery-file-upload.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 081b815a30d5cffb74fd52388e88fe7fed693852736b0de9232613f191a48458

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt: AcO1ry9ph53/jRAEAA==
date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-edge-pop: frankfurtDE
x-77-nzt-ray: 2h2MbLzD/cE=
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-edge-ip: 195.181.175.47
x-age: 266381
alt-svc: quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
expires: Sun, 17 Jan 2021 23:24:51 GMT

GET
H/1.1 200
OK conf Show response
s.pubmine.com/ 193 B
448 B 74ms
54ms Script
text/javascript 79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://s.pubmine.com/conf?rid=387005913725&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&vp=1600x1200&cb=callback__kjw6739g_1
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 78fb236ce1d8d4e6ffb2801857ba5667335fff7fd41fd0cbc568f9b33e92340e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/javascript; charset=utf-8
Content-Length: 193
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK zone Show response
kumteerg.com/ 716 B
1 KB 35ms
34ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fdb4bcc05d87dedf46deae70659d421e3ca7f6cfc12498c7d100babbf12a3066

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 2151e61a34cd09628f26ba7815e49e25
Date: Thu, 14 Jan 2021 01:24:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
kumteerg.com/pfe/current/ 188 KB
54 KB 114ms
51ms Fetch
application/javascript 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: kumteerg.com
URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK zone Show response
choupsee.com/ 716 B
1 KB 33ms
33ms Fetch
application/json 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://choupsee.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3=

Requested by

Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fdb4bcc05d87dedf46deae70659d421e3ca7f6cfc12498c7d100babbf12a3066

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f623731671fe61a41a02ec33e6e3bafd
Date: Thu, 14 Jan 2021 01:24:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
choupsee.com/pfe/current/ 188 KB
54 KB 114ms
52ms Fetch
application/javascript 139.45.196.200
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://choupsee.com/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: choupsee.com
URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK ads-priv.php Show response
syndication.exosrv.com/ 0
314 B 63ms
43ms Script
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://syndication.exosrv.com/ads-priv.php?i=0
Requested by: Host: a.exosrv.com
URL: https://a.exosrv.com/popunder1000.js
Protocol: HTTP/1.1
Server: 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 31ms
30ms Other
text/plain 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 33ms
33ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e001fb5df20450b7879dbee83afa321e
Date: Thu, 14 Jan 2021 01:24:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
785 B 131ms
33ms Fetch
application/json 139.45.195.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=ff858f024eb24c6db075b446f6ef07d3&zoneId=3808000&checkDuplicate=true&ymid=&var=

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.41 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fedb800db7cd7f77914df9ee8d9f98dcf0ec6edf3521f1e93d8cb28f2be8a654

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 204 utx Show response
resumersvo.fun/ 0
424 B 190ms
118ms XHR
text/plain 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=4XGZuxvhygB1&top=daffodil-ruddy-run.glitch.me&tid=822524
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:32 GMT
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: PNuIPT5eBZnNgSIBh1n_oFCXyzvETJXblmTq8lXiUlteg1r8O4NcMg==

GET
H/1.1 200
OK Elo
resumersvo.fun/ZVY1WXcENFY0SARrV38CFzoIfEUjcwcfE1clVyMACDVSbBYIJAZ3FAk5QD0RFzlbLVkLM0F8RSMAYRwtMhtiMgEuAl0BIQ8xQxQQHQRTNyUPFwRoBikVYzw1Hy4CECAsYWUbAAABXTIzIwd7MzoSMUU6MjACfhEDCxBCDAMuEnAUIxw9WhcmHQ... Frame 6F0E 0
0 151ms
132ms Document
text/html 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/ZVY1WXcENFY0SARrV38CFzoIfEUjcwcfE1clVyMACDVSbBYIJAZ3FAk5QD0RFzlbLVkLM0F8RSMAYRwtMhtiMgEuAl0BIQ8xQxQQHQRTNyUPFwRoBikVYzw1Hy4CECAsYWUbAAABXTIzIwd7MzoSMUU6MjACfhEDCxBCDAMuEnAUIxw9WhcmHQ9UMBQcAwQLQzwVfxs1DDICEyIsNH4jAFIFZBgYLGV3HDQtE0cWIhYXfBoYVhBzKjwGZVIbIy1jBz8bEh95IE9RBGQAUlcQeTc6Jh0HNUc/OlIROCYbAx8xEW5+IxM2An1sRSoDfxQRCw9AHzERblFrWj8jYhEQPw9NMToDOGxqJjc9UhAOIwN2IBQTH10LFSY4ezU1DjIQazEGHngdIDIHQQkcMBN8HjkONV4hUlcUUTMHPBdcNR0/F3AWPDYDDAEcJyZRHi02F2FtBypnZxQRAhRAGBwBblQePiQBbWAYPBd3FBELD1kMNl0iex1PMAFCKQ0/B28REVYUQgsxNHBfKhgLJgguJDcmbxEcFRlmDCU/Elo
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1238
Connection: keep-alive
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 12ab600b22d5c2eb1f2192b1156c2fd1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: sEE88P5cTtti9krUAy3jeqK_Nxk__cF_EFeZZmuqjNAbsY6IsegGRQ==

GET
H2 204 utx Show response
resumersvo.fun/ 0
425 B 161ms
118ms XHR
text/plain 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=uAsUBr3XpOZ4&top=daffodil-ruddy-run.glitch.me&tid=898034
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:32 GMT
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: DjTTgpmJ-XuzjVUqDE2DQcPDZQKEJEd1USlKAB8O0GeoRMibJuVvXQ==

GET
H/1.1 200
OK IWoTHxUDHRY1JwM2AjEQMAwBGxUzMBcDEjwNHSFAAHcXQyEmITgcEDMVIkc9RS8NIRRNYmc1MR8ODDknMhUDQylMFwM2ITw+Gwk2IQUQPwk+AB0hGAQhIipDIA9sQzEyPxQVJBsPDTY5TSEiKTA2PmVLJSUGMRIkHD4HQxdDIxQXNiEtOR1VHjQ6HQNJPjQQEhsMb...
resumersvo.fun/c3N0R1USERcqahJOFmEgAR9JYmc1VkYBMUEAFj0iHhATcjQeAUdpNh8cASMzARwaM3sdFgBiZzUYOg8fQycyNw07IRs2DyYyFgIdNRowEiU2FUZzBjQyFy0bNiEkAwZDRiIVZVZBMiMHByE3KxxHOjIFBSEkG3UDIQQgJA0LITwFMQsSDA4BNj... Frame 2E8F 0
0 155ms
135ms Document
text/html 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/c3N0R1USERcqahJOFmEgAR9JYmc1VkYBMUEAFj0iHhATcjQeAUdpNh8cASMzARwaM3sdFgBiZzUYOg8fQycyNw07IRs2DyYyFgIdNRowEiU2FUZzBjQyFy0bNiEkAwZDRiIVZVZBMiMHByE3KxxHOjIFBSEkG3UDIQQgJA0LITwFMQsSDA4BNjBBKRQ1IjUXESUVIDA2VkEyDBM+OjMTBAkmNiMGPCcHDR0LAEYKZBQWMhA5HBAfIzQVO0wABB8EHAhkEBEzLTJCIQw3BxULExUENiIYCRAyKzMAORwxNn8DP0BMAAQbAFF1ExUELgQRNB8bBRA9NjF1JjI/IWoTHxUDHRY1JwM2AjEQMAwBGxUzMBcDEjwNHSFAAHcXQyEmITgcEDMVIkc9RS8NIRRNYmc1MR8ODDknMhUDQylMFwM2ITw+Gwk2IQUQPwk+AB0hGAQhIipDIA9sQzEyPxQVJBsPDTY5TSEiKTA2PmVLJSUGMRIkHD4HQxdDIxQXNiEtOR1VHjQ6HQNJPjQQEhsMbDIWDA
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1225
Connection: keep-alive
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 e7150584c93f85e64aa53364c55a16c7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: Mdpy41B3-XGYnMD63_MHuaee60YniBU6MwoXZVO_-fYBBvWMCUKMmA==

GET
H/1.1 200
OK VGAhGytjXTk
resumersvo.fun/RTE2cUokU1UcdSQMVFc/N10LVHgDFAQ3LndCVAs9KFJRRCsoQwVfKSleQxUsN15YBWQrVEJUeAN4eTYcLnwEOygGVkYnEhBGezALcFByNxASc2A8LwFJUhIOAFlvNCEueVQbH3RpYjMeCWR8OQ0DSW8nGBB+YSA5AXVdIy4GRlU+Hz0FczAMA1... Frame E262 0
0 156ms
138ms Document
text/html 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/RTE2cUokU1UcdSQMVFc/N10LVHgDFAQ3LndCVAs9KFJRRCsoQwVfKSleQxUsN15YBWQrVEJUeAN4eTYcLnwEOygGVkYnEhBGezALcFByNxASc2A8LwFJUhIOAFlvNCEueVQbH3RpYjMeCWR8OQ0DSW8nGBB+YSA5AXVdIy4GRlU+Hz0FczAMA1dyNAcXZFpIHAZZAxAOKWBzIBsAWnIkPhB3WjADEWBaIgsTdHo0DDJjYzQIHVJjEgETYAcVDCkBfCAbA2JgIBsNd1owAwZZVSYfBFZSIBsDYnUnH3JwWiskEHQGJh8EVnM3Dwh+biMDB2RnHRgAZBs0CA9wByYfPQBkNSEHZndBOhF1ZDMvAVkHKQA9a2cyCy5/YTApIWcHIx8HAEU+CT1BfjImEHlhCQgdcnc0HRB5AxUcPQBlNyYDZ3dADxJkByQdEHBRJggTZHIiLT1zdyIbC2daPC4QYAM1DxQFEBs5Kl9GTDw/VGAhGytjXTk
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1199
Connection: keep-alive
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: LRdVKfP8Fta9HWfTjaKIMnPVMpe24HwnzZ0xiYKgHHexJtk9yL2Udw==

GET
H2 204 utx Show response
resumersvo.fun/ 0
425 B 144ms
119ms XHR
text/plain 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=dXv11MtR1Mn4&top=daffodil-ruddy-run.glitch.me&tid=889494
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:32 GMT
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: -wkfzkEEiEwIlTuRXNIoK8i_BGnYsv9q8heU77O3iPDBKS2SqzKCNA==

GET
H/1.1 200
OK AjUKCl0XERx8OjISIw0DCmIZGB4IHw08ExErfT8nNWJ9BSIKaiwMUxkwETgGEysMJDoMJCUKOTRhLDwCADB7BgISEhAgOmpifRoDLyoCeVMZMB08XTpjCzMhamJ9GgQaOQ94RywUASYwMDF5CRIVOS59IjECIgc5PwkCCA4sNg0ZWgEbcCA7ADd7LgQoMgIhGWAZM...
resumersvo.fun/WFNJS2o5MSomVTluK20fKj90blgednsNDmogKzEdNTAufgs1IXplCTQ8PC8MKjwnP0Q2Nj1uWB40HHsCEzAiDh0SKhgeDDEwIQcBYWYoeCx9YQsYWQ5iACEBPB8wBVsIEXkNJwpnMA4yHjovIQEwGHoeUhURE3MzNWckDhNgYy0cHQAfMwlbPW... Frame 633E 0
0 194ms
132ms Document
text/html 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/WFNJS2o5MSomVTluK20fKj90blgednsNDmogKzEdNTAufgs1IXplCTQ8PC8MKjwnP0Q2Nj1uWB40HHsCEzAiDh0SKhgeDDEwIQcBYWYoeCx9YQsYWQ5iACEBPB8wBVsIEXkNJwpnMA4yHjovIQEwGHoeUhURE3MzNWckDhNgYy0cHQAfMwlbPWIYLCQhI3oZBzs9Bgg/AjUKCl0XERx8OjISIw0DCmIZGB4IHw08ExErfT8nNWJ9BSIKaiwMUxkwETgGEysMJDoMJCUKOTRhLDwCADB7BgISEhAgOmpifRoDLyoCeVMZMB08XTpjCzMhamJ9GgQaOQ94RywUASYwMDF5CRIVOS59IjECIgc5PwkCCA4sNg0ZWgEbcCA7ADd7LgQoMgIhGWAZMX4BAQI9PTsQFmx5LBEADBMwHxV9Bzg7OgYIDjIFegUAEyoACiYyZz0pWhkbKHgeMwIkcgQ9CzkJCGoFfClaGisACAErFjMGXDoLLnsOHxFseSwCFg94Dgxiem0AKzwnO1cuPA0pPCAweXpcKwAj
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: HTTP/1.1
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1234
Connection: keep-alive
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 a2e1bd9061eb56a5600c2d2543bf4a5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: 2D8W-ptVKJ7BMQi9NhEaEViu0EQvtuVys-nAvZ-mrhIkYqnSIby7RA==

GET
H2 200 login.php
www.facebook.com/ 0
0 356ms
342ms Image
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 100ms
79ms Image
text/html 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 138ms
118ms Image
text/html 2a00:1450:4001:809::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 204 utx Show response
resumersvo.fun/ 0
424 B 127ms
119ms XHR
text/plain 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/utx?cb=1t7Z12tMHKl9&top=daffodil-ruddy-run.glitch.me&tid=737329
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:32 GMT
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: EO_ZyhyAHdoiI70zX4TYb-TafmwGg5kU-OsnkUAAOfPk41DALeRF2Q==

GET
H/1.1 200
OK aU1WQzEILzUuDghwNGVEGyFrZgMvaGQFVQM7b3pCESInM0dYfHggXQY4MiVDBiMibV8MOXNxdyMXHhV2MCMDC3YAKhMQWSguHy8IKhtmCQA8CC4AeRMYGARJOwQcO2gsAT0FSyMlYjJkEwQPBmcFCA8CBTwOPgkGOw8XCHcHOQIWRjwfHAUIKxwxBgMtH2MZdjp5A...
resumersvo.fun/ Frame 75F7 0
0 193ms
116ms Document
text/html 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/aU1WQzEILzUuDghwNGVEGyFrZgMvaGQFVQM7b3pCESInM0dYfHggXQY4MiVDBiMibV8MOXNxdyMXHhV2MCMDC3YAKhMQWSguHy8IKhtmCQA8CC4AeRMYGARJOwQcO2gsAT0FSyMlYjJkEwQPBmcFCA8CBTwOPgkGOw8XCHcHOQIWRjwfHAUIKxwxBgMtH2MZdjp5AgFWChwdK14kCWcOSyh9MQl2AzoaBGAOGA9ycBMYADcDO30yFmk6PhIFVlkvGyQBLgkQAQAgCxQUYzp1GwJgLBcPcnMvDgQSXTt9MhZ2AxseEQA4Aw9ycy8bAxZrPH0TdGAuYG8LY1gcAw1ZIBcXEngDDBR3fygaGBJ8WAsRIGQRCgMvc1kYOnNhIRkfE3Y8Cx4BZA0FAAFaHw4EAXM7fg8FdCguMwhkHRwAKGQFDjEgfS4OGAtjEAcYJ2QRCwUod1oYPRl6OH4yC2NYHBEJRjgYECtJAxgSDWM7IxAOYwUHAg4AUWs8MF4HPWsiRRgHYnZ1AgM
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1221
Connection: keep-alive
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 12ab600b22d5c2eb1f2192b1156c2fd1.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: Gj4jcw5t5rCWnTUUDsB8lGOvGiYHw1G9s15doLCitIj2by30bLo38Q==

GET
H/1.1 200
OK KzstbSRcCT9gdT8
resumersvo.fun/WUVZR204JzoqUjh4O2EYKylkYl8fYGsBCTMzYH4eISooNxtodHckATYwPSEfNistaQM8MXx1KxwfDR03Oh0MADoNJgEUBR8jCRIVGhM+ARwILg8DNRoqPAAVDAkXBgYjB2hyGRwuCHY5HgcdDV0XBhA/OxATGwZcHAcqBC5qfQwAGgAJOAEODA... Frame 348E 0
0 200ms
116ms Document
text/html 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://resumersvo.fun/WUVZR204JzoqUjh4O2EYKylkYl8fYGsBCTMzYH4eISooNxtodHckATYwPSEfNistaQM8MXx1KxwfDR03Oh0MADoNJgEUBR8jCRIVGhM+ARwILg8DNRoqPAAVDAkXBgYjB2hyGRwuCHY5HgcdDV0XBhA/OxATGwZcHAcqBC5qfQwAGgAJOAEODAQPFQYLExQWO2sUOgAFYCMXFV0MFBgWCwsDLREoazEbHzwxHRYvCjsADywcHhMbEAkRPR0VPCEcFRU8AxQYFR0RBwgAKGsxGwAFABE4dygXFBgVHQgADHEva3UsFiguETh3KAwDDB5cHwQQBjsdaBAeLAwEHA9dCwIMLwUoF2gFNRsrHCYlCwM7CTsLDRMvIysUCywgAREhEj9oEwsXLxAgGi9UYRRpEioBLCoiKhgEDSYXPQsPLwUpHWkBOBsoKSE8aBQNJl0cAhsBLG0EIT8sGwdgAj81DAAmBj0RHAYefy8qKAMpeDQ/KzstbSRcCT9gdT8
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: HTTP/1.1
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

Host: resumersvo.fun
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Content-Type: text/html
Content-Length: 1209
Connection: keep-alive
Date: Thu, 14 Jan 2021 01:24:32 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 e7150584c93f85e64aa53364c55a16c7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: sUI0D14jJDWcyJWAh6pkDTC-BGnhI_W1L66eeUCWH0GYRviDCK5gbw==

GET
H2

200

link-converter.min.js Show response
cdn.shorte.st/
Redirect Chain

http://cdn.shorte.st/link-converter.min.js
https://cdn.shorte.st/link-converter.min.js

116 KB
43 KB

42ms
25ms

Script
application/javascript

2606:4700:20::681a:46b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/link-converter.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1755
cf-request-id: 07a0179c73000016ee21018000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-1d196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DSM2oO63Z0gfN6mA5rrVWYQxXWFY9ICUKakokrg8MnzcP1FagzfXTw4WOFAMNxUgGjAxLo3mIpuVqgkbpehusyZQSFVGM9vPAf9FiKNKi33GPjsP69As5mEw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-server-id: shn05
cache-control: max-age=14400
cf-ray: 61138eda5afc16ee-FRA
expires: Thu, 14 Jan 2021 01:55:18 GMT

Redirect headers

Date: Thu, 14 Jan 2021 01:24:32 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 512
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wxmnq3UeRcAPD7IK%2B458KV%2B%2FmStmY6bD7ISmIpaoHqIYFx74R2sXm0DhjB4mulkfJ2mYVP4KopjNNQUjEwRrvQo3CDHTRfCgfDLMKAByNfyGk%2Fzv7s6LNYnA"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.shorte.st/link-converter.min.js
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 61138ed94e352c22-FRA
Content-Length: 0
cf-request-id: 07a0179bcb00002c2273bc4000000001

GET
H/1.1 200
OK 1507210
ad.a-ads.com/ Frame F92A 0
0 39ms
39ms Document
text/html 85.10.201.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

85.10.201.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85-10-201-130.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 14 Jan 2021 01:24:32 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/ 226 KB
85 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86362
x-xss-protection: 0
server: cafe
etag: 10863011108655135941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jan 2021 01:24:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/ Frame DCEB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210107/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210107/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Jan 2021 05:52:50 GMT
expires: Wed, 27 Jan 2021 05:52:50 GMT
content-type: text/html; charset=UTF-8
etag: 10807049716293534881
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4578
x-xss-protection: 0
age: 70302
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
c.adsco.re/ 37 KB
12 KB 30ms
14ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa168aea8792f95139e4ad98344b89fd16f6a0f2444aac33a33121db774281e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:32 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 11035
etag: W/"dOXpo7olgm4LQxe6HLwxaw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=2678400
cf-ray: 61138ed97f0005d8-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cf-request-id: 07a0179be7000005d83919f000000001
expires: Sun, 14 Feb 2021 01:24:32 GMT

GET
H2 200 ata.js Show response
c0.pubmine.com/2.19.01600444727688/ 194 KB
52 KB 93ms
35ms Script
application/javascript 192.0.77.38
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.pubmine.com/2.19.01600444727688/ata.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

115ed11fb9457bb897579d4be870323771379eda1d31ffa4337da93659bcc73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 16:00:58 GMT
server: nginx
x-amz-cf-pop: AMS50-C1
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 96ms
56ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 01:24:33 GMT

GET
H2 200 /
6.adsco.re/ 0
417 B 31ms
14ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 61138eda5d7b05e4-FRA
access-control-allow-headers: Content-Type
cf-request-id: 07a0179c75000005e4b4bcd000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
475 B 103ms
25ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
freychang.fun/ 32 B
820 B 122ms
103ms Fetch
text/plain 2606:4700:e0::ac40:6b0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=147a0aaca3138b2cc643e0cc07c7b4ec
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6b0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f335805621f16d856fa49bc38f7d908f96d828509247b22f95a11c73895fab3a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iFvEeW3zxrSIMPvcFKITsfBOICR3tJH3XPx%2Fkt5ccjc01pf2SRreOPddPJl7DjnhV%2FtEVHNIOC6%2B0DgHjnhG3F0wxbiaaNcTKc%2BkgCtpMQ%2FG%2FkjuqFCHxeqq"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 61138eda89801f25-FRA
access-control-allow-headers: X-Requested-With, content-type
cf-request-id: 07a0179c9000001f25bd073000000001

GET
H2 200 / Show response
freychang.fun/ 32 B
403 B 115ms
108ms Fetch
text/plain 2606:4700:e0::ac40:6b0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/?f=147a0aaca3138b2cc643e0cc07c7b4ec
Requested by: Host: djv99sxoqpv11.cloudfront.net
URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6b0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f335805621f16d856fa49bc38f7d908f96d828509247b22f95a11c73895fab3a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mlGjad6%2FwH54VFCuiKgZFLfQg%2Fub7zLUGQIlNl0ikwek5h6AE3ZhxJS5Kq5UNDOAJMrVkZ%2BjfYu7HfceMKwsCk5pdpj4CyK%2BN8Cv4IVkAZUuHVuLAIF%2BrtCs"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 61138eda89821f25-FRA
access-control-allow-headers: X-Requested-With, content-type
cf-request-id: 07a0179c9000001f2511b33000000001

POST
H/1.1 200
OK p Show response
adsco.re/ 0
429 B 363ms
31ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET /
4.adsco.re/ 0
0

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
601 B 19ms
11ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Server: cloudflare
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61138eda8de02b65-FRA
Access-Control-Allow-Headers: Content-Type
cf-request-id: 07a0179c9500002b65901e1000000001

POST
H/1.1 200
OK /
vdkveszksxtv.l.adsco.re/ 0
464 B 3120ms
25ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://vdkveszksxtv.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
vdkveszksxtv.n.adsco.re/ 0
464 B 371ms
93ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://vdkveszksxtv.n.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
vdkveszksxtv.s.adsco.re/ 0
464 B 1835ms
196ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://vdkveszksxtv.s.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK /
c.adsco.re/ Frame 0535 0
0 18ms
11ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Sun, 14 Feb 2021 01:24:33 GMT
ETag: W/"dOXpo7olgm4LQxe6HLwxaw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 11033
cf-request-id: 07a0179c990000c2d6ce23f000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 61138eda8904c2d6-FRA

GET
H/1.1 200
OK / Show response
c.adsco.re/ 37 KB
14 KB 16ms
15ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/cloudinary-jquery-file-upload.min.js
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa168aea8792f95139e4ad98344b89fd16f6a0f2444aac33a33121db774281e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Server: cloudflare
Age: 11033
ETag: W/"dOXpo7olgm4LQxe6HLwxaw=="
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61138edb59b4c2d6-FRA
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cf-request-id: 07a0179d180000c2d6a800e000000001
Expires: Sun, 14 Feb 2021 01:24:33 GMT

GET
H/1.1

200
OK

cm
ws-na.assoc-amazon.com/widgets/ Frame 80FC
Redirect Chain

http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

0
0

444ms
107ms

Document
text/html

52.46.135.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: ws-na.assoc-amazon.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thu, 14 Jan 2021 01:24:41 GMT
Server: Server
Cache-Control: must-revalidate
Pragma: no-cache
Expires: -1
p3p: policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC "
charset: UTF-8
Access-Control-Allow-Origin: *
Vary: User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Redirect headers

Server: Server
Date: Thu, 14 Jan 2021 01:24:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 360
Connection: keep-alive
x-amz-rid: V6BX48F0QDHZEAKN6C75
Location: https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent

GET
H/1.1 200
OK 1120283
ad.a-ads.com/ Frame 4D33 0
0 39ms
39ms Document
text/html 85.10.201.130
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1120283?size=120x90

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

85.10.201.130 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.85-10-201-130.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger
X-Original-Referer: http://daffodil-ruddy-run.glitch.me/
Content-Encoding: gzip

GET
H/1.1 200
OK bidvertiser.dbm Show response
bdv.bidvertiser.com/ 0
333 B 1586ms
316ms Script
text/javascript 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=8479902125996&DIF=2
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Len: 0
Date: Thursday, 14-Jan-2021 01:24:34 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 15-Jan-2020 01:24:34 GMT
CONNECTION: Close
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK Cookie set BidVertiser.dbm
bdv.bidvertiser.com/ Frame F04C 0
0 356ms
342ms Document
text/html 54.241.51.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=58086111091683&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=58086111091683&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most
Requested by: Host: bdv.bidvertiser.com
URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387
Protocol: HTTP/1.1
Server: 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-51-109.us-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bdv.bidvertiser.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thursday, 14-Jan-2021 01:24:33 GMT
Cache-Control: no-store
Last-Modified: Wednesday, 15-Jan-2020 01:24:33 GMT
Set-Cookie: bdv_c1p=235; domain=.bidvertiser.com; path=/; expires=Fri, 15-Jan-2021 01:24:33 GMT bdv_c1p=1_1_1; domain=.bidvertiser.com; path=/; expires=Fri, 15-Jan-2021 01:24:33 GMT
P3P: policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC"
Content-Type: text/html; charset=utf-8
Content-Len: 5917
CONNECTION: Close

GET
H/1.1 200
OK CKYD553E.json Show response
srv.buysellads.com/ads/ 2 KB
1 KB 3351ms
40ms XHR
application/json 134.209.16.110
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://srv.buysellads.com/ads/CKYD553E.json?segment=placement:eefiojre9hugu9rgtrtfrg
Requested by: Host: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Server: 134.209.16.110 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: //srv.buysellads.com /
Resource Hash: 12f042f5e71752c4d8a2fb941d508cc98cc677a1b534268d1dc8904662d6c625

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: close
Content-Length: 1219

GET
H2

200

adskeeper.uk.16162.js Show response
jsc.adskeeper.co.uk/a/d/
Redirect Chain

http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1210422433
https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1210422433

230 KB
65 KB

35ms
34ms

Script
text/javascript

104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1210422433
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abac8fba3d8995147b192769344dd1e08d855712b53b0bb13d86e432b4fbd09a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 4567
cf-polished: origSize=235768
last-modified: Wed, 13 Jan 2021 08:50:12 GMT
x-amz-request-id: B2DD336D789A19CA
x-amz-id-2: 6+Kc641UK6WzT46WaHB1HGPogGmH2RKVvy6uZp3dqMmYGIQZKZBFWWI/FxXDsC5zxUrSamX2io0=
cf-bgj: minify
server: cloudflare
etag: W/"52f203a9c7debb2d48e4b503d4b6a6b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-request-id: 07a017aa44000008100689c000000001
cf-ray: 61138ef068220810-CDG
expires: Thu, 14 Jan 2021 05:24:36 GMT

Redirect headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=1210422433
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61138ef03886cddb-CDG
cf-request-id: 07a017aa230000cddbb235f000000001
Expires: Thu, 14 Jan 2021 02:24:36 GMT

GET
H2

200

banners Show response
beta.infopicked.com/adServe/
Redirect Chain

http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
https://beta.infopicked.com/adServe/banners?tid=93920_153711_2&pause=5

35 KB
13 KB

140ms
139ms

Script
text/javascript

173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.infopicked.com/adServe/banners?tid=93920_153711_2&pause=5
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: f54a0e552eb39eb5ff2513642d6e58c466973e0ee169d3578d795254badc8eb7

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://beta.infopicked.com/adServe/banners?tid=93920_153711_2&pause=5
Date: Thu, 14 Jan 2021 01:24:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 fuckadblock.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/ 5 KB
2 KB 12ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1632422
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1309
cf-request-id: 07a0179d4000004a862b051000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e6b-1285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fvFsEsJdk4bhkazmp8w27btribwPwty9jAsp9BNTxpW1ApIDEJp5FSqjqdXOckVtKR%2FDcyPH8MN885bjgrPf%2FAwZE5EGF9TnQUxLkdOLI%2FEhrip%2BEtT40df4IY6aTgKbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61138edb99a84a86-FRA
expires: Tue, 04 Jan 2022 01:24:33 GMT

GET
H/1.1 200
OK loader.js Show response
config.seedtag.com/ 39 KB
12 KB 47ms
28ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/loader.js?v=0.9323120932158349
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.18.133.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2ae0ffd64beed8d3ab44742b618498850fa6d3b546ef2c6776e94112d14ecd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3286
Connection: keep-alive
Content-Length: 11835
cf-request-id: 07a0179d5800000828dd9e5000000001
Last-Modified: Wed, 13 Jan 2021 12:28:48 GMT
Server: cloudflare
ETag: "8f196b0049c6a26df0004f7c692e112c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=1200
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 61138edbbfcf0828-CDG
Expires: Thu, 14 Jan 2021 01:44:33 GMT

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p405661.mycdn.co/banners/script/ 176 KB
53 KB 1294ms
20ms Script
application/javascript 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p405661.clksite.com
URL: http://p405661.clksite.com/adServe/banners?tid=405661_796127_3&type=floating_banner&size=6&side=right&position=bottom
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:34 GMT

GET
H/1.1 200
OK /
6.adsco.re/ 0
601 B 11ms
10ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Server: cloudflare
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61138edbaef32b65-FRA
Access-Control-Allow-Headers: Content-Type
cf-request-id: 07a0179d4c00002b658d383000000001

GET
H/1.1 200
OK /
4.adsco.re/ 0
475 B 7185ms
31ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://4.adsco.re/
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:42 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK CKYICKQI.json Show response
srv.carbonads.net/ads/ 1 KB
969 B 351ms
38ms Script
application/javascript 178.128.255.177
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.carbonads.net/ads/CKYICKQI.json?segment=placement:dsawrewreafera&callback=_carbonads_go
Requested by: Host: cdn.carbonads.com
URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.128.255.177 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: //srv.buysellads.com /
Resource Hash: b248729917ba3fb7d593928408b72bc64ce3e9ccf277508fe8e3bc9768da534b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 730
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ui_tag_80.2-1.js Show response
p93920.mycdn.co/banners/script/ 176 KB
53 KB 1452ms
20ms Script
application/javascript 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by: Host: p93920.clksite.com
URL: http://p93920.clksite.com/adServe/banners?tid=93920_153711_0
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-2c04a"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:34 GMT

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame F91D 0
0 108ms
41ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1610455726.220918"
last-modified: Tue, 12 Jan 2021 12:33:48 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Thu, 14 Jan 2021 01:24:33 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1610587473~rv=14~id=c8ce9c5ac429c4a9e548efc9f8cc0191; path=/; Expires=Thu, 14 Jan 2021 01:24:33 GMT; Secure; SameSite=None

GET
H/1.1 200
OK ZGFmZm9kaWwtcnVkZHktcnVuLmdsaXRjaC5tZQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 3515ms
405ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/ZGFmZm9kaWwtcnVkZHktcnVuLmdsaXRjaC5tZQ==
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43173
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: d06074585bbf55159bb561097ddebc30
Content-Length: 16
Expires: Thu, 14 Jan 2021 13:24:09 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
468 B 34ms
32ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=0.7987288073217222
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 13 Feb 2021 01:24:33 GMT

GET
H/1.1 200
OK headerbid.js Show response
served-by.pixfuture.com/www/delivery/ 3 KB
4 KB 97ms
97ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_sticky_refresh.js?v31
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Last-Modified: Wed, 13 Jan 2021 17:57:03 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5fff346f-d42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3394

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame 4EF3 10 KB
11 KB 107ms
106ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=3542x300x250x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=3542x300x250x700x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b100d412b48a91727786c41fb764484b2945bd2f3dde35910baef1172ffbb969

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:33 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 403
Forbidden invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 49ms
49ms Script
application/javascript 213.196.2.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.196.2.2 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jan 2021 01:24:33 GMT
Server: nginx/1.19.0
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK pixel
s.pubmine.com/ 43 B
276 B 37ms
36ms Image
image/gif 79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://s.pubmine.com/pixel?id=15&type=img
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
BLOB 200
OK e67dd97f-b95e-4a4f-b8a6-5f05239aa166
http://daffodil-ruddy-run.glitch.me/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://daffodil-ruddy-run.glitch.me/e67dd97f-b95e-4a4f-b8a6-5f05239aa166
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 1567
Content-Type: text/javascript

GET
H/1.1 200
OK defaultSkin.min.js Show response
kumteerg.com/pfe/current/ 56 KB
19 KB 34ms
34ms Fetch
application/javascript 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/pfe/current/defaultSkin.min.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H/1.1 200
OK p Show response
adsco.re/ 0
429 B 76ms
25ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET /
4.adsco.re/ 0
0

GET
H/1.1 200
OK / Show response
6.adsco.re/ 53 B
601 B 14ms
12ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
Server: cloudflare
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=10
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 61138edc7f9e2b65-FRA
Access-Control-Allow-Headers: Content-Type
cf-request-id: 07a0179dc900002b657c2c1000000001

POST
H/1.1 200
OK /
m1ebhpl12oqp.l.adsco.re/ 0
464 B 99ms
26ms Other
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://m1ebhpl12oqp.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:35 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
m1ebhpl12oqp.n.adsco.re/ 0
464 B 372ms
95ms Other
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://m1ebhpl12oqp.n.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:35 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
m1ebhpl12oqp.s.adsco.re/ 0
464 B 819ms
196ms Other
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://m1ebhpl12oqp.s.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H/1.1 200
OK /
c.adsco.re/ Frame DF0D 0
0 13ms
13ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: c.adsco.re
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
Expires: Sun, 14 Feb 2021 01:24:33 GMT
ETag: W/"dOXpo7olgm4LQxe6HLwxaw=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 11033
cf-request-id: 07a0179dcc0000c2d6752d5000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 61138edc7a96c2d6-FRA

GET
H/1.1 403
Forbidden invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 0
0 39ms
38ms Script
application/javascript 213.196.2.2
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 213.196.2.2 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Jan 2021 01:24:33 GMT
Server: nginx/1.19.0
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK st_0.c5565ee76fb8d3bea5b7.js Show response
config.seedtag.com/ 88 KB
28 KB 40ms
39ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/st_0.c5565ee76fb8d3bea5b7.js
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.9323120932158349
Protocol: HTTP/1.1
Server: 104.18.133.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac9d70fe79919316742a1c8220bd7b1a75ae964725d39ff46963443d555de2b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3285
Connection: keep-alive
Content-Length: 27739
cf-request-id: 07a0179ee700000828dd0c9000000001
Last-Modified: Wed, 13 Jan 2021 12:28:48 GMT
Server: cloudflare
ETag: "1053b20155a58edc8c3ef99746ec39f8"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 61138ede3a5a0828-CDG
Expires: Thu, 14 Jan 2021 02:24:33 GMT

GET
H/1.1 200
OK st_3.dfb027c62bd77a7efc9a.js Show response
config.seedtag.com/ 367 KB
97 KB 67ms
29ms Script
application/javascript 104.18.133.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://config.seedtag.com/st_3.dfb027c62bd77a7efc9a.js
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/loader.js?v=0.9323120932158349
Protocol: HTTP/1.1
Server: 104.18.133.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27607c921550b6f716f30ccd0ec80b0f1f866c04d9ffe06601cd6cb5457f0c55

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3286
Connection: keep-alive
Content-Length: 98671
cf-request-id: 07a0179f1f00000828ec88f000000001
Last-Modified: Wed, 13 Jan 2021 12:28:48 GMT
Server: cloudflare
ETag: "47b5735b0dc935917599304c654412f4"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 61138ede9ab80828-CDG
Expires: Thu, 14 Jan 2021 02:24:33 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 02:44:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 168015
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Wed, 12 Jan 2022 02:44:18 GMT

GET
H/1.1 200
OK brainberries.co.147802.js Show response
jsc.mgid.com/b/r/ Frame 4166 243 KB
73 KB 50ms
30ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=1210141
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc70ac48189914ec1a6e80fe259908c1f393849530fa9a71a056e2db7ae88546

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 3279
Cf-Polished: origSize=248534
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-request-id: B35852DA2D64B6F8
x-amz-id-2: xjbyao/AxvGH4sN0jVpOHEYvHSO6UvJ3fJGMavjlEcea/BBz6FAsHtoYmPCoGxrkgCv4shv21wA=
Last-Modified: Mon, 11 Jan 2021 10:07:03 GMT
Server: cloudflare
ETag: W/"0ed0b8ef390f071728b3da823ba50d3a"
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Thu, 14 Jan 2021 04:24:33 GMT
Cache-Control: public, max-age=10800
cf-request-id: 07a0179f330000cde3ed879000000001
CF-RAY: 61138edebf37cde3-CDG
Cf-Bgj: minify

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 369 KB
94 KB 146ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
last-modified: Wed, 30 Dec 2020 19:28:34 GMT
etag: "5fd23012-17727"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96039
expires: Thu, 14 Jan 2021 02:24:33 GMT

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame F6B0 0
0 77ms
25ms Document
text/html 2a0c:5c81:5161::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=555831
Requested by: Host: cdn.thisiswaldo.com
URL: http://cdn.thisiswaldo.com/static/js/8636.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5161::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://daffodil-ruddy-run.glitch.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

Server: VertaMedia 1.0
Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 655
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 530 /
ssp.zryydi.com/bid/ 0
0 1335ms
31ms Script
text/html 104.21.20.75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1610587473461
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.20.75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sh-overlay.css
cdn.shorte.st/css/ 3 KB
1 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:46b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shorte.st/css/sh-overlay.css
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1651
cf-request-id: 07a0179e34000016ee680f1000000001
x-ua-compatible: IE=Edge
last-modified: Thu, 09 Aug 2018 13:48:43 GMT
server: cloudflare
etag: W/"5b6c463b-dd7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bDax0ORtQLoTm2mNrVGkev%2Fk4jRJ4fmf3GJBFid8qc7slm%2FGGSkVDfX37RTJLLmIo6kIlMWqWBVIX7yD%2F1vqXqEMvjkmGn%2BbVnkDLGLh3qn%2FJksRnWtEG1OT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-server-id: shn13
cache-control: max-age=14400
cf-ray: 61138edd1d1f16ee-FRA
expires: Thu, 14 Jan 2021 01:57:02 GMT

GET
DATA 200
OK truncated
/ Frame 7221 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 31ms
30ms Other
text/plain 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 14 Jan 2021 01:24:33 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 35ms
35ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b6821373fc11291dff58ef789e4c5392
Date: Thu, 14 Jan 2021 01:24:33 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
871 B 40ms
40ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: ec045f7420ee62a6c3f0ddd948828afa6221a662c1aa95f022c0a9b7412bc4b8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 14 Jan 2021 01:24:33 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 1 Show response
servicer.adskeeper.com/1056221/ 2 KB
2 KB 101ms
100ms Script
application/x-javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1056221/1?w=1584&h=90&cols=3&pv=5&cbuster=1610587473499223387991&uniqId=01943&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&lu=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pageView=1&pvid=176fe7e865bb550dcc7&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7114b0b91621a452d752406ccba4e2e370ea8e4c119c53b0b72317e0adadf24

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61138ee0ba504a9d-FRA
cf-request-id: 07a017a07200004a9d32962000000001

OPTIONS
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3
api.shorte.st/start-adsession/ Frame 0
0 522ms
65ms Other
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Protocol: HTTP/1.1
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Thu, 14 Jan 2021 01:24:33 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn10
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 0dcd3da5ac03016ecbc321ca7f9149a3 Show response
api.shorte.st/start-adsession/ 73 B
843 B 228ms
111ms XHR
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: b38e091ea746c1269cd8015329815d170900ed17441f0198e834cea4faef03f4

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn13
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 1676ms
103ms XHR
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1610587473503&sessionId=5c325bde-218c-e2eb-eeea-85c42b40c061&url=daffodil-ruddy-run.glitch.me&cheqSource=1&cheqEvent=0&exitReason=1
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a607eff35f73988244b627d7b08e6545
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame D179 10 KB
11 KB 106ms
105ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 43e8bee5fa301ade18f16292edba4dd15d4bcd13bfd3906c12eb985e33a7eb5e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:34 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 1542656909-explore-themes-2.jpg
cdn4.buysellads.net/uu/1/23814/ 25 KB
25 KB 65ms
19ms Image
image/jpeg 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/23814/1542656909-explore-themes-2.jpg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 192e49a8d791354fa0e62f05a4f046dc04e39893079f1cf69d3ab3864e2fb686

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
last-modified: Mon, 19 Nov 2018 19:48:31 GMT
server: NetDNA-cache/2.2
x-amz-request-id: F6953B642A98A9AB
etag: "577ca19a88015bef792c6d5cadbc440d"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 25458
x-amz-id-2: WHt3SYL1jxtCFfGrZKJs9YS/2jaWtwJC09haCeObwzH8IUfX3hqYrdeeW+fxU66dd3a5sLw0vWw=
expires: Sun, 09 Jan 2022 01:24:33 GMT

GET
H/1.1 200
OK popunder.gif
yiatelychur.top/ 35 B
502 B 1296ms
251ms Image
image/gif 13.226.169.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yiatelychur.top/popunder.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 13.226.169.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 14 Jan 2021 01:24:35 GMT
content-encoding: gzip
X-Amz-Cf-Pop: MXP64-C3
X-Cache: Miss from cloudfront
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Connection: keep-alive
Content-Length: 58
Via: 1.1 3674d9500afcb3899db51454641e1797.cloudfront.net (CloudFront)
X-Amz-Cf-Id: O0B-20WMzcEXwkhBBtheEXhebNCwU6TkDmraThSEIrr6l_Z5PkAdwA==

GET
H/1.1 200
OK c Show response
serve.popads.net/ 0
272 B 162ms
142ms Script
application/javascript 216.21.13.17
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://serve.popads.net/c?_=BAoAX_-dUQFf_51RgAGBAsAAIJWk3p4FT2S7wQwaGvgai8gdH9JGqAHJLyiCtjJx7xw-wQBHMEUCIH6lQJXroIB7Rf7qM9eecJcn-P5sOlOmg-lZtdjVjBReAiEAp9nX6juZmLv1_MbuO5HGQ-cKCdKThmBSkxraiwd7-v3CACCKWnyFuzYWPmvkaNwuedDJ7jPedNj-WPfd8EYUCOkNPMQAECoBBPgBIRMaAAAAAAAAAALFABB00cQQJCyM-OovQYTPG1B9wwBHMEUCIDYgd8t2Sc_mflBpk5D1iwDgUhUNDLZ1t3gf28vvrA0SAiEAuavl-hwN92GQ6U9WndHUYGKVUgC3YIJR437jh6GsJpY&v=4&siteId=2351736&minBid=&popundersPerIP=0,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0
Requested by: Host: c1.popads.net
URL: http://c1.popads.net/pop.js
Protocol: HTTP/1.1
Server: 216.21.13.17 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Thu, 21 Jan 2021 01:24:34 GMT

GET
H2 400 /
trends.revcontent.com/api/demand/ 0
0 3173ms
66ms Fetch
text/html 54.154.46.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=1

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.46.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
date: Thu, 14 Jan 2021 01:24:36 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 3160ms
53ms Fetch 54.154.46.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.46.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
date: Thu, 14 Jan 2021 01:24:36 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame B0D3 37 KB
37 KB 140ms
109ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=3542x300x250x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=3542x300x250x700x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Nov 2020 17:49:07 GMT
server: cloudflare
etag: "5fbbf613-9275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A7BFg9g54%2BYEQp3gliTPzzwAlFL2D2tBmtczWQkfIRLK%2Bzaj%2FqMPfsS9pzR5bTexC%2BnMVAHPK%2BdXHj1t5bFv1u%2BmxwThRCT3L2nTj6YlvAg7O3CVpAJiMN6dara9pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61138edeaee24a74-FRA
content-length: 37493
cf-request-id: 07a0179f2c00004a74bc338000000001
expires: Sat, 16 Jan 2021 01:24:33 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
868 B 40ms
39ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 1cbc05d4aa60b50834c89c8551be12edcced547c534dbaf3eaece84983f6b3fd

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Thu, 14 Jan 2021 01:24:33 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H/1.1 200
OK jtES.htm Show response
displayvertising.com/ 0
272 B 178ms
159ms Script
application/javascript 216.59.56.9
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://displayvertising.com/jtES.htm?_=BAoAX_-dUQFf_51RgAGBAsAAIJWk3p4FT2S7wQwaGvgai8gdH9JGqAHJLyiCtjJx7xw-wQBGMEQCIG5_r4fuxWLoK4X2RJWJ2HeLDQwy7liFqgHkIqV_XNSWAiAmucIEoOICsz9DuGW0Ba7u2bepbX2WWueMLTg_VbS72cIAIIpafIW7NhY-a-Ro3C550MnuM9502P5Y993wRhQI6Q08xAAQKgEE-AEhExoAAAAAAAAAAsUAEHTRxBAkLIz46i9BhM8bUH3DAEgwRgIhAME2FgbXFwgGDGfpaleJn2liTf0bcbzL71Up6ID4f7ezAiEAnd1c7loeoHxkjfGWcAyHNajuivLwablZhWjRLNdSA2A&v=4&aYKICHjQ=2351736&minBid=&YgLBjmlT=0,0&eIcJbmyp=&SEfKiJlp=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.displayvertising.com
URL: https://www.displayvertising.com/cloudinary-jquery-file-upload.min.js
Protocol: HTTP/1.1
Server: 216.59.56.9 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
ASF: 9
Access-Control-Allow-Origin: *
Content-Type: application/javascript
PopAds-EC: ASB
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Content-Length: 0
Expires: Thu, 21 Jan 2021 01:24:34 GMT

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame B0D3 87 KB
88 KB 122ms
122ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:33 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=snFUk%2F%2B9M0PF6%2FQeW5f%2FwMywFjtailRxqJy4SaAHZ17t%2BqnEY3rKga%2BNrH%2BfKgbf%2F8peXq72LcW1BecDMVu2Cj3JXvIyLW36I7L0H5m0cb98rsWEr7vUjrISDnl%2Bmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61138edf9fc14a74-FRA
content-length: 89476
cf-request-id: 07a0179fba00004a7481a04000000001
expires: Sat, 16 Jan 2021 01:24:33 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame B0D3 275 KB
84 KB 318ms
45ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=33997
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Thu, 14 Jan 2021 10:51:12 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 1782ms
27ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 5242
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 61138ef04a7004a3-CDG
x-amz-request-id: EDD0957952C83C96
cf-request-id: 07a017aa2f000004a3a53a4000000001

GET
H2

200

1 Show response
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...
https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Af...

186 B
268 B

57ms
55ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022434%3Aet%3A1610587474%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1311556304021%3Arqn%3A1%3Arn%3A391551722%3Ahid%3A540208388%3Ads%3A8%2C18%2C197%2C83%2C0%2C0%2C0%2C1353%2C33%2C%2C%2C%2C1669%3Afp%3A1048%3Awn%3A60535%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587474%3Au%3A16105874741039867228%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 14-Jan-2021 01:24:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:34 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
last-modified: Thu, 14-Jan-2021 01:24:34 GMT
location: /watch/49239574/1?wmode=7&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022434%3Aet%3A1610587474%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A1311556304021%3Arqn%3A1%3Arn%3A391551722%3Ahid%3A540208388%3Ads%3A8%2C18%2C197%2C83%2C0%2C0%2C0%2C1353%2C33%2C%2C%2C%2C1669%3Afp%3A1048%3Awn%3A60535%3Ahl%3A4%3Agdpr%3A14%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587474%3Au%3A16105874741039867228%3At%3ATrying%20to%20reach%20the%20most%20ads%20since%202020
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:34 GMT

GET
H2 200 1 Show response
servicer.mgid.com/147802/ 3 KB
2 KB 1132ms
80ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/147802/1?w=1584&h=353&p4_w=380&p4_h=306&cols=4&pv=5&cbuster=1610587474170403559524&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&lu=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&pageView=1&pvid=176fe7e88fa9c1e655e&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=1210141
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648c8c443c52ac51c82eb84642108b855051e1a81d7c125bc1c4d2aecf1855d6

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61138eebfdda04a3-CDG
cf-request-id: 07a017a77b000004a39f059000000001

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
160 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
last-modified: Wed, 30 Dec 2020 19:28:30 GMT
etag: "5feccf70-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Jan 2021 02:24:34 GMT

GET
H2 200 i.js Show response
cm.adskeeper.com/ 19 B
176 B 108ms
106ms Script
application/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?consentData=&gdprApplies=0&cbuster=1610587474195988816893
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: b83db86c-94f5-4a59-8f26-67cb8b916341
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61138ee5980d4a9d-FRA
cf-request-id: 07a017a38000004a9d778b5000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame E30A 19 B
265 B 106ms
105ms Script
application/javascript 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1610587474200975110759
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
content-encoding: gzip
cf-cache-status: MISS
x-mg-request-uuid: 03eeebb4-85b7-4e63-9548-9d5c51d98981
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61138ee5f88e4a9d-FRA
cf-request-id: 07a017a3ba00004a9d6b923000000001
server: cloudflare

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
2 KB 1117ms
29ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
content-encoding: br
cf-cache-status: HIT
age: 6699
x-amz-request-id: 1EB046A16DDE60DC
x-amz-id-2: OlCH+H7iEX0g6JI7ozzKGXaGgNJ72zfibPzDS4HSeV3Q4tCXBqslfwdswOBxv41pa/Tn7FmFZwM=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 07a017a55d000008100b0a8000000001
cf-ray: 61138ee89d970810-CDG
expires: Thu, 14 Jan 2021 05:24:35 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjQ3MzE5L2U5MTkwYzIyNDA4ZjMzNGRjMGM1NDI0M2I3NzgxMmMxLmpwZw.webp
s-img.adskeeper.com/g/7679855/492x328/0x0x492x328/ 9 KB
9 KB 48ms
12ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7679855/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjQ3MzE5L2U5MTkwYzIyNDA4ZjMzNGRjMGM1NDI0M2I3NzgxMmMxLmpwZw.webp?v=1610587474-XieKVconptAjP-UjEaZugpdvuz_bH5XrprUEHySMXWU
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73be538e125be899656978e1759da5718cb2993b55e74bee2da30497781430f

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Dec 2020 10:53:20 GMT
x-mg-request-uuid: 75a01d31-bc9f-47bb-b035-7e55094ba433
age: 108246
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138ee1fbd34a9d-FRA
content-length: 9528
cf-request-id: 07a017a13e00004a9d62954000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzU0NzAxLzQ5MDdhNmRmMWFkYjYyOWQ5ZGU0YzRlOThkNWFiMzFhLmpwZw.webp
s-img.adskeeper.com/g/7806761/492x328/0x0x492x328/ 16 KB
17 KB 51ms
15ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/7806761/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMzU0NzAxLzQ5MDdhNmRmMWFkYjYyOWQ5ZGU0YzRlOThkNWFiMzFhLmpwZw.webp?v=1610587474-P4kK8pIHt4_8Ziqa0I9wSy4vGTMCYaTNfzhPxmKnHGU
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f057ddc3ba51772f4676ec30fc61376aa92dd14eac79fc572bb30db998fbe714

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Dec 2020 09:59:39 GMT
x-mg-request-uuid: 4e13ab12-648c-43be-9ac2-673427c67cc5
age: 906304
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138ee1fbcd4a9d-FRA
content-length: 16834
cf-request-id: 07a017a13d00004a9d5f80d000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTUvMjc1OTc3LzU2Y2JiYTQ2YWI3NTI2ZTk2YjdhMzFmNDU3ZGIwYTc4LmpwZz90PTE1MzcwMDkwNDg3OTk.webp
s-img.adskeeper.com/g/5094938/492x328/0x0x492x328/ 11 KB
11 KB 48ms
11ms Image
image/webp 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/5094938/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMTUvMjc1OTc3LzU2Y2JiYTQ2YWI3NTI2ZTk2YjdhMzFmNDU3ZGIwYTc4LmpwZz90PTE1MzcwMDkwNDg3OTk.webp?v=1610587474-F9yzQd68IwlyxJ3G8zT5d_MEyQIHwtEnrr30ctUEwNs
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c506cd2328c91e62e309efb8548c921388b7a75437a30593ebcc8c54d8489b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Jan 2021 12:51:35 GMT
x-mg-request-uuid: 4972b569-3e0c-4a21-afd4-5fc12e31e10e
age: 390511
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138ee1fbcf4a9d-FRA
content-length: 10786
cf-request-id: 07a017a13d00004a9d4c0cf000000001
server: cloudflare

OPTIONS
H/1.1 200
OK d25689c8f28ec01859555afe21d1d031edc3a7db
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ Frame 0
0 61ms
60ms Other
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/d25689c8f28ec01859555afe21d1d031edc3a7db
Protocol: HTTP/1.1
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Thu, 14 Jan 2021 01:24:34 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn03
X-UA-Compatible: IE=Edge

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6773
date: Wed, 13 Jan 2021 23:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 14 Jan 2021 01:31:41 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
669 B 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0088587e12bc6576304dd4020c59b096646f06a4b8fa42408857649fbbb4ba5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 14 Jan 2021 01:24:34 GMT

GET
H/1.1 200
OK d25689c8f28ec01859555afe21d1d031edc3a7db Show response
api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ 456 B
1 KB 91ms
90ms XHR
text/html 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/d25689c8f28ec01859555afe21d1d031edc3a7db
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: 38cdfc5fb06413c93b1aadec4c6d8c759c7dba951704d5d20430a351e5bdb4c4

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/html

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn10
Cache-Control: no-cache
Transfer-Encoding: chunked
Access-Control-Allow-Headers: Content-Type
X-UA-Compatible: IE=Edge

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11303d5a0e10a3643c56dbf226be43810821472036b7d54631065f586afbb23e

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame 3677 37 KB
37 KB 113ms
112ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: http://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=25617x728x90x700x_ADSLOT1&keywords=trying,reach,most,ads,since,2020&refUrl=&refresh=false&innerWidth=1600&mainDiv=25617x728x90x700x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Nov 2020 17:49:07 GMT
server: cloudflare
etag: "5fbbf613-9275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2fvgPkl2Er%2BltYUuVXkwb2pxFuxiCMAV5IVHobaaIz8XbIp4uUdMvAKiFFTBoEk2tRahdpyhEv6TabuVdsUC4FvQ1ALIA2shuSkCFRdPuVf0IXfqNUaqSLC4e3zzrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61138ee23ab44a74-FRA
content-length: 37493
cf-request-id: 07a017a16500004a74e98f8000000001
expires: Sat, 16 Jan 2021 01:24:34 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame B0D3 55 KB
19 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979a92d446f15b0039e800fff55f2fd1391ed23f8524b42a377e79ec2dc78e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "754 / 306 of 1000 / last-modified: 1610579508"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18983
X-XSS-Protection: 0
Expires: Thu, 14 Jan 2021 01:24:34 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame B0D3 331 KB
332 KB 110ms
110ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J2x2MLVfpWhh7g52aWffKkkn4gnItb1rf5aliXCzmTnIDVN7Hjs4Aw1TpIzDBb9paBoXfyOfsnOkRnrQasvHmjqEeRZ%2BJKUgrJSSoWCK%2BBrYX3NfX8AIdqydlEAWrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61138ee2bb1e4a74-FRA
content-length: 338715
cf-request-id: 07a017a1af00004a7493992000000001
expires: Sat, 16 Jan 2021 01:24:34 GMT

GET
H2

200

promotion-bestseller-special-1308.html
www.gearbest.com/ Frame F152
Redirect Chain

http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.pro...
https://shorteh.com/afu.php?zoneid=1241630
https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=373393532758528152

0
0

368ms
59ms

Document
text/html

23.43.126.245
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=373393532758528152
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.43.126.245 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: www.gearbest.com
:scheme: https
:path: /promotion-bestseller-special-1308.html?lkid=45687009&cid=373393532758528152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
pragma: public
last-modified: Thu, 14 Jan 2021 01:21:47 GMT
gbcdnlang: en
access-control-allow-origin: *
access-control-allow-methods: GET, POST
ng-cache: HIT
content-encoding: gzip
content-length: 47999
cache-control: public, max-age=60
expires: Thu, 14 Jan 2021 01:25:36 GMT
date: Thu, 14 Jan 2021 01:24:36 GMT
vary: Accept-Encoding User-Agent
set-cookie: AKAM_CLIENTID=b728f23c27daea0ab5050d209da46d75; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Thu, 14-Jan-2021 02:24:36 GMT; path=/; domain=gearbest.com; secure; HttpOnly

Redirect headers

Server: nginx
Date: Thu, 14 Jan 2021 01:24:35 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 0122dfe9f5e7143892d87354e9f60a99
Link: <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect" <https://www.gearbest.com>; rel="dns-prefetch preconnect",<https://propeller-tracking.com>; rel="dns-prefetch preconnect"
Referrer-Policy: no-referrer
Location: https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=373393532758528152
Set-Cookie: OAID=3bd9d838109f4e59aab6fa31eb73df96; expires=Fri, 14 Jan 2022 01:24:35 GMT; secure; SameSite=None oaidts=1610587475; expires=Fri, 14 Jan 2022 01:24:35 GMT; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame 3677 87 KB
88 KB 109ms
108ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:34 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n9ycdqjKf%2BOfuLrfPd8ubhSTHtjtHFZlRqWg7bVV9Rw7Lh8Fcpp6%2B3IWi86fytaIXV6mf3B9vsUR1VeD8NbCFsZJxl%2FtXdAzsklQ3jD3krfxkLocNUxcatDwxbFbvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61138ee31b974a74-FRA
content-length: 89476
cf-request-id: 07a017a1f300004a74c4257000000001
expires: Sat, 16 Jan 2021 01:24:34 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 3677 275 KB
84 KB 152ms
33ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=33997
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Thu, 14 Jan 2021 10:51:12 GMT

GET
H/1.1 200
OK bounce-tag_80.2-1.js Show response
p0.mycdn.co/banners/bounce/ 48 KB
18 KB 1069ms
19ms Script
application/javascript 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p0.mycdn.co/banners/bounce/bounce-tag_80.2-1.js
Requested by: Host: clksite.com
URL: http://clksite.com/adServe/banners?tid=93920_153711_2&pause=5
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:16 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b4fc-be2b"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:36 GMT

GET
H/1.1 200
OK it-ui-comp-17.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 37ms
19ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-17.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5df7"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:34 GMT

GET
H/1.1 200
OK it-ui-comp-6.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ 23 KB
5 KB 19ms
19ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-5da0"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:34 GMT

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 857 B
1 KB 1797ms
251ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=93920_153711_0&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp93920.mycdn.co&bs=17&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DBANNER%26evp%3Du6geJV4sLGuSRnWLnEbbV_bWwvziNp_1nDHhmKrMWGNTTeaDr-VZbcLgPjVIZsSl%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26tip%3DTrying%2520to%2520reach%2520the%2520most%2520ads%2520since%25202020&pid=93920&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xMg%3D%3D&olive=1&callback=ITCcimbfza55d
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 651fa8ed2ff40027aaaac33cf8daa9f8d4753ece1281b7e8ea8a7a0a54fd6cb2

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3677 55 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "754 / 428 of 1000 / last-modified: 1610579437"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 18975
X-XSS-Protection: 0
Expires: Thu, 14 Jan 2021 01:24:35 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame 3677 331 KB
332 KB 121ms
119ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MtHmvAV79SDX3Ra6bP%2FFXCKSAYFzlVIZtUOrtPeQNuYY88liDyit2xTmpD1pMIiYULLNe1ealUg3XM%2FlV%2B5UJaZXLiz%2F9z6xe3wHEHBz6iEopX3Zd4YbbeIs2shSQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 61138ee64f634a74-FRA
content-length: 338715
cf-request-id: 07a017a3e900004a74bc373000000001
expires: Sat, 16 Jan 2021 01:24:34 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
75 B 13ms
13ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1337192004&t=pageview&_s=1&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&_u=YEBAAEABAAAAAC~&jid=1346105971&gjid=2005753551&cid=1168114536.1610587475&tid=UA-42296749-1&_gid=674349436.1610587475&_r=1&_slc=1&z=1423807102

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/r8jtf1oixV0IGff4hgB4EzDF/ 335 KB
131 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/r8jtf1oixV0IGff4hgB4EzDF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d19fffadd3448844a6dbe84367829270272056216face9083c9c01feccbf967e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 872
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133675
x-xss-protection: 0
last-modified: Mon, 11 Jan 2021 03:18:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 01:10:03 GMT

GET
H3-Q050 200 pubads_impl_2021011202.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B0D3 276 KB
97 KB 41ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 15:13:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99521
x-xss-protection: 0
expires: Thu, 14 Jan 2021 01:24:35 GMT

GET
H3-Q050 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame B0D3 54 KB
21 KB 33ms
32ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011202.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

7db8a39dd5cdaff2e2d44b827b43bb97f559bde44a071ffa9349a640127b68b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1147
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20942
x-xss-protection: 0
server: cafe
etag: 9498394963185454120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Jan 2021 02:05:28 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B0D3
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1
https://mug.criteo.com/sid?cpp=155VpXx2V0VXRVpQLytDWTdiR2NXNWFERFJkYlBKdVJ6TWRtUFpoek93LytIb3VtQTYrOFlwYUg1RkEwT1hrZFpHUHRQWnJCRFVHQ2xmSGZkY1VEdC9LNXgycW4xekpXZTJtb2xiWWkyU2Q4b044VW10Wm4ycWFLeXZVTl...

398 B
667 B

1063ms
20ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=155VpXx2V0VXRVpQLytDWTdiR2NXNWFERFJkYlBKdVJ6TWRtUFpoek93LytIb3VtQTYrOFlwYUg1RkEwT1hrZFpHUHRQWnJCRFVHQ2xmSGZkY1VEdC9LNXgycW4xekpXZTJtb2xiWWkyU2Q4b044VW10Wm4ycWFLeXZVTlp1RTdMUHBoK3h3ZjRRWWVmczF6ZDhFRTV4R3NIeVBxWFdyN2d1N1NCQTZ0Q3hnSW5NVGcrK0pJZ053MmF6UHp6ZElSbjI5ajQzTGR4bVBGNFdVdDZQelJKL01GZ1VSa2h0RlI5SHdYSVUxa2VzaWZqajZpYWRCdUpVMGJqT0IrS0ZMRWZNZmNSfA&cppv=2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b2166782bfdcbb46bcd51d4ffb00b0e8c043469bfb37634654a1d12c42902870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 14 Jan 2021 01:24:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1146
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 14 Jan 2021 01:24:34 GMT
location: https://mug.criteo.com/sid?cpp=155VpXx2V0VXRVpQLytDWTdiR2NXNWFERFJkYlBKdVJ6TWRtUFpoek93LytIb3VtQTYrOFlwYUg1RkEwT1hrZFpHUHRQWnJCRFVHQ2xmSGZkY1VEdC9LNXgycW4xekpXZTJtb2xiWWkyU2Q4b044VW10Wm4ycWFLeXZVTlp1RTdMUHBoK3h3ZjRRWWVmczF6ZDhFRTV4R3NIeVBxWFdyN2d1N1NCQTZ0Q3hnSW5NVGcrK0pJZ053MmF6UHp6ZElSbjI5ajQzTGR4bVBGNFdVdDZQelJKL01GZ1VSa2h0RlI5SHdYSVUxa2VzaWZqajZpYWRCdUpVMGJqT0IrS0ZMRWZNZmNSfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2903
content-length: 509
expires: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame B0D3 0
459 B 38ms
38ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=daffodil-ruddy-run.glitch.me&doc=complete&pg_h=250&pg_w=300&pg_hs=250&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:35 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 display.php Show response
www.tradeadexchange.com/a/ 6 KB
2 KB 3466ms
140ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Jan 2021 01:24:38 GMT
content-encoding: gzip
server: openresty
alt-svc: clear
via: 1.1 google
content-type: application/javascript; charset=utf-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3677
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&domain=daffodil-ruddy-run.glitch.me&cw=1
https://mug.criteo.com/sid?cpp=4d-nDHxNM3JlNk85TjR3cEpjeTFaL2EzK1ZDMXZTVFo3YnlQcS9RVndsZ2hORUxZN3BoV2ZlYTByTDE2UDdQSXUyQ2l2MWNGOG5vMVBPbFBkaXNuY1kxblRIZUV2a2JIelpUS01McjlVdkZmekh6SVpJVXQ5a0lpL2ExSm...

420 B
679 B

1031ms
21ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=4d-nDHxNM3JlNk85TjR3cEpjeTFaL2EzK1ZDMXZTVFo3YnlQcS9RVndsZ2hORUxZN3BoV2ZlYTByTDE2UDdQSXUyQ2l2MWNGOG5vMVBPbFBkaXNuY1kxblRIZUV2a2JIelpUS01McjlVdkZmekh6SVpJVXQ5a0lpL2ExSmpsSVhlbUNoWVBTZ3ovd0tJUGlwaGljNUN4LzRFbnN6UlpxSXpVdFhhRU5qSGd1MEpWRzlZakJvSDBWanlLNFJhS2NQOFNHRllqcjhXZlpwVVc0SmxLRFM2cG9HK2dmUzBGWUdoa01DdnIzaWZFekJYU3RSR2hUVERmbmR6b3U3OU9rRUNqNE4xfA&cppv=2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0a8068d13c6d51923897dab835db366c2b3c667f6e47b35e7ec3661e7ce3a6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 14 Jan 2021 01:24:35 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1082
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 14 Jan 2021 01:24:34 GMT
location: https://mug.criteo.com/sid?cpp=4d-nDHxNM3JlNk85TjR3cEpjeTFaL2EzK1ZDMXZTVFo3YnlQcS9RVndsZ2hORUxZN3BoV2ZlYTByTDE2UDdQSXUyQ2l2MWNGOG5vMVBPbFBkaXNuY1kxblRIZUV2a2JIelpUS01McjlVdkZmekh6SVpJVXQ5a0lpL2ExSmpsSVhlbUNoWVBTZ3ovd0tJUGlwaGljNUN4LzRFbnN6UlpxSXpVdFhhRU5qSGd1MEpWRzlZakJvSDBWanlLNFJhS2NQOFNHRllqcjhXZlpwVVc0SmxLRFM2cG9HK2dmUzBGWUdoa01DdnIzaWZFekJYU3RSR2hUVERmbmR6b3U3OU9rRUNqNE4xfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2231
content-length: 509
expires: 0

GET
H3-Q050 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3677 275 KB
97 KB 41ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Thu, 14 Jan 2021 01:24:35 GMT

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 947A 0
0 24ms
24ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2RhZmZvZGlsLXJ1ZGR5LXJ1bi5nbGl0Y2gubWU6ODA.&hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&size=invisible&cb=drjggqjlqkgm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8jtf1oixV0IGff4hgB4EzDF/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t+4BQBRvB64t6SvgEngygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&co=aHR0cDovL2RhZmZvZGlsLXJ1ZGR5LXJ1bi5nbGl0Y2gubWU6ODA.&hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&size=invisible&cb=drjggqjlqkgm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Jan 2021 01:24:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-t+4BQBRvB64t6SvgEngygw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11049
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame F3F3 0
0 17ms
16ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&cb=djacpukplca

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/r8jtf1oixV0IGff4hgB4EzDF/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A3KIyAJP791G1NW8LZq26A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=r8jtf1oixV0IGff4hgB4EzDF&k=6LeT9DEUAAAAAHSbpOoPCW9QnuWUwQ3FOFZh0Uu8&cb=djacpukplca
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Jan 2021 01:24:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-A3KIyAJP791G1NW8LZq26A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1123
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c
c.adskeeper.com/ 43 B
296 B 64ms
54ms Image
image/gif 2606:4700::6812:1041
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/c?f=1&pv=3&v=310|81|8|UBx2MA2pNcuWzXrJCi16vmiuaoG6aBT0kzNZf6yWebhvkaw4RUwahopdvvuISQUj&fw=1&extjs=66044&v=310|81|8|yBQ_04YkshG3CjNXsOneNyjs64VKz84yIOvzNCWu2E0U1aWLLngJmG8d9DS8r7iY&v=310|81|8|hueBqkMKQ3R5Hko-hlNmFTzGMjtlwtcE__TD3rs7GdFRRGXmfM6rlEUuXDh6tMsp&cid=1056221&h2=0lzMjKYr_ik_zXAf0qhM7ZeiDhk8dWuQGYkVzfgIP58*&rid=423850ce-5607-11eb-8ded-d094662f8ab5&tt=Direct&iv=11&pageImp=1&cbuster=1610587475371164721605&tpl=0
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:35 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ae7bd290-000d-46ee-a92f-c3dcc11aab1e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61138eea3d314a9d-FRA
cf-request-id: 07a017a66400004a9d7d925000000001
server: cloudflare

GET
H2 200 multi Show response
resumersvo.fun/ 3 KB
2 KB 124ms
123ms XHR
text/plain 52.222.141.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resumersvo.fun/multi?tid=898034&red=1&cs=NWJVRXMEVGB8FQEBYCNDVwNgJkMF&abt=0&v=1.0.50.0&sm=76&k=&sts=64&prn=0&emb=0&u=147a0aaca3138b2cc643e0cc07c7b4ec&fs=1&ref=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=1&uloc=&if=0&_RfxK=1610587475554&crc=1
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: http://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=822524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.141.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: a547e05545e5f4ac3c019c0a131d58fa983a528dd092ff3add6951ce03bbc1df

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:35 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 1808
via: 1.1 188ad9345a63903c70cb830c2aa31874.cloudfront.net (CloudFront)
x-amz-cf-id: J0go-z9uFHBV9N5inm7OSlENS4GB4snH38UWdxJMZ5o3SJ8fxvItbA==

GET
DATA 200
OK truncated
/ Frame F383 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://daffodil-ruddy-run.glitch.me
Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 01:53:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 171039
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15556
x-xss-protection: 0
expires: Wed, 12 Jan 2022 01:53:56 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp
s-img.mgid.com/g/3805532/492x328/0x0x492x328/ 8 KB
8 KB 37ms
35ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805532/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp?v=1610587475-RENh8pIqqsx_X_RYFwg5IK2lKoX35JYSZoascRRd7lg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15216092d4eea89569605ce7fe81040ec84a0f6d8943c66273ee11386814913

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:14:32 GMT
x-mg-request-uuid: 61900142-2dc3-48f2-8174-d7cc0c47c787
age: 6220098
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eec9e6804a3-CDG
content-length: 8168
cf-request-id: 07a017a7e2000004a3a0b1f000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x328/0x0x758x505/ 23 KB
23 KB 25ms
25ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x328/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1610587475-9NS9sjCpRfjo9Lkg2mfP9xMu1D4Z4FtIDyCcXey4d-A
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:53 GMT
x-mg-request-uuid: 3b73cb79-ca60-4e5c-8832-e5ef5801d594
age: 6033275
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eecdef704a3-CDG
content-length: 23892
cf-request-id: 07a017a806000004a35a85a000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x328/0x63x1000x666/ 8 KB
8 KB 27ms
26ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805603/492x328/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1610587475-LPcIvlP-D--ru6ipB68FPG6UBAl_eCq4S56NAOLsyWQ
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5fb8d5d38a0ab66163059f480440968852e48eb3d6c1147efc572feaa71773

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:35 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Oct 2020 08:55:11 GMT
x-mg-request-uuid: 76de5506-0a7b-43d1-8fc0-5c64618987fe
age: 6044243
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eecff1504a3-CDG
content-length: 7692
cf-request-id: 07a017a817000004a35da05000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzRlNGQ3OTFiYWM0Y2I3NjA1MmJjNzM3YWJjZWZmMjRiLmpwZWc.webp
s-img.mgid.com/g/5097648/492x328/0x0x750x500/ 35 KB
35 KB 28ms
28ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097648/492x328/0x0x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzRlNGQ3OTFiYWM0Y2I3NjA1MmJjNzM3YWJjZWZmMjRiLmpwZWc.webp?v=1610587475-RiF_G6t1budGwhxyTCTfhcVAueJCpaP_BP5w2RAH36w
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d37ecc1cf963f0247bc92e7a1c0831772ad3cebabb54fadb06a810fc4ec5ea1d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:56 GMT
x-mg-request-uuid: 18a688ff-a1e4-4920-a7b0-57fb4ba14009
age: 6043927
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eed1f6304a3-CDG
content-length: 35562
cf-request-id: 07a017a82b000004a39eb26000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp
s-img.mgid.com/g/3805532/492x328/0x0x492x328/ Frame 4166 8 KB
8 KB 28ms
28ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805532/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY.webp?v=1610587475-RENh8pIqqsx_X_RYFwg5IK2lKoX35JYSZoascRRd7lg
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15216092d4eea89569605ce7fe81040ec84a0f6d8943c66273ee11386814913

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:14:32 GMT
x-mg-request-uuid: 61900142-2dc3-48f2-8174-d7cc0c47c787
age: 6220099
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eed1f7204a3-CDG
content-length: 8168
cf-request-id: 07a017a835000004a391a2f000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x328/0x0x758x505/ Frame 4166 23 KB
23 KB 28ms
27ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x328/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1610587475-9NS9sjCpRfjo9Lkg2mfP9xMu1D4Z4FtIDyCcXey4d-A
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:53 GMT
x-mg-request-uuid: 3b73cb79-ca60-4e5c-8832-e5ef5801d594
age: 6033276
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eed4f9504a3-CDG
content-length: 23892
cf-request-id: 07a017a84f000004a35da09000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp
s-img.mgid.com/g/3805603/492x328/0x63x1000x666/ Frame 4166 8 KB
8 KB 31ms
30ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805603/492x328/0x63x1000x666/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzgzMWNhNTA3NTcxYTEwNjFkMDU0ZDllNDc4ODk0MTA3LmpwZz90PTE0OTgxNjE2NzM1NjY.webp?v=1610587475-LPcIvlP-D--ru6ipB68FPG6UBAl_eCq4S56NAOLsyWQ
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5fb8d5d38a0ab66163059f480440968852e48eb3d6c1147efc572feaa71773

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
cf-cache-status: HIT
last-modified: Thu, 08 Oct 2020 08:55:11 GMT
x-mg-request-uuid: 76de5506-0a7b-43d1-8fc0-5c64618987fe
age: 6044244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eed4f9604a3-CDG
content-length: 7692
cf-request-id: 07a017a850000004a3a5392000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzRlNGQ3OTFiYWM0Y2I3NjA1MmJjNzM3YWJjZWZmMjRiLmpwZWc.webp
s-img.mgid.com/g/5097648/492x328/0x0x750x500/ Frame 4166 35 KB
35 KB 27ms
26ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097648/492x328/0x0x750x500/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzRlNGQ3OTFiYWM0Y2I3NjA1MmJjNzM3YWJjZWZmMjRiLmpwZWc.webp?v=1610587475-RiF_G6t1budGwhxyTCTfhcVAueJCpaP_BP5w2RAH36w
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d37ecc1cf963f0247bc92e7a1c0831772ad3cebabb54fadb06a810fc4ec5ea1d

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:56 GMT
x-mg-request-uuid: 18a688ff-a1e4-4920-a7b0-57fb4ba14009
age: 6043927
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61138eed7fde04a3-CDG
content-length: 35562
cf-request-id: 07a017a86d000004a38f93c000000001
server: cloudflare

POST
H2 204 csi
csi.gstatic.com/ Frame B0D3 0
322 B 42ms
16ms Other
image/gif 2a00:1450:400e:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kjw675bn&c=357697019968262&e=21068773%2C21069144%2C21068607%2C21068810%2C21066613%2C21066615&ctx=1&met.9=1.10c~2.12n&met.3=827.12q~77.12q~297.12q~112.147_1~94.14b~573.14f~113.14d_4&met.7=CBsQCiAEOI0BwAGxypPFBg~CBsQCiCyATiAAcAB4szA1AM~CBsQCiCzATjZCcAB06vn_Ao~CA0QChgBIKcFKKcFMJUKOO4EQPsJSPsJUPsJWIEKaIEKcJAKeMGXAYABp5QBiAHNuwOwAQG4AQPAAdLFodEP~CBsQCiCnBTh1wAHx24vbAQ~CA4QChgBIJ0KKJ0KMOYKOElonQpwxgp4pIoGgAHBiQaIAeefEbABAbgBA8ABk97GlQ0~CCgQChgBIPMKKPMKMJYLOCNo9QpwlQt486UBgAHOowGIAcawA7ABAbgBA8ABm-H6cA~CBwQBhgBILELKLELMOULODRovwtw5Qt4ywOwAQG4AQPAAePE3vwL~CBsQDSDNCzioCMAB4eudzQQ&met.1=1.kjw6747g~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0&met.2=19.1~17.4z~18.13g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame B0D3 3 KB
3 KB 98ms
98ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v526
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:36 GMT
Last-Modified: Mon, 06 Jul 2020 13:30:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f032768-a4e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2638
Expires: Sat, 16 Jan 2021 01:24:36 GMT

GET
H2 200 1608830102-80x80_brand_sammy-logo_static_transparent.png
cdn4.buysellads.net/uu/1/78180/ 6 KB
6 KB 21ms
20ms Image
image/png 94.31.29.32
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/78180/1608830102-80x80_brand_sammy-logo_static_transparent.png
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: fee2509927c2519ced41a6282d14cd22dbf1a2189e0242fb3f395235be8eeb94

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
last-modified: Thu, 24 Dec 2020 17:15:04 GMT
server: NetDNA-cache/2.2
x-amz-request-id: A4CB9FF2D606A57F
etag: "d5c6f5834e2d5efd0fd9fdec70a31cac"
x-cache: HIT
content-type: image/png
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 6206
x-amz-id-2: fDOqP9k3rIzmeA0FJ1MyaH6tRXNcQnJlstf7tRlIFXxRhVF3pD/4NZB7R11bHTbMnKAQCaVECEQ=
expires: Sun, 09 Jan 2022 01:24:36 GMT

GET
H3-Q050

200

B25127528.291137174;dc_pre=CKTqwvOhmu4CFfvjuwgdSF0Jzw;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.291137174;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.291137174;dc_pre=CKTqwvOhmu4CFfvjuwgdSF0Jzw;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;ta...

42 B
608 B

105ms
63ms

Image
image/gif

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.291137174;dc_pre=CKTqwvOhmu4CFfvjuwgdSF0Jzw;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1212560.3091281BUYSELLADS/B25127528.291137174;dc_pre=CKTqwvOhmu4CFfvjuwgdSF0Jzw;dc_trk_aid=484416988;dc_trk_cid=143212984;ord=1610587476;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 532ms
61ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=949356572&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=540208388&wv-part=1&browser-info=ti%3A8%3Aet%3A1610587474%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210114022434%3Abt%3A1%3Ast%3A1610587477%3Au%3A16105874741039867228

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:37 GMT
last-modified: Thu, 14-Jan-2021 01:24:37 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:37 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 150ms
102ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=818570541&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=540208388&wv-part=1&browser-info=ti%3A8%3Aet%3A1610587474%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210114022434%3Ast%3A1610587477%3Au%3A16105874741039867228

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:36 GMT
last-modified: Thu, 14-Jan-2021 01:24:36 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:36 GMT

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame B0D3 36 B
652 B 1083ms
177ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v526
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:37 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 16 Jan 2021 01:24:37 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 104ms
103ms XHR
application/json 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1610587476808&sessionId=5c325bde-218c-e2eb-eeea-85c42b40c061&url=daffodil-ruddy-run.glitch.me&cheqSource=1&cheqEvent=3&responseTime=3517
Requested by: Host: widgets.outbrain.com
URL: http://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:36 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5237722e0e8924dba47b999002806577
Content-Length: 4
Expires: 0

GET
H2 200 sync Show response
gum.criteo.com/ 56 B
377 B 39ms
14ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=446&r=2&j=revCriteoRTUSCallback

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 14 Jan 2021 01:24:35 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 765
content-length: 172
expires: 60

GET
H2 404 / Show response
trends.revcontent.com/api/delivery/ 0
464 B 51ms
51ms Fetch
text/html 54.154.46.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?w=1&width=1600&rev_allow_cookies=1&site_url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&va=1&time=1610587476829&up=pc&bn=chrome&bv=83

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.46.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:36 GMT
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0

POST
H2 204 e Show response
s.seedtag.com/e/ 0
296 B 1071ms
29ms XHR
text/plain 34.96.106.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/e
Requested by: Host: config.seedtag.com
URL: http://config.seedtag.com/st_3.dfb027c62bd77a7efc9a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.106.9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 01:24:37 GMT
via: 1.1 google
server: nginx
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear

POST
H2

204

generic
trends.revcontent.com/event/
Redirect Chain

http://trends.revcontent.com/event/generic
https://trends.revcontent.com/event/generic

0
0

1885ms
44ms

Fetch

54.154.46.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.46.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: null
date: Thu, 14 Jan 2021 01:24:38 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

Redirect headers

Location: https://trends.revcontent.com/event/generic
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me

GET
H/1.1 200
OK it-banner-frame.css
p93920.mycdn.co/uicomp/styles/dist/80.2-1/ Frame B5A1 2 KB
1 KB 3669ms
19ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p93920.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:40 GMT

GET
H/1.1 200 findBanner Show response
infopicked.com/adServe/banners/ 865 B
1 KB 1510ms
263ms Script
text/javascript 173.192.101.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: http://infopicked.com/adServe/banners/findBanner?num=1&keyword=Trying%20to%20reach%20the%20most%20ads%20since%202020&tid=405661_796127_3&type=js&ar=b&ts=c&ito=http%3A%2F%2Fp405661.mycdn.co&bs=6&referrer=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&ap=cmp%3DFLOATING_BANNER%26evp%3Du6geJV4sLGuSRnWLnEbbV_bWwvziNp_1nDHhmKrMWGNTTeaDr-VZbeXW8oIhh6RG%26sjv%3D118.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26tip%3DTrying%2520to%2520reach%2520the%2520most%2520ads%2520since%25202020&pid=405661&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0wJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xMg%3D%3D&olive=1&callback=ITC3ww1josr344
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.65.c0ad.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 86ba3ee4fdae84b755be92a4b599aa3ed933268260da9ada3b36889ad280aff8

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:38 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=utf-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame B0D3 44 B
337 B 144ms
36ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 01:24:37 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET rid
match.adsrvr.org/track/ Frame B0D3 0
0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 3677 44 B
110 B 103ms
37ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.207.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

148.207.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Jan 2021 01:24:37 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET rid
match.adsrvr.org/track/ Frame 3677 0
0

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 3677 3 KB
3 KB 98ms
98ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v614
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:37 GMT
Last-Modified: Mon, 06 Jul 2020 13:30:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f032768-a4e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2638
Expires: Sat, 16 Jan 2021 01:24:37 GMT

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 3677 36 B
652 B 328ms
177ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v614
Protocol: HTTP/1.1
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 14 Jan 2021 01:24:37 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sat, 16 Jan 2021 01:24:37 GMT

GET
H/1.1 200
OK it-banner-frame.css
p405661.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 906E 2 KB
1 KB 37ms
19ms Stylesheet
text/css 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:23 GMT
Server: NetDNA-cache/2.2
ETag: W/"5d10b503-858"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: HIT
Content-Type: text/css
Cache-Control: max-age=31104000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 09 Jan 2022 01:24:38 GMT

GET
H2 200 coin_6x.gif
p405661.mycdn.co/ext/onn/floating/ Frame 906E 15 KB
15 KB 1816ms
18ms Image
image/gif 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p405661.mycdn.co/ext/onn/floating/coin_6x.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 753c5a946c7af205b6c05b9fc7b6b35436aff46a87609379c165f6740187a590

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:40 GMT
last-modified: Mon, 05 Feb 2018 08:26:33 GMT
server: NetDNA-cache/2.2
etag: "5a781539-3bf6"
x-cache: HIT
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 15350
expires: Sun, 09 Jan 2022 01:24:40 GMT

GET
H2 200 display.php Show response
www.tradeadexchange.com/ad/ 62 KB
13 KB 233ms
232ms Script
application/javascript 35.190.74.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tradeadexchange.com/ad/display.php?stamat=m%7CEqdjY3djaQdHkAH0dEdHP3xP.b10%2C2t5FkDDYpjxJXsMWHSh7wBG6VAx_Q9TxSSvYJWOcEw4dSpf7D6GmDmyZSIE8TU3Rf5JfCV5UIoLDL7XypVKwg-FjfCltSEkn7hJbpfh2SXkWpx7cxTFor-Pw5rOWUi3bakgeDt_H4Ls0EESx1DddAQ%2C%2C&cbrandom=0.5065058702089134&cbtitle=Trying%20to%20reach%20the%20most%20ads%20since%202020&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
Requested by: Host: www.tradeadexchange.com
URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 7e96196784bcb2a4c96de2145e0437182fca54363375c5c4042ed6fe758c1120

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:38 GMT
content-encoding: gzip
alt-svc: clear
server: openresty
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <s.click.aliexpress.com>; rel=dns-prefetch,<s.click.aliexpress.com>; rel=preconnect,<www.tradeadexchange.com>; rel=dns-prefetch,<www.tradeadexchange.com>; rel=preconnect
via: 1.1 google

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 53ms
53ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=771463929&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=540208388&wv-part=2&browser-info=ti%3A8%3Aet%3A1610587477%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210114022434%3Abt%3A1%3Ast%3A1610587479%3Au%3A16105874741039867228

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:38 GMT
last-modified: Thu, 14-Jan-2021 01:24:38 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:38 GMT

GET
H/1.1 200
OK top-close-2.png
p405661.mycdn.co/img/new-comp/ 1 KB
1 KB 37ms
19ms Image
image/png 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://p405661.mycdn.co/img/new-comp/top-close-2.png
Requested by: Host: p405661.mycdn.co
URL: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
Protocol: HTTP/1.1
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9

Request headers

Referer: http://p405661.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-6.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 14 Jan 2021 01:24:39 GMT
Last-Modified: Mon, 14 Nov 2016 16:34:57 GMT
Server: NetDNA-cache/2.2
ETag: "5829e7b1-464"
X-Cache: HIT
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1124
Expires: Sun, 09 Jan 2022 01:24:39 GMT

GET
H2 200 train_17_1.gif
p93920.mycdn.co/ext/onn/if1trainbit/ Frame B5A1 34 KB
34 KB 25ms
24ms Image
image/gif 94.31.29.128
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p93920.mycdn.co/ext/onn/if1trainbit/train_17_1.gif
Requested by: Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.128 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6a170de504a4c7ba8831ab765289210145774242ebd8cba8eb535e0c9e559def

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 01:24:40 GMT
last-modified: Sun, 02 Jun 2019 11:20:11 GMT
server: NetDNA-cache/2.2
etag: "5cf3b0eb-86df"
x-cache: HIT
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 34527
expires: Sun, 09 Jan 2022 01:24:40 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=193318277&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=540208388&wv-part=3&browser-info=ti%3A8%3Aet%3A1610587479%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210114022434%3Abt%3A1%3Ast%3A1610587481%3Au%3A16105874741039867228

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:40 GMT
last-modified: Thu, 14-Jan-2021 01:24:40 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:40 GMT

OPTIONS
H/1.1 200
OK 11
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/d25689c8f28ec01859555afe21d1d031edc3a7db/ Frame 0
0 64ms
64ms Other
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/d25689c8f28ec01859555afe21d1d031edc3a7db/11
Protocol: HTTP/1.1
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40-0+deb8u12
Access-Control-Allow-Headers: origin, content-type, accept
Access-Control-Allow-Methods: POST
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Date: Thu, 14 Jan 2021 01:24:43 GMT
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn12
X-UA-Compatible: IE=Edge

POST
H/1.1 200
OK 11 Show response
api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/d25689c8f28ec01859555afe21d1d031edc3a7db/ 15 B
784 B 85ms
84ms XHR
application/json 78.140.188.189
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/d25689c8f28ec01859555afe21d1d031edc3a7db/11
Requested by: Host: cdn.shorte.st
URL: http://cdn.shorte.st/link-converter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/5.6.40-0+deb8u12
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 14 Jan 2021 01:24:43 GMT
Server: nginx
X-Powered-By: PHP/5.6.40-0+deb8u12
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
X-Server-ID: shn06
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-UA-Compatible: IE=Edge

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
49 B 13ms
13ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1337192004&t=event&_s=2&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&ec=interstitial&ea=callback&el=success&_u=aEBAAEABAAAAAC~&jid=47688337&gjid=1984099014&cid=1168114536.1610587475&tid=UA-42296749-1&_gid=674349436.1610587475&_r=1&z=1531777707

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 48ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=287801807&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=540208388&wv-part=4&browser-info=ti%3A8%3Aet%3A1610587483%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210114022434%3Abt%3A1%3Ast%3A1610587485%3Au%3A16105874741039867228

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:45 GMT
last-modified: Thu, 14-Jan-2021 01:24:45 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:45 GMT

GET
H2

200

1
mc.yandex.ru/watch/49239574/
Redirect Chain

https://mc.yandex.ru/watch/49239574?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%...
https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610587471783%3As%3A1600x1200x24%3As...

43 B
71 B

54ms
54ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022449%3Aet%3A1610587489%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A148%3Als%3A1311556304021%3Arqn%3A2%3Arn%3A498013525%3Ahid%3A540208388%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587489%3Au%3A16105874741039867228

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:49 GMT
last-modified: Thu, 14-Jan-2021 01:24:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:49 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:49 GMT
last-modified: Thu, 14-Jan-2021 01:24:49 GMT
location: /watch/49239574/1?page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1610587471783%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20210114022449%3Aet%3A1610587489%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A148%3Als%3A1311556304021%3Arqn%3A2%3Arn%3A498013525%3Ahid%3A540208388%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1988%3Awv%3A2%3Arqnl%3A1%3Ast%3A1610587489%3Au%3A16105874741039867228
strict-transport-security: max-age=31536000
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:49 GMT

OPTIONS
H/1.1 200
OK custom
kumteerg.com/ Frame 0
0 97ms
32ms Other
text/plain 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kumteerg.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://daffodil-ruddy-run.glitch.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 14 Jan 2021 01:24:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
kumteerg.com/ 39 B
502 B 93ms
32ms Fetch
application/json 139.45.196.135
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kumteerg.com/custom

Requested by

Host: daffodil-ruddy-run.glitch.me
URL: http://daffodil-ruddy-run.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e61774f03586bfc3ae1a1ff3dd017ca0
Date: Thu, 14 Jan 2021 01:24:50 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://daffodil-ruddy-run.glitch.me
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 8073 0
0 114ms
27ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by: Host: s.aolcdn.com
URL: http://s.aolcdn.com/ads/adswrappermsni.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D5A) /
Resource Hash

Request headers

:method: GET
:authority: tag.idsync.analytics.yahoo.com
:scheme: https
:path: /sp-frame.html?referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://daffodil-ruddy-run.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDSYNC=18z8~1vw1; A3=d=AQABBFad_18CEBMjy0RctCbcfS0ZCMptmoAFEgEBAQHuAGAJYAAAAAAA_SMAAA&S=AQAAAq9Uw0vLfCGQwlDtNnNdvAY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://daffodil-ruddy-run.glitch.me/

Response headers

content-encoding: gzip
age: 144
content-type: text/html
date: Thu, 14 Jan 2021 01:24:50 GMT
etag: "9fad51d2a83b0a4de3eb75724ba26b2c+gzip"
last-modified: Mon, 23 Mar 2020 22:06:06 GMT
server: ECS (lcy/1D5A)
vary: Accept-Encoding
x-amz-id-2: SPZPLqLR47Pk4NLcX+GwYEIXCwoerPH4MwlB1VLkfferfwwJLAD8JCMuQnoVsEEcFKwyT3Xm0lM=
x-amz-request-id: AG8H3V7SCRAW5GFT
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3087

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 118ms
39ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , Switzerland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 49239574 Show response
mc.yandex.ru/webvisor/ 43 B
192 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/49239574?wmode=0&rn=257870562&page-url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&wv-type=3&wv-hit=540208388&wv-part=5&browser-info=ti%3A8%3Aet%3A1610587491%3Aw%3A1600x1200%3Av%3A1988%3Az%3A60%3Ai%3A20210114022434%3Abt%3A1%3Ast%3A1610587493%3Au%3A16105874741039867228

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://daffodil-ruddy-run.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jan 2021 01:24:52 GMT
last-modified: Thu, 14-Jan-2021 01:24:52 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://daffodil-ruddy-run.glitch.me
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Jan-2021 01:24:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.webglstats.com
URL: http://cdn.webglstats.com/stat.js

Domain: 4.adsco.re
URL: http://4.adsco.re/

Domain: 4.adsco.re
URL: http://4.adsco.re/

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json

Verdicts & Comments Add Verdict or Comment

571 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tapad.com/	1970-01-19 16:49:31	Name: TapAd_DID Value: 451efa71-5607-11eb-a9ae-d6a303910107
.tapad.com/	1970-01-19 16:49:31	Name: TapAd_TS Value: 1610587478935
.tribalfusion.com/	1970-01-19 17:32:43	Name: ANON_ID Value: aAnseFqO2c9U2OqnvebZaDO8wFdDAa1Za4LVpFq8acCyLQuZbPmQbZcSCPsZdLhlMiLTplBocQjSZceZd04rVJeHldK
.pubmatic.com/	1970-01-19 16:06:19	Name: PugT Value: 1610587485
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_1101 Value: 23040-6917420562538297493
.pubmatic.com/	1970-01-19 17:32:43	Name: KRTBCOOKIE_377 Value: 6810-089223fd-699e-411c-b5ce-c8f17ee55918&KRTB&22918-089223fd-699e-411c-b5ce-c8f17ee55918&KRTB&23031-089223fd-699e-411c-b5ce-c8f17ee55918
.adtelligent.com/	1970-01-19 16:52:24	Name: a307355 Value: yRYvNgWkFJUOyQGfiEWE
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_1074 Value: 22956-e_0439adab-e32e-44cc-b440-0f09af51f7e0
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_391 Value: 22924-1873769869274861762
.pubmatic.com/	1970-01-19 19:42:19	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.pubmatic.com/	1970-01-19 17:32:43	Name: KADUSERCOOKIE Value: 0770F970-C4E2-41F7-AC95-B00F6D5DA673
.pubmatic.com/	1970-01-19 17:32:43	Name: KRTBCOOKIE_594 Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/	1970-01-19 17:32:43	Name: KRTBCOOKIE_80 Value: 16514-CAESEF5wZf0C6vNfAYkIUJj0EwE&KRTB&22987-CAESEF5wZf0C6vNfAYkIUJj0EwE&KRTB&23025-CAESEF5wZf0C6vNfAYkIUJj0EwE
.pubmatic.com/	1970-01-19 17:32:43	Name: KRTBCOOKIE_153 Value: 19420-pl25V6pf6gC-WekApA7yAPUD61e-X-YGql2fwmLF&KRTB&22979-pl25V6pf6gC-WekApA7yAPUD61e-X-YGql2fwmLF
.pubmatic.com/	1970-01-19 17:32:43	Name: KRTBCOOKIE_466 Value: 16530-a45d9f5f-d249-4d20-99f2-ba7ee72d8f37
.pubmatic.com/	1970-01-19 17:32:43	Name: PUBMDCID Value: 3
.adtelligent.com/	1970-01-19 16:52:24	Name: a309255 Value: 797795e1-94b8-4eae-af5d-6b642c20b8ac
.adtelligent.com/	1970-01-19 16:52:24	Name: a310570 Value: 711e47ec7bf80defe1e0430d
.pubmatic.com/	1970-01-19 17:32:43	Name: KRTBCOOKIE_107 Value: 1471-uid:lPmeGh831KZRnw5
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_409 Value: 22966-ZvzaILVPSYiAAGls6QdqWJK0&KRTB&23212-ZvzaILVPSYiAAGls6QdqWJK0
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_27 Value: 16735-uid:56345fff-9d5d-4e00-a2f4-1c1197e7a543&KRTB&16736-uid:56345fff-9d5d-4e00-a2f4-1c1197e7a543&KRTB&23019-uid:56345fff-9d5d-4e00-a2f4-1c1197e7a543&KRTB&23114-uid:56345fff-9d5d-4e00-a2f4-1c1197e7a543
.adtelligent.com/	1970-01-19 16:52:24	Name: vmuid Value: 89a31422c7aad80e
daffodil-ruddy-run.glitch.me/	1969-12-31 23:59:59	Name: waldo-pbjs-pubCommonId Value: 0a66ae3f-80e5-45e1-9db9-8e3831b72239
.doubleclick.net/	1970-01-20 00:44:43	Name: IDE Value: AHWqTUlJd8yrqHhmVsFDpyprVptD2uAiHPB6o0p_UaKm0izgYzKo8tirox04P1NS
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_699 Value: 22727-AAF9wk6__zsAABBCqbXnag
.pubmatic.com/	1970-01-19 16:06:19	Name: SPugT Value: 1610587481
.pubmatic.com/	1970-01-19 16:06:19	Name: KRTBCOOKIE_22 Value: 14911-8057952498652512951
.daffodil-ruddy-run.glitch.me/	1970-01-19 15:23:07	Name: _gat_shstTracker Value: 1

58 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 22) Message: triggered on event listener
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	log	URL: https://c.adsco.re/(Line 14) Message:
console-api	debug	URL: https://jsc.adskeeper.com/p/a/pastebin.com.1056221.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://daffodil-ruddy-run.glitch.me/(Line 111) Message: CMP IS FOUND
console-api	warning	URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: http://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: http://daffodil-ruddy-run.glitch.me/(Line 106) Message: CMP IS FOUND
console-api	debug	URL: http://jsc.mgid.com/b/r/brainberries.co.147802.js?t=1210141(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 21) Message: sending ad server request
console-api	warning	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 1) Message: USP is not accessible
console-api	warning	URL: http://cdn.thisiswaldo.com/static/js/8636.js(Line 1) Message: USP is not accessible
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: [object HTMLDivElement]
console-api	log	URL: http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1(Line 1) Message: console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
a.exosrv.com
accounts.google.com
ad.a-ads.com
ad.doubleclick.net
ads.pubmatic.com
ads.shorte.st
adsco.re
ajax.googleapis.com
api.rlcdn.com
api.shorte.st
assets.revcontent.com
bdv.bidvertiser.com
beta.infopicked.com
c.adsco.re
c.adskeeper.com
c0.pubmine.com
c1.popads.net
cdn.adskeeper.co.uk
cdn.carbonads.com
cdn.mgid.com
cdn.pixfuture.com
cdn.popmyads.com
cdn.shorte.st
cdn.thisiswaldo.com
cdn.webglstats.com
cdn4.buysellads.net
cdnjs.cloudflare.com
choogeet.net
choupsee.com
clksite.com
cm.adskeeper.com
cms.analytics.yahoo.com
coinpayu.com
config.seedtag.com
csi.gstatic.com
d2sbzwmcg5amr3.cloudfront.net
daffodil-ruddy-run.glitch.me
displayvertising.com
djv99sxoqpv11.cloudfront.net
duetgypsyantis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
gum.criteo.com
infopicked.com
ipfind.co
jsc.adskeeper.co.uk
jsc.adskeeper.com
jsc.mgid.com
kumteerg.com
log.outbrainimg.com
m.servedby-buysellads.com
m1ebhpl12oqp.l.adsco.re
m1ebhpl12oqp.n.adsco.re
m1ebhpl12oqp.s.adsco.re
match.adsrvr.org
mc.yandex.ru
mellowads.com
mug.criteo.com
my.rtmark.net
onegalact.com
p0.mycdn.co
p405661.clksite.com
p405661.mycdn.co
p93920.clksite.com
p93920.mycdn.co
pagead2.googlesyndication.com
popmyads.com
quantcast.mgr.consensu.org
rcm-na.amazon-adsystem.com
resumersvo.fun
s-img.adskeeper.com
s-img.mgid.com
s.adtelligent.com
s.aolcdn.com
s.pubmine.com
s.seedtag.com
seaboblit.com
securepubads.g.doubleclick.net
serve.popads.net
served-by.pixfuture.com
servicer.adskeeper.com
servicer.mgid.com
shorteh.com
srv.buysellads.com
srv.carbonads.net
ssp.zryydi.com
stawhoph.com
syndication.exosrv.com
tag.idsync.analytics.yahoo.com
tcheck.outbrainimg.com
thetarhaw.com
trends.revcontent.com
vdkveszksxtv.l.adsco.re
vdkveszksxtv.n.adsco.re
vdkveszksxtv.s.adsco.re
waxtamnit.com
widget-pixels.outbrain.com
widgets.outbrain.com
ws-na.assoc-amazon.com
www.bcloudhost.com
www.displayvertising.com
www.facebook.com
www.gearbest.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.maxonclick.com
www.tradeadexchange.com
yiatelychur.top
4.adsco.re
cdn.webglstats.com
match.adsrvr.org
104.18.133.145
104.19.132.78
104.19.133.80
104.19.134.78
104.19.134.80
104.21.20.75
108.161.189.78
13.226.169.25
13.35.253.58
134.209.16.110
139.45.195.206
139.45.195.41
139.45.196.11
139.45.196.135
139.45.196.200
139.45.196.65
146.59.211.253
151.139.128.11
152.195.51.15
162.252.214.5
172.217.16.130
172.217.21.230
173.192.101.24
178.128.255.177
178.250.0.157
185.200.116.90
185.200.118.90
192.0.77.38
2.18.232.28
2.18.233.180
2.18.234.190
212.82.100.182
213.196.2.2
216.21.13.17
216.59.56.9
23.111.10.140
23.43.126.245
2600:9000:214f:b400:9:46dc:4700:93a1
2600:9000:21c7:2800:4:164e:ca00:93a1
2600:9000:21c7:e800:1d:bf0d:abc0:21
2606:2800:233:af6:eab:2108:1892:6d8
2606:2800:234:4cc4:5670:35d5:1e00:b394
2606:4700:20::681a:46b
2606:4700:20::ac43:4671
2606:4700:20::ac43:4a21
2606:4700:20::ac43:4b05
2606:4700:3035::6818:7e98
2606:4700::6810:135e
2606:4700::6810:8916
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2606:4700::6812:1041
2606:4700:e0::ac40:6b0b
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:809::200d
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:1450:4001:824::200a
2a00:1450:4001:825::2002
2a00:1450:400e:80a::2003
2a02:2638:1::13
2a02:6b8::1:119
2a02:6ea0:c700::2
2a03:2880:f11c:8183:face:b00c:0:25de
2a0c:5c81:5161::2
34.120.207.148
34.96.106.9
35.190.68.123
35.190.74.92
37.59.184.172
38.132.109.186
51.178.195.174
51.68.161.17
51.68.161.27
52.222.141.90
52.3.60.128
52.46.129.238
52.46.135.132
52.52.67.66
54.154.46.83
54.241.51.109
68.183.31.14
70.42.32.95
78.140.188.189
79.125.73.87
85.10.201.130
94.31.29.128
94.31.29.32
95.211.229.245
081b815a30d5cffb74fd52388e88fe7fed693852736b0de9232613f191a48458
09a1424937d0fee49e8abed67d2f65f7db5b62ae944e187f8140f5e4751fce82
0a8068d13c6d51923897dab835db366c2b3c667f6e47b35e7ec3661e7ce3a6bc
0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33
11303d5a0e10a3643c56dbf226be43810821472036b7d54631065f586afbb23e
115ed11fb9457bb897579d4be870323771379eda1d31ffa4337da93659bcc73f
12f042f5e71752c4d8a2fb941d508cc98cc677a1b534268d1dc8904662d6c625
131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3
177d76801bdbecdb0d27109e118ae54a929156deac8ca44b46924a5c0f43cd7a
192e49a8d791354fa0e62f05a4f046dc04e39893079f1cf69d3ab3864e2fb686
1cbc05d4aa60b50834c89c8551be12edcced547c534dbaf3eaece84983f6b3fd
26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd
27607c921550b6f716f30ccd0ec80b0f1f866c04d9ffe06601cd6cb5457f0c55
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2e43a4dba40cfdbd5a628c6b10c4f53fff5c8b04e1b838eddb1d710dc165c002
2f1680c41c227c4a5e0d9f2eea1afcdedc8197dc107d040a68fa56c23708933a
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471
38cdfc5fb06413c93b1aadec4c6d8c759c7dba951704d5d20430a351e5bdb4c4
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c1e4cc7644ff1698616e3b394dc02cc07aa5a5e2fe94f992de85246c467dfa9
3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc
43e106423124c8c69f1ac878e1878c72963587027aa365aa13f4a43168ac7262
43e8bee5fa301ade18f16292edba4dd15d4bcd13bfd3906c12eb985e33a7eb5e
46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee
486fae0531e61d9b964b1ba45b62a7bdf66ceb313b7460e875654cc147179556
4ac9d70fe79919316742a1c8220bd7b1a75ae964725d39ff46963443d555de2b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cc12b8e6fef0d8c4401b7b321261a0d368c2f9e9b73d3a153ed4fa879d0e3e
5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de
62bf1e377405eb3b64149506aa8814cbbfa7ac2503be1771ff26e249e396c356
62d9a62b05324342e28694241cec8d0100d3467e11969aa769b3f2217a327490
648c8c443c52ac51c82eb84642108b855051e1a81d7c125bc1c4d2aecf1855d6
651fa8ed2ff40027aaaac33cf8daa9f8d4753ece1281b7e8ea8a7a0a54fd6cb2
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67c53ae0376cff4c5e0d35104820d0b2b8ab20c94a32e477db95ae74a2c84db5
687b09a67acc167e375e4926760460f5c02fe7579ef8d44ef44028124782e52f
6a170de504a4c7ba8831ab765289210145774242ebd8cba8eb535e0c9e559def
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
6f5fb8d5d38a0ab66163059f480440968852e48eb3d6c1147efc572feaa71773
74ba50276f10c70f4c62473eacaac82a8feb54d29a4198f23cfcfb583437d43b
753c5a946c7af205b6c05b9fc7b6b35436aff46a87609379c165f6740187a590
78fb236ce1d8d4e6ffb2801857ba5667335fff7fd41fd0cbc568f9b33e92340e
7a6d609e14ad86ba11813176879c5aafe5cfabc3b7c9f2d8e260c9176b9260b9
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04
7db8a39dd5cdaff2e2d44b827b43bb97f559bde44a071ffa9349a640127b68b7
7e96196784bcb2a4c96de2145e0437182fca54363375c5c4042ed6fe758c1120
80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86ba3ee4fdae84b755be92a4b599aa3ed933268260da9ada3b36889ad280aff8
876f81b245bddc56705cf98e10eb213725c5d7517927f3b42a8844f5776b186f
8782279b1ac7286e4167d1d1a72f05a90df10b4e476a222b9c5123601f5f84da
897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92a8c052c24889d39ddee3617dad8f31b6f036451afefdad1334b0fcd4694794
95fddf78880041d45ca14979cd85bc1bc6e1ab896fef029842a369946352c060
979a92d446f15b0039e800fff55f2fd1391ed23f8524b42a377e79ec2dc78e5c
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a547e05545e5f4ac3c019c0a131d58fa983a528dd092ff3add6951ce03bbc1df
a8b9ac0eb1daef27c6386f35bed7b93c4c49d8a68f733275f8a07f740d53d1d6
a8c506cd2328c91e62e309efb8548c921388b7a75437a30593ebcc8c54d8489b
a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ab3cb31553ab2d4204fdc61060e7e8bddc704553750864f71b96b6e038117059
abac8fba3d8995147b192769344dd1e08d855712b53b0bb13d86e432b4fbd09a
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b0088587e12bc6576304dd4020c59b096646f06a4b8fa42408857649fbbb4ba5
b100d412b48a91727786c41fb764484b2945bd2f3dde35910baef1172ffbb969
b1ebdd84bcc4265a86fc9765b670bce97d668e11ee0c9bee5ec9d8f5f507d646
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474
b2166782bfdcbb46bcd51d4ffb00b0e8c043469bfb37634654a1d12c42902870
b248729917ba3fb7d593928408b72bc64ce3e9ccf277508fe8e3bc9768da534b
b38e091ea746c1269cd8015329815d170900ed17441f0198e834cea4faef03f4
b42777b2cecb5ede1afbf724b1000756446a461ecaca872447f5fcf7c8acc755
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212
bc2ae0ffd64beed8d3ab44742b618498850fa6d3b546ef2c6776e94112d14ecd
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
c73be538e125be899656978e1759da5718cb2993b55e74bee2da30497781430f
c7644e16c3f1cebc16184feaf91e2074136366faf4a7dc16e5adf523905622b0
c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37
cc70ac48189914ec1a6e80fe259908c1f393849530fa9a71a056e2db7ae88546
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb9f03257d4f79e158116a6aef9e8bccce6f4d713e572854086449ab4fa95bc
d19fffadd3448844a6dbe84367829270272056216face9083c9c01feccbf967e
d2b1d80997b334c20233e62147320d5e8b91a22a755f1e463cf670a25924f074
d37ecc1cf963f0247bc92e7a1c0831772ad3cebabb54fadb06a810fc4ec5ea1d
d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e15216092d4eea89569605ce7fe81040ec84a0f6d8943c66273ee11386814913
e397f2c0de314b4ea8475b57a056c5a63ac9a1640ddbb4f604c938ff927cfb44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e7114b0b91621a452d752406ccba4e2e370ea8e4c119c53b0b72317e0adadf24
e8a0f23698379e82e263e8c82744eb94f88f91b8ba4a2dad979cbcfa5f0d724b
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b
ea9064b2347a577b2783c872efc61b773abf8ae760e1fa5ff7d17d765afe2812
ec045f7420ee62a6c3f0ddd948828afa6221a662c1aa95f022c0a9b7412bc4b8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa168aea8792f95139e4ad98344b89fd16f6a0f2444aac33a33121db774281e
efa6863cec6f5e541453d534eafe048ee1133e22294e69ceaa79d14d860795fd
f057ddc3ba51772f4676ec30fc61376aa92dd14eac79fc572bb30db998fbe714
f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864
f335805621f16d856fa49bc38f7d908f96d828509247b22f95a11c73895fab3a
f54a0e552eb39eb5ff2513642d6e58c466973e0ee169d3578d795254badc8eb7
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdb4bcc05d87dedf46deae70659d421e3ca7f6cfc12498c7d100babbf12a3066
fedb800db7cd7f77914df9ee8d9f98dcf0ec6edf3521f1e93d8cb28f2be8a654
fee2509927c2519ced41a6282d14cd22dbf1a2189e0242fb3f395235be8eeb94
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

daffodil-ruddy-run.glitch.me Open in urlscan Pro 52.3.60.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

227 Requests

60 %HTTPS

36 %IPv6

71 Domains

113 Subdomains

92 IPs

11 Countries

3913 kBTransfer

9032 kBSize

28 Cookies

16 Outgoing links

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

daffodil-ruddy-run.glitch.me Open in urlscan Pro
52.3.60.128 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

60 %
HTTPS

36 %
IPv6

71
Domains

113
Subdomains

92
IPs

11
Countries

3913 kB
Transfer

9032 kB
Size

28
Cookies

227 HTTP transactions
4 data transactions