daffodil-ruddy-run.glitch.me Open in urlscan Pro
54.175.88.164  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

• http://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000 HTTP 301
• https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000

Request Chain 25

• http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
• https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 36

• http://cdn.shorte.st/link-converter.min.js HTTP 301
• https://cdn.shorte.st/link-converter.min.js

Request Chain 38

• http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 301
• https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 HTTP 302
• https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20

Request Chain 44

• http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120111235812 HTTP 301
• https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120111235812

Request Chain 74

• http://www.google-analytics.com/analytics.js HTTP 307
• https://www.google-analytics.com/analytics.js

Request Chain 78

• http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.proxy=0&cp.quarantine_status=&cp.vno=1&cp.enc_url=&cp.type=overlay&cp.asid=6d5633477c6608022b6d35d6f4831059d4aeac0e HTTP 302
• https://shorteh.com/afu.php?zoneid=1241630 HTTP 302
• https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367558488789889749

Request Chain 81

• http://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC40MzQsImRvbUNvbXBsZXRlIjoxMC41MDEsInBhZ2VMb2FkVGltZSI6MTAuNTA3LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyNywicmVzcG9uc2VFbmRUaW1lIjowLjQ2MX19 HTTP 301
• https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC40MzQsImRvbUNvbXBsZXRlIjoxMC41MDEsInBhZ2VMb2FkVGltZSI6MTAuNTA3LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyNywicmVzcG9uc2VFbmRUaW1lIjowLjQ2MX19

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response daffodil-ruddy-run.glitch.me/	7 KB 8 KB	460ms 434ms	Document text/html	54.175.88.164 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 54.175.88.164 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-175-88-164.compute-1.amazonaws.com Software / Resource Hash 487b57483ac23952c826fb7b8afe98ce9802e91afe376937f8728ae10ed37b78 Request headers Host daffodil-ruddy-run.glitch.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Type text/html; charset=utf-8 Content-Length 7521 Connection keep-alive vary Origin accept-ranges bytes last-modified Mon, 28 Dec 2020 22:46:57 GMT cache-control max-age=0 etag W/"1d61-176ab887ae8"
GET H/1.1	200 OK	pop.js Show response mellowads.com/	423 B 1 KB	260ms 247ms	Script application/javascript	2606:4700::6810:8916 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://mellowads.com/pop.js?ref=4E0983D3C420 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd9029f879f01d476ae10bdc72a996b65002555993897878e326a04a9de51eb9 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Server cloudflare X-AspNet-Version 4.0.30319 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control no-cache Connection keep-alive CF-RAY 608ee26f4c2fd729-FRA Content-Length 497 cf-request-id 074d2bd9910000d729da303000000001 Expires -1
GET H/1.1	404 Not Found	/ onegalact.com/	0 0	78ms 38ms	Script text/html	51.68.161.17 OVH
General Check archive.org Show headers Download Go to Full URL http://onegalact.com/ Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 51.68.161.17 , France, ASN16276 (OVH, FR), Reverse DNS ip17.ip-51-68-161.eu Software nginx / Resource Hash Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20
GET H/1.1	200 OK	21431 Show response waxtamnit.com/fGZK1mdRMO3Lzx3/	0 1020 B	76ms 41ms	Script text/html	51.68.161.20 OVH
General Check archive.org Show headers Download Go to Full URL http://waxtamnit.com/fGZK1mdRMO3Lzx3/21431 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 51.68.161.20 , France, ASN16276 (OVH, FR), Reverse DNS ip20.ip-51-68-161.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20
GET H/1.1	200 OK	21432 Show response onegalact.com/pFFQARKPePsD/	0 1 KB	82ms 42ms	Script application/javascript	51.68.161.17 OVH
General Check archive.org Show headers Download Go to Full URL http://onegalact.com/pFFQARKPePsD/21432 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 51.68.161.17 , France, ASN16276 (OVH, FR), Reverse DNS ip17.ip-51-68-161.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20
GET H/1.1	200 OK	tag.min.js Show response kumteerg.com/pfe/current/	42 KB 12 KB	113ms 35ms	Script application/javascript	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/pfe/current/tag.min.js?z=3808000 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Last-Modified Thu, 10 Dec 2020 13:35:40 GMT Server nginx ETag W/"5fd2242c-a6a9" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	tag.min.js Show response choupsee.com/pfe/current/	42 KB 12 KB	117ms 35ms	Script application/javascript	139.45.196.200 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choupsee.com/pfe/current/tag.min.js?z=3808000 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ea06fff864da8c97b3255a69352a9417df06c6795dbf7e8fb51b57239b96d02b Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Last-Modified Thu, 10 Dec 2020 13:35:40 GMT Server nginx ETag W/"5fd2242c-a6a9" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	micro.tag.min.js Show response choogeet.net/pfe/current/	129 KB 38 KB	125ms 51ms	Script application/javascript	139.45.195.222 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choogeet.net/pfe/current/micro.tag.min.js?z=3461354 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.195.222 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:08 GMT Content-Encoding gzip Last-Modified Thu, 10 Dec 2020 13:35:40 GMT Server nginx ETag W/"5fd2242c-20534" Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	8636.js Show response cdn.thisiswaldo.com/static/js/	269 KB 81 KB	29ms 9ms	Script application/javascript	2600:9000:214f:d800:4:164e:ca00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cdn.thisiswaldo.com/static/js/8636.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 2600:9000:214f:d800:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 5e0a9e9b6a8061cb91728a76e9421f4ccfa71eb1e0e6569e69ac317d272eb712 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 27 Dec 2020 13:41:32 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 119798 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 18 Dec 2020 20:04:43 GMT Server Apache/2.4.29 (Ubuntu) ETag "435d5-5b6c29e916f57-gzip" Vary Accept-Encoding Content-Type application/javascript Via 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA53-C1 Accept-Ranges bytes X-Amz-Cf-Id GUzHGYuO6-oitpzq-xgW1xqk7oOxV3vJySMLpFn6Hiol5Az4xpJ5IQ==
GET H2	200	popunder1000.js Show response a.exosrv.com/	88 KB 38 KB	33ms 7ms	Script application/javascript	2606:2800:234:4cc4:5670:35d5:1e00:b394 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://a.exosrv.com/popunder1000.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (fcn/40B0) / Resource Hash a8e1377ae0f844ce357417d1de91954fd0dea03475a8fe2768eeb31f5606f568 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:10 GMT content-encoding gzip last-modified Mon, 28 Dec 2020 22:26:51 GMT server ECS (fcn/40B0) age 1879 vary Accept-Encoding x-cache HIT content-type application/javascript cache-control max-age=10800 accept-ranges bytes content-length 39122 expires Tue, 29 Dec 2020 01:58:10 GMT
GET H/1.1	200 OK	/ Show response djv99sxoqpv11.cloudfront.net/	205 KB 67 KB	228ms 196ms	Script text/plain	13.35.253.162 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 13.35.253.162 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-253-162.fra6.r.cloudfront.net Software / Resource Hash 68c9ed555fd832c7a193558606322edafb152bd6f3db642653119c0b37baa53f Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:10 GMT content-encoding gzip X-Amz-Cf-Pop FRA6-C1 X-Cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 68524 Via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) X-Amz-Cf-Id V-7E5z_8EOibzR8Wrydcu6zi-rwlQ8XgtSh0Sq8rTLZF-v8qlWGhzA==
GET H2	200	468X60.gif coinpayu.com/static/advertiser_banner/	148 KB 149 KB	40ms 19ms	Image image/gif	2606:4700:20::681a:c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://coinpayu.com/static/advertiser_banner/468X60.gif Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a87e2ab249f61d757d138136171b43155ea4ba2d89a5c6c3e4e58174f2e13ec Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:10 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1445126 cf-polished status=not_needed content-length 151259 cf-request-id 074d2bd9c20000074afb199000000001 last-modified Sat, 12 Dec 2020 10:50:40 GMT server cloudflare etag "5fd4a080-24edb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qCVmhz2m%2FqUBjA%2Fnw6pLSIUAXZEGL8J1v2g8hLfA%2Bp0WfzVz4g%2Ft6uEbFLgYNlp8X3qe5gN0UWkfppnHmWH6Z8zB5syjyZD%2FyIfw9g0W9rj3wcAWTvI%2BeDU%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif expires Mon, 11 Jan 2021 05:32:44 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 608ee26f981d074a-FRA cf-bgj imgq:100,h2pri
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	133 KB 46 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c221228ab25af041a5c8e218684dd4238acb17fc23b1a4a8c4864951550a3197 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:10 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 47107 x-xss-protection 0 server cafe etag 13290078405355148527 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 28 Dec 2020 22:58:10 GMT
GET H/1.1	200 OK	afu.php Show response stawhoph.com/	0 0	89ms 64ms	Script text/html	139.45.195.195 RETN-AS
General Check archive.org Show headers Download Go to Full URL http://stawhoph.com/afu.php?zoneid=3807985 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 139.45.195.195 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS
GET H/1.1	200 OK	16229 Show response duetgypsyantis.com/txrerrgoIMFbsRz8/	0 1 KB	99ms 59ms	Script text/html	172.255.6.128 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL http://duetgypsyantis.com/txrerrgoIMFbsRz8/16229 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 172.255.6.128 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx X-Frame-Options SAMEORIGIN Vary Accept-Encoding Access-Control-Allow-Methods * Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers * Keep-Alive timeout=20
GET H/1.1	200 OK	BidVertiser.dbm Show response bdv.bidvertiser.com/	10 KB 10 KB	328ms 302ms	Script text/javascript	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash 33d334f5ac59d373ce5e4c20a0d91fb2b002c19aa52789ff4d825505a8b02b01 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Expires -1 Cache-Control no-store Connection close Content-Length 10318 Content-Type text/javascript
GET H2	200	dataTables.bootstrap.min.css cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/	4 KB 1 KB	37ms 13ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/datatables/1.10.19/css/dataTables.bootstrap.min.css Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3db6982c169bf3afee084cf7762ba718c118be36a1dee0c5222203fa302d21fc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 241147 cross-origin-resource-policy cross-origin vary Accept-Encoding content-length 757 cf-request-id 074d2bd99f0000c2d6512c9000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:09:23 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e33-10c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aCH5Vhbq2EFVJ9qTVW0PYrpmnIWJkG%2BlzxItuBUt8vHofvokhaOCzG9uLsHPZpAfWH7vNxwRegAYh00vqA3KBMwcNH24AgxjCZGxCaxNOLLz7%2FbY3M2crb6H0h0mftuY2w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 608ee26f6833c2d6-FRA expires Sat, 18 Dec 2021 22:58:10 GMT
GET H/1.1	200 OK	carbon.js Show response cdn.carbonads.com/	15 KB 6 KB	205ms 173ms	Script application/javascript	23.111.10.140 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 23.111.10.140 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash f08c10337bc4dd1825785f3a460bc03f2fd076e16d691040b5f8106bf2f14864 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Last-Modified Tue, 27 Oct 2020 20:53:30 GMT Server NetDNA-cache/2.2 ETag W/"3d43-5b2ad3d436e46" Vary Accept-Encoding X-Cache MISS Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	monetization.js Show response m.servedby-buysellads.com/	61 KB 16 KB	54ms 19ms	Script application/javascript	108.161.189.78 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL http://m.servedby-buysellads.com/monetization.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash c36d0137fae67049d8ed418abfca53f793ad4532fbbbea0d0479e04ec94ca5c0 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Last-Modified Mon, 21 Sep 2020 16:42:42 GMT Server NetDNA-cache/2.2 x-amz-request-id 7394547EE5B774B4 ETag W/"9f6e8e31f2c6d5c51d33f86a6cdf4b3c" Transfer-Encoding chunked X-Cache HIT Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive x-amz-id-2 TkRQ2zK+/iGy0pzxfUc34oe7QGWCRVkDQIPrfGQNMX+Yy4kODX/gfRbIdAl1k353CC+f/b2aKmw= Expires Tue, 29 Dec 2020 22:58:10 GMT
GET H/1.1	200 OK	21435 Show response seaboblit.com/1clkn/	0 1 KB	86ms 57ms	Script application/javascript	172.255.6.120 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL http://seaboblit.com/1clkn/21435 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 172.255.6.120 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20
GET H2	200	tracking.js Show response cdn.adskeeper.co.uk/transit/ Redirect Chain http://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000 https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000	2 KB 1 KB	268ms 223ms	Script application/javascript	104.19.134.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73923dae78924cabf3cba334ddc4f7f30cadc6fd3f04348d9467bb912859de6f Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:10 GMT content-encoding br cf-cache-status REVALIDATED x-amz-request-id 26476E7C015EF407 cf-polished origSize=3494 last-modified Mon, 04 May 2020 12:18:45 GMT x-amz-id-2 bHdNRv1iEdjnymt/U2Hkto2sZvEAZi5QZl45tYy8Pdz21gHHDnpdEpG28CwuRuuyA+1y62fbY0M= cf-bgj minify server cloudflare etag W/"1c5cadbe93778de01d8453e269cb0be3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=14400 cf-request-id 074d2bd9f10000087b22a9d000000001 cf-ray 608ee26fe876087b-CDG expires Tue, 29 Dec 2020 02:58:10 GMT Redirect headers Date Mon, 28 Dec 2020 22:58:10 GMT Server cloudflare Vary Accept-Encoding Location https://cdn.adskeeper.co.uk/transit/tracking.js?t=1609056000 Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive CF-RAY 608ee26f7fa8ee89-CDG cf-request-id 074d2bd9aa0000ee89e03bc000000001 Expires Mon, 28 Dec 2020 23:58:10 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.12.4/	95 KB 34 KB	35ms 5ms	Script text/javascript	2a00:1450:4001:819::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 14:02:58 GMT content-encoding gzip x-content-type-options nosniff age 32112 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33951 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 28 Dec 2021 14:02:58 GMT
GET H/1.1	200 OK	1507210 ad.a-ads.com/ Frame 7561	0 0	87ms 66ms	Document text/html	148.251.13.139 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://ad.a-ads.com/1507210?size=728x90 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.139.13.251.148.clients.your-server.de Software nginx/1.14.0 (Ubuntu) / Phusion Passenger Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host ad.a-ads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Server nginx/1.14.0 (Ubuntu) Date Mon, 28 Dec 2020 22:58:10 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger X-Original-Referer http://daffodil-ruddy-run.glitch.me/ Content-Encoding gzip
GET H/1.1	200 OK	wrez Show response mellowads.com/js/	81 KB 32 KB	248ms 247ms	Script text/javascript	2606:4700::6810:8916 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://mellowads.com/js/wrez?v=7-Z7g9pOfLWtjFNznarl3-nuLA8KgfIdXapIuwScuTs1 Requested by Host: mellowads.com URL: http://mellowads.com/pop.js?ref=4E0983D3C420 Protocol HTTP/1.1 Server 2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26c36f3ecb4f05ca3b48dfca1efb4d2e96399034d6c678ced60b5c633dc966cd Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Mon, 28 Dec 2020 22:57:56 GMT Server cloudflare X-AspNet-Version 4.0.30319 Vary User-Agent Content-Type text/javascript; charset=utf-8 Cache-Control public Transfer-Encoding chunked Connection keep-alive CF-RAY 608ee270ee46d729-FRA cf-request-id 074d2bda8c0000d729bd0ff000000001 Expires Tue, 28 Dec 2021 22:57:56 GMT
GET H/1.1	404 Not Found	/ onegalact.com/	0 0	29ms 29ms	Script text/html	51.68.161.17 OVH
General Check archive.org Show headers Download Go to Full URL http://onegalact.com/ Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 51.68.161.17 , France, ASN16276 (OVH, FR), Reverse DNS ip17.ip-51-68-161.eu Software nginx / Resource Hash Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20
GET H2	403	choice.js quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/	0 0	153ms 136ms	Script text/html	2600:9000:214f:fe00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/daffodil-ruddy-run.glitch.me/choice.js Requested by Host: cdn.thisiswaldo.com URL: http://cdn.thisiswaldo.com/static/js/8636.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 28 Dec 2020 22:44:47 GMT via 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront) last-modified Thu, 21 May 2020 21:03:42 GMT server AmazonS3 age 1094 etag "d41d8cd98f00b204e9800998ecf8427e" x-cache Error from cloudfront content-type text/html cache-control public, max-age=7200 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 0 x-amz-cf-id P_aIpjer7M9GY9Ye3qo4nomQCwREgU6mMxCgyA8FCO-2Hc6PG7STbA==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Redirect Chain http://securepubads.g.doubleclick.net/tag/js/gpt.js https://securepubads.g.doubleclick.net/tag/js/gpt.js	54 KB 19 KB	102ms 38ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software sffe / Resource Hash 08a48c399f0d56eb9910ba9cff3e5cb6b5fb2ce8a1e28d98394892bdd4572f17 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "738 / 465 of 1000 / last-modified: 1608034737" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18850 x-xss-protection 0 expires Mon, 28 Dec 2020 22:58:12 GMT Redirect headers Date Mon, 28 Dec 2020 22:29:17 GMT X-Content-Type-Options nosniff Server sffe Age 1733 Content-Type text/html; charset=UTF-8 Location https://securepubads.g.doubleclick.net/tag/js/gpt.js Cache-Control public, max-age=1800 Content-Length 249 X-XSS-Protection 0 Expires Mon, 28 Dec 2020 22:59:17 GMT
GET H/1.1	200 OK	me Show response ipfind.co/	363 B 587 B	377ms 352ms	XHR application/json	50.18.199.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1 Requested by Host: cdn.thisiswaldo.com URL: http://cdn.thisiswaldo.com/static/js/8636.js Protocol HTTP/1.1 Server 50.18.199.66 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-50-18-199-66.us-west-1.compute.amazonaws.com Software Apache/2.4.18 (Ubuntu) / Resource Hash 5a8611ced38ca8320d31db3798dbbf877974eec241418706b1bbabadcd46fe98 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:11 GMT Content-Encoding gzip Server Apache/2.4.18 (Ubuntu) Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Cache-Control no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 235
GET H/1.1	200 OK	pop.js Show response c1.popads.net/	31 KB 10 KB	68ms 31ms	Script application/javascript	2a02:6ea0:c700::1 CDN77
General Check archive.org Show headers Download Go to Full URL http://c1.popads.net/pop.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 2a02:6ea0:c700::1 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash d44180bbf5a59ae325815feb275e39e1d34e18eb710ea54f5ec4e96ba60488a9 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip X-77-NZT-Ray 9L+1lg28ZKI= X-Edge-POP frankfurtDE Transfer-Encoding chunked X-Cache HIT Connection keep-alive alt-svc quic="195.181.175.44:443"; ma=2592000; v="44,43,39" X-77-NZT AcO1rywT1iPvcxgAAA== Last-Modified Sun, 22 Nov 2020 20:51:03 GMT Server CDN77-Turbo ETag W/"5fbacf37-7a55" Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * X-Edge-IP 195.181.175.44 X-Age 6259 Expires Tue, 29 Dec 2020 01:13:51 GMT
GET H/1.1	200 OK	zone Show response kumteerg.com/	716 B 1 KB	46ms 46ms	Fetch application/json	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3= Requested by Host: kumteerg.com URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b58ffbb4f7775ac57aa736e8570486663d0bea6b86b159c739fded90dad7258d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Trace-Id b03ace393825844e2b83d8dcf7f8dd60 Date Mon, 28 Dec 2020 22:58:10 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 716
GET H/1.1	200 OK	universal.min.js Show response kumteerg.com/pfe/current/	188 KB 54 KB	115ms 52ms	Fetch application/javascript	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/pfe/current/universal.min.js?v=3.1.281 Requested by Host: kumteerg.com URL: https://kumteerg.com/pfe/current/tag.min.js?z=3808000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Last-Modified Thu, 10 Dec 2020 13:35:40 GMT Server nginx ETag W/"5fd2242c-2ef30" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	zone Show response choupsee.com/	716 B 1 KB	42ms 41ms	Fetch application/json	139.45.196.200 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choupsee.com/zone?pub=0&zone_id=3808000&is_mobile=false&domain=daffodil-ruddy-run.glitch.me&var=&ymid=&var_3= Requested by Host: choupsee.com URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash b58ffbb4f7775ac57aa736e8570486663d0bea6b86b159c739fded90dad7258d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers X-Trace-Id 7929b0dcea4d6cef190e05cdc2b3805a Date Mon, 28 Dec 2020 22:58:10 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 716
GET H/1.1	200 OK	universal.min.js Show response choupsee.com/pfe/current/	188 KB 54 KB	119ms 53ms	Fetch application/javascript	139.45.196.200 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://choupsee.com/pfe/current/universal.min.js?v=3.1.281 Requested by Host: choupsee.com URL: https://choupsee.com/pfe/current/tag.min.js?z=3808000 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.200 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Last-Modified Thu, 10 Dec 2020 13:35:40 GMT Server nginx ETag W/"5fd2242c-2ef30" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	ads-priv.php Show response syndication.exosrv.com/	0 314 B	64ms 45ms	Script text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://syndication.exosrv.com/ads-priv.php?i=0 Requested by Host: a.exosrv.com URL: https://a.exosrv.com/popunder1000.js Protocol HTTP/1.1 Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:10 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	204	utx Show response ssionsupre.fun/	0 421 B	179ms 118ms	XHR text/plain	99.86.3.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssionsupre.fun/utx?cb=zI1fXIPtdTul&top=daffodil-ruddy-run.glitch.me&tid=737329 Requested by Host: djv99sxoqpv11.cloudfront.net URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.3.85 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-85.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 28 Dec 2020 22:58:12 GMT via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) server openresty/1.17.8.2 x-amz-cf-pop FRA6-C1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://daffodil-ruddy-run.glitch.me cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id -IastRgx72he4cc1bvTYjwF4GQPaP9QHNz2_Cu7yLYhJd7_Yva1c8g==
GET H/1.1	200 OK	ATcUUT0dPyQTHxpIFyElH0AMMgIIHTktanw7ByUjIh0QUCoZAzMRAh8dAS02LVxxIgsLDnopBzkbFTM4a0sBKh0cHRMwd3kqND0XFBcRAQoZNykHKAAvDg4gfj4vFyYBSnoAKyArKwUoKhgJMBZ8KjQ+Jx4TMCoKGTcpKh1+KxpWAicqND4nFxQsHA0ZVBYpLX4aE... ssionsupre.fun/T055Q2QuLBouWy5zG2URPSJEZlYJa0sFACU4QHoXNyEIMxJ+f1cgCCA7HSUWICANbQoqOlxxIggsExE2Gn8WDTM1dkgZNj8qNxRROxYoDQ0WGTcKPCYHQQ0mewQ4Ogc2HkokLR8pHgIyNR8sJSY/ Frame 16DA	0 0	149ms 130ms	Document text/html	99.86.3.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ssionsupre.fun/T055Q2QuLBouWy5zG2URPSJEZlYJa0sFACU4QHoXNyEIMxJ+f1cgCCA7HSUWICANbQoqOlxxIggsExE2Gn8WDTM1dkgZNj8qNxRROxYoDQ0WGTcKPCYHQQ0mewQ4Ogc2HkokLR8pHgIyNR8sJSY/ATcUUT0dPyQTHxpIFyElH0AMMgIIHTktanw7ByUjIh0QUCoZAzMRAh8dAS02LVxxIgsLDnopBzkbFTM4a0sBKh0cHRMwd3kqND0XFBcRAQoZNykHKAAvDg4gfj4vFyYBSnoAKyArKwUoKhgJMBZ8KjQ+Jx4TMCoKGTcpKh1+KxpWAicqND4nFxQsHA0ZVBYpLX4aET19A04LDx53NypUAxgTLFIDJQoEIn0UCRQ2PycjG10sDDEoUAImCRk0FxQWDzYJJCA5PQcWAxFWLghMFyoLDwECNn5+IBQLARY6DlwBOQoRPTcYEBs2PyYfFFEpDD4JXS0IQRE9fQMJB1UGOTAXKgMMEScJLhgSIj0iGEEEEyMiNzkMFQo9AQMWfw4LPSUEChQlfj4jF10pCj0WHC4iSQsqGDoJGyUafRgkQiU9Fi0UchwNKzUDFxQRCiwrPg Requested by Host: djv99sxoqpv11.cloudfront.net URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol HTTP/1.1 Server 99.86.3.85 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-85.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers Host ssionsupre.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Content-Type text/html Content-Length 1265 Connection keep-alive Date Mon, 28 Dec 2020 22:58:12 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA6-C1 X-Amz-Cf-Id xysBRBunCxFLkv72XpRZhYlH7N6MYtG_EMe5Id1nmR8rnWXGn-TpTg==
GET H/1.1	200 OK	VldScHk3NTEdRjdqMFYMJDtvVUsQcmA2HTwha0kKLjgjAA9nZnwTFTkiNhYLOTkmXhczI3dCPzAzBTo3AgALJz0FGiAnKBMbGSg7BAU+JlxkFTQcIwIUFkQQFRYEFjcSYgo5PxdhEwcWNxU1NUEVAR8nNy87MCI8Bz8eMR4FD2ADFhUVCBYfESQaNSgUIDclOBcWY... ssionsupre.fun/ Frame 9802	0 0	149ms 131ms	Document text/html	99.86.3.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://ssionsupre.fun/VldScHk3NTEdRjdqMFYMJDtvVUsQcmA2HTwha0kKLjgjAA9nZnwTFTkiNhYLOTkmXhczI3dCPzAzBTo3AgALJz0FGiAnKBMbGSg7BAU+JlxkFTQcIwIUFkQQFRYEFjcSYgo5PxdhEwcWNxU1NUEVAR8nNy87MCI8Bz8eMR4FD2ADFhUVCBYfESQaNSgUIDclOBcWYTEeFQZqPDAFEholPxcbNzUREAVhSUACPzU0NT8GGzEoZnJgMjMDGRU5Pj5yYDYvPiAfPyoxHAc2O28eExMuBGRrSToHDRoWSmYyBzY7bzEUKQgDZDkjLGcvGhZKZh8QIjA+HBA1KBcUfykSEzsQITplPwQhEi5yYDIcZhkaJRQDOhYXPAYeBRgsGDw2VUsQMQMfGhUEOh8vEwIUOzpiGRUbDTkxYykuFT1qGTouFRoWDiIyABsBbw5jOjwDOWcaLBMFGhZKZgEUMSglByVJKAMWJkQvAx0fFhciFhM2QGMcAyI6AT4qVUsUD2IUKzA+KiEoZyNjFQ4YEgUZEiABOSorHQ8EJitnGiAUOHA9IR8XJmorA0gDZSU+FTkzHgEW Requested by Host: djv99sxoqpv11.cloudfront.net URL: http://djv99sxoqpv11.cloudfront.net/?xsvjd=737329 Protocol HTTP/1.1 Server 99.86.3.85 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-3-85.fra6.r.cloudfront.net Software openresty/1.17.8.2 / Resource Hash Request headers Host ssionsupre.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Content-Type text/html Content-Length 1247 Connection keep-alive Date Mon, 28 Dec 2020 22:58:12 GMT Server openresty/1.17.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA6-C1 X-Amz-Cf-Id WPRNo5griC95zsAJsAT0sixOw5iM8WzrPV8997LbvUAgkUP8sBEDkA==
GET H2	200	link-converter.min.js Show response cdn.shorte.st/ Redirect Chain http://cdn.shorte.st/link-converter.min.js https://cdn.shorte.st/link-converter.min.js	116 KB 43 KB	41ms 21ms	Script application/javascript	2606:4700:20::681a:56b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shorte.st/link-converter.min.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c92dc3721fd5a9d9137735cc5a4196b1694221e190d201d0eb13d1ebbfea4c37 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1359 cf-request-id 074d2be03a00002bd2e0af7000000001 x-ua-compatible IE=Edge last-modified Thu, 09 Aug 2018 13:48:43 GMT server cloudflare etag W/"5b6c463b-1d196" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZKAhPf5fjYbn35WxBI1%2FPHyr1d31Eh0G9Cz6nCrjJL8tyS%2FqJsaMGXR6OvTIduqOybO6xlI4oJ3JFY7ZJwHYe%2FZeVEEBCvTzQrz86OkdwGwSigVa21t8C86A"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-server-id shn07 cache-control max-age=14400 cf-ray 608ee279f8002bd2-FRA expires Mon, 28 Dec 2020 23:35:33 GMT Redirect headers Date Mon, 28 Dec 2020 22:58:12 GMT CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare Age 388 Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c93KMNqMwgbUl5x3iDuymf5WniJ0JM2tDbjfxoOeLSm6BnCcn7VIQZyrW9sCHPgq64yce2FjXCQe10%2FtJ24wM9ifZ%2Fu3Hh8s34qAMuCwPandqkEsa3LZ0fJH"}],"group":"cf-nel","max_age":604800} Location https://cdn.shorte.st/link-converter.min.js Cache-Control max-age=14400 Connection keep-alive CF-RAY 608ee2797da505d8-FRA Content-Length 0 cf-request-id 074d2bdfea000005d804bf3000000001
GET H/1.1	200 OK	1507210 ad.a-ads.com/ Frame 3489	0 0	46ms 45ms	Document text/html	148.251.13.139 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://ad.a-ads.com/1507210?size=728x90&background_color=00ff47&title_color=571111 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 148.251.13.139 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.139.13.251.148.clients.your-server.de Software nginx/1.14.0 (Ubuntu) / Phusion Passenger Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host ad.a-ads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Server nginx/1.14.0 (Ubuntu) Date Mon, 28 Dec 2020 22:58:12 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Accept-Encoding Status 200 OK X-XSS-Protection 1; mode=block X-Content-Type-Options nosniff X-Powered-By Phusion Passenger X-Original-Referer http://daffodil-ruddy-run.glitch.me/ Content-Encoding gzip
GET H/1.1	200 OK	cm ws-na.assoc-amazon.com/widgets/ Frame 8208 Redirect Chain http://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 https://rcm-na.amazon-adsystem.com/e/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20	0 0	3715ms 108ms	Document text/html	52.46.131.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.131.85 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash Request headers Host ws-na.assoc-amazon.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Date Mon, 28 Dec 2020 22:58:16 GMT Server Server Cache-Control must-revalidate Pragma no-cache Expires -1 p3p policyref="http://www.amazon.com/w3c/p3p.xml",CP="CAO DSP LAW CUR ADM IVAo IVDo CONo OTPo OUR DELi PUBi OTRi BUS PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA HEA PRE LOC GOV OTC " charset UTF-8 Access-Control-Allow-Origin * Vary User-Agent Connection close Transfer-Encoding chunked Content-Type text/html;charset=UTF-8 Redirect headers Server Server Date Mon, 28 Dec 2020 22:58:12 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 360 Connection keep-alive x-amz-rid J80Q7SBR1P2E62EBJZGY Location https://ws-na.assoc-amazon.com/widgets/cm?o=1&p=13&l=ez&f=ifr&linkID=1ee7ccc90e0b45c5ec25131a4504713f&t=pastalord-20&tracking_id=jfwurieureguyrurugur-20 Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
GET H2	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/	234 KB 88 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 89527 x-xss-protection 0 server cafe etag 1810063338415286733 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 28 Dec 2020 22:58:12 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 813D	0 0	6ms 6ms	Document text/html	2a00:1450:4001:81a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20201203/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://daffodil-ruddy-run.glitch.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 28 Dec 2020 10:01:15 GMT expires Mon, 11 Jan 2021 10:01:15 GMT content-type text/html; charset=UTF-8 etag 10723747146953794269 x-content-type-options nosniff content-encoding gzip server cafe content-length 4923 x-xss-protection 0 age 46617 cache-control public, max-age=1209600 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	bidvertiser.dbm Show response bdv.bidvertiser.com/	0 328 B	344ms 319ms	Script text/javascript	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://bdv.bidvertiser.com/bidvertiser.dbm?pid=512795&bid=1277387&RD=9174558763273009&DIF=2 Requested by Host: bdv.bidvertiser.com URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387 Protocol HTTP/1.1 Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Len 0 Date Monday, 28-Dec-2020 22:58:12 GMT Cache-Control no-store Last-Modified Sunday, 29-Dec-2019 22:58:12 GMT CONNECTION Close P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Content-Type text/javascript; charset=utf-8
GET H/1.1	200 OK	Cookie set BidVertiser.dbm bdv.bidvertiser.com/ Frame 4292	0 0	328ms 308ms	Document text/html	54.241.51.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387&RD=82562364796725&DIF=1&bd_ref_v=daffodil-ruddy-run.glitch.me&tref=1&win_name=null&docref=&jsrand=82562364796725&js1loc=-&loctitle=%20Trying%20to%20reach%20the%20most Requested by Host: bdv.bidvertiser.com URL: http://bdv.bidvertiser.com/BidVertiser.dbm?pid=512795&bid=1277387 Protocol HTTP/1.1 Server 54.241.51.109 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-241-51-109.us-west-1.compute.amazonaws.com Software / Resource Hash Request headers Host bdv.bidvertiser.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Date Monday, 28-Dec-2020 22:58:12 GMT Cache-Control no-store Last-Modified Sunday, 29-Dec-2019 22:58:12 GMT Set-Cookie bdv_c12p=235; domain=.bidvertiser.com; path=/; expires=Tue, 29-Dec-2020 22:58:12 GMT bdv_c12p=1_1_1; domain=.bidvertiser.com; path=/; expires=Tue, 29-Dec-2020 22:58:12 GMT P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Content-Type text/html; charset=utf-8 Content-Len 5919 CONNECTION Close
GET H/1.1	200 OK	CKYD553E.json Show response srv.buysellads.com/ads/	642 B 731 B	61ms 38ms	XHR application/json	134.209.16.110 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://srv.buysellads.com/ads/CKYD553E.json?segment=placement:eefiojre9hugu9rgtrtfrg Requested by Host: m.servedby-buysellads.com URL: http://m.servedby-buysellads.com/monetization.js Protocol HTTP/1.1 Server 134.209.16.110 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS srv-eu-ldn-13.buysellads.com Software //srv.buysellads.com / Resource Hash 3c039cc6de8bd1d72651d21ebbebee7da0442d443125dcddc1cda263a96c43bd Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Server //srv.buysellads.com Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection close Content-Length 479
GET H2	200	adskeeper.uk.16162.js Show response jsc.adskeeper.co.uk/a/d/ Redirect Chain http://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120111235812 https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120111235812	201 KB 55 KB	41ms 41ms	Script text/javascript	104.19.134.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120111235812 Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01d9deb1bc26da637bc451fa4af1174da9cf99dd33cb6529e1232d1ed4d87532 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding br cf-cache-status HIT age 4575 cf-polished origSize=205752 last-modified Thu, 10 Dec 2020 12:15:05 GMT x-amz-request-id AB3232CC8CEE8896 x-amz-id-2 WJ5AwrJqv1Ta3daHSIPc5I31CCCnucHzDapTd4oA4fWj4epU0EgtQZHVcTku/DzbbYnw7ynfs6I= cf-bgj minify server cloudflare etag W/"2b75edd098a9c576d71b01ee14cc45d2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control public, max-age=14400 cf-request-id 074d2be0620000087bd83ce000000001 cf-ray 608ee27a3916087b-CDG expires Tue, 29 Dec 2020 02:58:12 GMT Redirect headers Date Mon, 28 Dec 2020 22:58:12 GMT Server cloudflare Vary Accept-Encoding Location https://jsc.adskeeper.co.uk/a/d/adskeeper.uk.16162.js?t=120111235812 Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive CF-RAY 608ee279eae308a3-CDG cf-request-id 074d2be02c000008a309046000000001 Expires Mon, 28 Dec 2020 23:58:12 GMT
GET H/1.1	200 OK	sync.html s.adtelligent.com/ Frame E35C	0 0	81ms 25ms	Document text/html	2a0c:5c81:5095:0:225:90ff:fefa:245d 24SHELLS
General Check archive.org Show headers Download Go to Full URL https://s.adtelligent.com/sync.html?aid=555831 Requested by Host: cdn.thisiswaldo.com URL: http://cdn.thisiswaldo.com/static/js/8636.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a0c:5c81:5095:0:225:90ff:fefa:245d , United Kingdom, ASN55081 (24SHELLS, US), Reverse DNS Software VertaMedia 1.0 / Resource Hash Request headers Host s.adtelligent.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Server VertaMedia 1.0 Date Mon, 28 Dec 2020 22:58:12 GMT Content-Type text/html; charset=UTF-8 Content-Length 655 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Connection Keep-Alive Content-Encoding gzip
GET H/1.1	200 OK	CKYICKQI.json Show response srv.carbonads.net/ads/	1 KB 969 B	100ms 36ms	Script application/javascript	178.128.255.150 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://srv.carbonads.net/ads/CKYICKQI.json?segment=placement:dsawrewreafera&callback=_carbonads_go Requested by Host: cdn.carbonads.com URL: http://cdn.carbonads.com/carbon.js?zoneid=1673&serve=C6AILKT&placement=dsawrewreafera Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 178.128.255.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS srv-eu-nl-11.buysellads.com Software //srv.buysellads.com / Resource Hash 1be1af849150904c14d409e6b60d6dd3404e575308cb23d254e99d10dc92595d Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Server //srv.buysellads.com Content-Length 730 Vary Accept-Encoding Content-Type application/javascript; charset=utf-8
GET H3-Q050	200	pubads_impl_2020120801.js Show response securepubads.g.doubleclick.net/gpt/	274 KB 97 KB	87ms 51ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js Requested by Host: securepubads.g.doubleclick.net URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software sffe / Resource Hash 5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 08 Dec 2020 09:42:29 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 98829 x-xss-protection 0 expires Mon, 28 Dec 2020 22:58:12 GMT
GET H2	530	/ ssp.zryydi.com/bid/	0 0	90ms 43ms	Script text/html	104.28.10.139 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ssp.zryydi.com/bid/?tag_id=90&sub_id=0dcd3da5ac03016ecbc321ca7f9149a3&url=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&mode=jsonfeed&callback=shortest.popUnder.onSSPPopUnderBidRetrieved&ts=1609196292227 Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.28.10.139 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers
GET H2	200	sh-overlay.css cdn.shorte.st/css/	3 KB 1 KB	19ms 18ms	Stylesheet text/css	2606:4700:20::681a:56b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.shorte.st/css/sh-overlay.css Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:56b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32eb600eb834cf0b4d20fcf99ff295ec91257bcdb7c6100245a7d09dde9a8471 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1278 cf-request-id 074d2be08800002bd2e8b59000000001 x-ua-compatible IE=Edge last-modified Thu, 09 Aug 2018 13:48:42 GMT server cloudflare etag W/"5b6c463a-dd7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FJQVm47PouUfyHehBHtxrzVMmp06IYC2FyW9Owu7M2Gt1uR3ugZ3k6H8XQSz%2FNEDl0UHjxH7S2KBuyfYe9bNjKCxRr6DhI4nhbnetNVsxlwJ2XOtBjZGl85G"}],"group":"cf-nel","max_age":604800} content-type text/css x-server-id shn01 cache-control max-age=14400 cf-ray 608ee27a78fa2bd2-FRA expires Mon, 28 Dec 2020 23:36:54 GMT
POST H/1.1	200 OK	0dcd3da5ac03016ecbc321ca7f9149a3 Show response api.shorte.st/start-adsession/	74 B 844 B	252ms 103ms	XHR application/json	78.140.188.189 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3 Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / PHP/5.6.40-0+deb8u12 Resource Hash 83c97a724168dd2cf416db587c309508cb330ef89d94ef46920bb6bbe4b52542 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Server nginx X-Powered-By PHP/5.6.40-0+deb8u12 Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me X-Server-ID shn10 Cache-Control no-cache Access-Control-Allow-Credentials true X-UA-Compatible IE=Edge
OPTIONS H/1.1	200 OK	0dcd3da5ac03016ecbc321ca7f9149a3 api.shorte.st/start-adsession/ Frame	0 0	322ms 68ms	Other application/json	78.140.188.189 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://api.shorte.st/start-adsession/0dcd3da5ac03016ecbc321ca7f9149a3 Protocol HTTP/1.1 Server 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / PHP/5.6.40-0+deb8u12 Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://daffodil-ruddy-run.glitch.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Content-Type application/json Transfer-Encoding chunked X-Powered-By PHP/5.6.40-0+deb8u12 Access-Control-Allow-Headers origin, content-type, accept Access-Control-Allow-Methods POST Access-Control-Allow-Credentials true Cache-Control no-cache Date Mon, 28 Dec 2020 22:58:12 GMT Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me X-Server-ID shn03 X-UA-Compatible IE=Edge
OPTIONS H/1.1	200 OK	custom kumteerg.com/ Frame	0 0	30ms 30ms	Other text/plain	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/custom Protocol HTTP/1.1 Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://daffodil-ruddy-run.glitch.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Mon, 28 Dec 2020 22:58:12 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
POST H/1.1	200 OK	custom Show response kumteerg.com/	39 B 502 B	35ms 34ms	Fetch application/json	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/custom Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers X-Trace-Id f4b22b90920d37887f448cb9b279a8b9 Date Mon, 28 Dec 2020 22:58:12 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H/1.1	200 OK	gid.js Show response my.rtmark.net/	65 B 785 B	135ms 32ms	Fetch application/json	139.45.196.25 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=719ae5bdd0a94b53aa8188949f5a37e2&zoneId=3808000&checkDuplicate=true&ymid=&var= Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.196.25 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3277d3327dee6a1fac5a1cce15f441716b95a03d26aace4e14990e89f3e2bb69 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Expose-Headers Authorization Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, * Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token Content-Length 65
GET H2	200	/ Show response c.adsco.re/	35 KB 13 KB	37ms 16ms	Script text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.adsco.re/ Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49e75ac6522ca3ddb0051225e0849486722f56d1579ad94b2e35b5acfc6fb98d Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 7416 etag W/"bRbpgEi18PQR3XFfsiMQvg==" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html cache-control max-age=43200,public,immutable,no-transform cf-ray 608ee27adb793240-FRA link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch cf-request-id 074d2be0ca000032404531c000000001 expires Tue, 29 Dec 2020 08:54:36 GMT
GET H2	200	1542656925-explore-themes-1.jpg cdn4.buysellads.net/uu/1/23814/	39 KB 40 KB	99ms 23ms	Image image/jpeg	94.31.29.32 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/uu/1/23814/1542656925-explore-themes-1.jpg Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.32 , United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.32.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash eef5dc8f5b1eed5388f0d058f00aa43853ebe2b460b66167ece7632e5e810fed Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT last-modified Mon, 19 Nov 2018 19:48:46 GMT server NetDNA-cache/2.2 x-amz-request-id 6705F7B571C0DA64 etag "96bad07debb02ff0860b5fad132b52d6" x-cache HIT content-type image/jpeg cache-control max-age=31104000 accept-ranges bytes content-length 40178 x-amz-id-2 S/RQGLFdVrwzKiPG0uylvwnAdGsFu3tlRbIOpDDk/lhXpRB8UH5Ni9NrV4TW8GGwFMzGbdpn+pQ= expires Thu, 23 Dec 2021 22:58:12 GMT
GET H/1.1	200 OK	p adsco.re/	0 323 B	116ms 27ms	Other text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://adsco.re/p Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Max-Age 2592000 Cache-Control no-transform Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H2	200	/ 6.adsco.re/	0 259 B	35ms 29ms	Other text/plain	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.adsco.re/ Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding br server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/plain;charset=UTF-8 access-control-allow-origin * access-control-max-age 2592000 cache-control no-store, max-age=0 cf-ray 608ee27b0bc73240-FRA access-control-allow-headers Content-Type cf-request-id 074d2be0e200003240018f6000000001
POST H/1.1	200 OK	p Show response adsco.re/	0 429 B	62ms 26ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Content-Type text/html; charset=UTF-8 AS-P-4 OK Transfer-Encoding chunked AS-P-1 OK Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Max-Age 2592000 Cache-Control no-transform Access-Control-Allow-Credentials true Connection keep-alive AS-E ND AS-P-2 OK AS-P-3 OK
GET H/1.1	200 OK	/ Show response 6.adsco.re/	53 B 601 B	77ms 42ms	XHR text/plain	2606:4700::6811:a6ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://6.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 131a638276d530de6eeac45664891bd4eb4721381b348168011eb86e38f8eff3 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Server cloudflare Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD, OPTIONS Content-Type text/plain;charset=UTF-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Max-Age 2592000 Cache-Control no-store, max-age=0 Transfer-Encoding chunked Connection keep-alive CF-RAY 608ee27b3bc816e6-FRA Access-Control-Allow-Headers Content-Type cf-request-id 074d2be105000016e69a9bb000000001
GET H/1.1	200 OK	/ Show response ervfcd5lqzhx.l.adsco.re/	0 464 B	111ms 26ms	XHR text/html	185.200.118.90 M247
General Check archive.org Show headers Download Go to Full URL https://ervfcd5lqzhx.l.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB), Reverse DNS adscore.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Last-Modified Tue, 31 Jul 2018 22:16:15 GMT ETag "5b60dfaf-0" Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Access-Control-Expose-Headers Content-Length,Content-Range Connection close Accept-Ranges bytes Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET		/ ervfcd5lqzhx.n.adsco.re/	0 0
GET		/ ervfcd5lqzhx.s.adsco.re/	0 0
GET H/1.1	200 OK	/ c.adsco.re/ Frame 9EE4	0 0	47ms 12ms	Document text/html	2606:4700::6811:a7ba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://c.adsco.re/ Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host c.adsco.re Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://daffodil-ruddy-run.glitch.me/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://daffodil-ruddy-run.glitch.me/ Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=43200,public,immutable,no-transform Link <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch Expires Tue, 29 Dec 2020 08:54:38 GMT ETag W/"bRbpgEi18PQR3XFfsiMQvg==" Content-Encoding gzip CF-Cache-Status HIT Age 7414 cf-request-id 074d2be10c0000dfa93da61000000001 Vary Accept-Encoding Server cloudflare CF-RAY 608ee27b49e9dfa9-FRA
GET H2	200	display.php Show response www.tradeadexchange.com/a/	6 KB 2 KB	180ms 133ms	Script application/javascript	35.190.74.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0 Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software openresty / Resource Hash 897790beba5b84cdc4b5ff8b699bf7ac4381bb54ca200a148f6f24d8587cbe99 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers access-control-allow-origin * date Mon, 28 Dec 2020 22:58:12 GMT content-encoding gzip server openresty alt-svc clear via 1.1 google content-type application/javascript; charset=utf-8
GET H/1.1	200 OK	defaultSkin.min.js Show response kumteerg.com/pfe/current/	56 KB 19 KB	35ms 35ms	Fetch application/javascript	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/pfe/current/defaultSkin.min.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Last-Modified Thu, 10 Dec 2020 13:35:40 GMT Server nginx ETag W/"5fd2242c-de6b" Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
POST H/1.1	200 OK	p Show response adsco.re/	362 B 866 B	43ms 42ms	XHR text/html	162.252.214.5 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://adsco.re/p Requested by Host: c.adsco.re URL: https://c.adsco.re/ Protocol HTTP/1.1 Server 162.252.214.5 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash 13621683ee85adb287e0c7fde9a7bf0ef86565a0dfad27f4a6451253937096bd Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers AS-P-G OK Date Mon, 28 Dec 2020 22:58:12 GMT AS-P-7 OK AS-P-9 OK AS-P-C OK Transfer-Encoding chunked AS-P-5 OK AS-P-F OK Connection keep-alive Content-Encoding gzip AS-P-2 OK AS-P-D OK AS-P-6 OK AS-P-B OK AS-P-H OK AS-P-4 OK AS-P-A OK Access-Control-Max-Age 2592000 AS-P-1 OK Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Cache-Control no-transform Access-Control-Allow-Credentials true AS-P-8 OK Content-Type text/html; charset=UTF-8 AS-P-E OK AS-P-3 OK
GET DATA	200 OK	truncated / Frame EAA5	255 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
POST H/1.1	200 OK	custom Show response kumteerg.com/	39 B 502 B	38ms 37ms	Fetch application/json	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/custom Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers X-Trace-Id a1b606412dedf575d7895b094566aeb8 Date Mon, 28 Dec 2020 22:58:12 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
OPTIONS H/1.1	200 OK	custom kumteerg.com/ Frame	0 0	50ms 49ms	Other text/plain	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/custom Protocol HTTP/1.1 Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://daffodil-ruddy-run.glitch.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Mon, 28 Dec 2020 22:58:12 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
GET H2	200	display.php Show response www.tradeadexchange.com/ad/	62 KB 13 KB	225ms 225ms	Script application/javascript	35.190.74.92 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.tradeadexchange.com/ad/display.php?stamat=m%7CEqdjY3djaQdHkAH0dEdHP3xP.b10%2C2t5FkDDYpjxJXsMWHSh7wBG6VAx_Q9TxSSvYJWOcEw4dSpf7D6GmDmyZSIE8TU3Rf5JfCV5UIoLDL7XypVKwg-FjfCltSEkn7hJbpfh2SXkWpx7cxTFor-Pw5rOWUi3bakgeDt_H4Ls0EESx1DddAQ%2C%2C&cbrandom=0.8733033746492036&cbtitle=Trying%20to%20reach%20the%20most%20ads%20since%202020&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= Requested by Host: www.tradeadexchange.com URL: https://www.tradeadexchange.com/a/display.php?r=999708&sub1=0dcd3da5ac03016ecbc321ca7f9149a3&sub2=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.74.92 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS Software openresty / Resource Hash 0d69e307d549d077199bcb7809812677bc4a8ba96994d313705c980afbd7fdbc Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 28 Dec 2020 22:58:12 GMT content-encoding gzip alt-svc clear server openresty content-type application/javascript; charset=utf-8 access-control-allow-origin * link <www.vpnprime.net>; rel=dns-prefetch,<www.vpnprime.net>; rel=preconnect,<www.tradeadexchange.com>; rel=dns-prefetch,<www.tradeadexchange.com>; rel=preconnect via 1.1 google
GET H/1.1	200 OK	c Show response serve.popads.net/	0 272 B	157ms 138ms	Script application/javascript	216.21.13.11 TUT-AS
General Check archive.org Show headers Download Go to Full URL http://serve.popads.net/c?_=BAoAX-pjBAFf6mMEgAGBAsAAINzYi2_BqxI8kZGL3fb8kD6bk5IEa0J3uENa_MQEurzywQBGMEQCIDotQT1ALs2gG5WF2ZrxlsaLRXvr5hblZsJ9TM_bbco7AiBqSgPK-bYfGlylUKurqhlJjuIoTy5F_72Rciu4Bf9PKMIAIAv-ROYlw6bu8lSX-ucoBD5QfgSkzAxA-kIsgMXoWGWYxAAQKgEE-AEhExoAAAAAAAAAAsUAEN-6AoLhv2MTshZM5SdTWIrDAEcwRQIgflILz9N_SruYMaQMBzGIgU7-T-EBPCXxj912JFEpbkECIQDTCsMMortd2UMMOPZoKlmYfrZjrEHbUytuxmJKeuMgYQ&v=4&siteId=1&minBid=&popundersPerIP=67,0&blockedCountries=&documentRef=&s=1600,1200,1,1600,1200,0 Requested by Host: c1.popads.net URL: http://c1.popads.net/pop.js Protocol HTTP/1.1 Server 216.21.13.11 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 28 Dec 2020 22:58:12 GMT ASF 9 Access-Control-Allow-Origin * Content-Type application/javascript PopAds-EC ASB Cache-Control public, max-age=604800 Connection Keep-Alive Content-Length 0 Expires Mon, 04 Jan 2021 22:58:12 GMT
OPTIONS H/1.1	200 OK	6d5633477c6608022b6d35d6f4831059d4aeac0e api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/ Frame	0 0	68ms 67ms	Other application/json	78.140.188.189 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/6d5633477c6608022b6d35d6f4831059d4aeac0e Protocol HTTP/1.1 Server 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / PHP/5.6.40-0+deb8u12 Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin http://daffodil-ruddy-run.glitch.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Content-Type application/json Transfer-Encoding chunked X-Powered-By PHP/5.6.40-0+deb8u12 Access-Control-Allow-Headers origin, content-type, accept Access-Control-Allow-Methods GET Access-Control-Allow-Credentials true Cache-Control no-cache Date Mon, 28 Dec 2020 22:58:12 GMT Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me X-Server-ID shn11 X-UA-Compatible IE=Edge
GET H2	200	analytics.js Show response www.google-analytics.com/ Redirect Chain http://www.google-analytics.com/analytics.js https://www.google-analytics.com/analytics.js	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 4058 date Mon, 28 Dec 2020 21:50:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Mon, 28 Dec 2020 23:50:34 GMT Redirect headers Location https://www.google-analytics.com/analytics.js Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	6d5633477c6608022b6d35d6f4831059d4aeac0e Show response api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/	456 B 1 KB	86ms 85ms	XHR text/html	78.140.188.189 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://api.shorte.st/get-ad/0dcd3da5ac03016ecbc321ca7f9149a3/6d5633477c6608022b6d35d6f4831059d4aeac0e Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / PHP/5.6.40-0+deb8u12 Resource Hash e6d9a1783dec7ecdce639990f33c49e61843bae9627cfc7dc57b03ca98eca4b1 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/html Response headers Date Mon, 28 Dec 2020 22:58:12 GMT Content-Encoding gzip Server nginx X-Powered-By PHP/5.6.40-0+deb8u12 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me X-Server-ID shn12 Cache-Control no-cache Transfer-Encoding chunked Access-Control-Allow-Headers Content-Type X-UA-Compatible IE=Edge
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 75 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=47884802&t=pageview&_s=1&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&_u=YEBAAEABAAAAAC~&jid=1073051991&gjid=722631087&cid=272017713.1609196293&tid=UA-42296749-1&_gid=303920119.1609196293&_r=1&_slc=1&z=1047181198 Requested by Host: www.google-analytics.com URL: http://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 28 Dec 2020 22:58:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://daffodil-ruddy-run.glitch.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	popunder.gif ueaggress.top/	35 B 501 B	7246ms 125ms	Image image/gif	13.225.80.17 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://ueaggress.top/popunder.gif Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Server 13.225.80.17 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-80-17.fra2.r.cloudfront.net Software / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Mon, 28 Dec 2020 22:58:20 GMT content-encoding gzip X-Amz-Cf-Pop FRA2-C2 X-Cache Miss from cloudfront Content-Type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable Connection keep-alive Content-Length 58 Via 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront) X-Amz-Cf-Id YT5wYlkM8F-xTxH2r7fCscBvDl71Z2uK9S9A4rZgNj55uTuxXeyoRQ==
GET H2	200	promotion-bestseller-special-1308.html www.gearbest.com/ Frame 93E7 Redirect Chain http://ads.shorte.st/ads.php?key=bf822edaeefaa2a510a7fc154b0be028&width=1024&height=768&ch=8439461&cp.dest_domain=&cp.oid=8439461&cp.referrer=http://daffodil-ruddy-run.glitch.me/&cp.locked=0&cp.pro... https://shorteh.com/afu.php?zoneid=1241630 https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367558488789889749	0 0	518ms 210ms	Document text/html	184.24.7.88 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367558488789889749 Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.24.7.88 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS Software / Resource Hash Request headers :method GET :authority www.gearbest.com :scheme https :path /promotion-bestseller-special-1308.html?lkid=45687009&cid=367558488789889749 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-type text/html; charset=UTF-8 pragma public last-modified Mon, 28 Dec 2020 22:57:42 GMT gbcdnlang en access-control-allow-origin * access-control-allow-methods GET, POST ng-cache HIT content-encoding gzip content-length 48012 x-edgeconnect-midmile-rtt 0 0 0 x-edgeconnect-origin-mex-latency 86 86 86 cache-control public, max-age=60 expires Mon, 28 Dec 2020 22:59:13 GMT date Mon, 28 Dec 2020 22:58:13 GMT vary Accept-Encoding User-Agent set-cookie AKAM_CLIENTID=fbdec0c0d87a5aa0b4b2dd6abfbf503f; expires=Mon, 31-Dec-2038 23:59:59 GMT; path=/; domain=.gearbest.com AKA_A2=A; expires=Mon, 28-Dec-2020 23:58:13 GMT; path=/; domain=gearbest.com; secure; HttpOnly Redirect headers Server nginx Date Mon, 28 Dec 2020 22:58:13 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Pragma no-cache Cache-Control no-transform, no-store, no-cache, must-revalidate, max-age=0 Expires Tue, 11 Jan 1994 10:00:00 GMT Timing-Allow-Origin * * X-Trace-Id 011049a94806caee6440df4de932b1af Link <https://propeller-tracking.com>; rel="dns-prefetch preconnect",<//>; rel="dns-prefetch preconnect" <https://www.gearbest.com>; rel="dns-prefetch preconnect",<https://propeller-tracking.com>; rel="dns-prefetch preconnect" Referrer-Policy no-referrer Location https://www.gearbest.com/promotion-bestseller-special-1308.html?lkid=45687009&cid=367558488789889749 Set-Cookie OAID=821686e09f87425f9d278b9f590ec901; expires=Tue, 28 Dec 2021 22:58:13 GMT; secure; SameSite=None oaidts=1609196293; expires=Tue, 28 Dec 2021 22:58:13 GMT; secure; SameSite=None Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff
OPTIONS H/1.1	200 OK	custom kumteerg.com/ Frame	0 0	91ms 30ms	Other text/plain	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/custom Protocol HTTP/1.1 Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://daffodil-ruddy-run.glitch.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Mon, 28 Dec 2020 22:58:20 GMT Content-Type text/plain; charset=utf-8 Content-Length 0 Connection keep-alive Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Access-Control-Max-Age 86400
POST H/1.1	200 OK	custom Show response kumteerg.com/	39 B 502 B	95ms 31ms	Fetch application/json	139.45.196.135 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://kumteerg.com/custom Requested by Host: daffodil-ruddy-run.glitch.me URL: http://daffodil-ruddy-run.glitch.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.196.135 , Ascension Island, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers X-Trace-Id bbbb8455885d0d2293396de596cd6eaf Date Mon, 28 Dec 2020 22:58:20 GMT X-Content-Type-Options nosniff Server nginx Strict-Transport-Security max-age=1 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 39
GET H2	200	metric c.adskeeper.co.uk/ Redirect Chain http://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRy... https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInR...	43 B 665 B	104ms 104ms	Image image/gif	104.19.134.80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC40MzQsImRvbUNvbXBsZXRlIjoxMC41MDEsInBhZ2VMb2FkVGltZSI6MTAuNTA3LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyNywicmVzcG9uc2VFbmRUaW1lIjowLjQ2MX19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 28 Dec 2020 22:58:20 GMT cf-cache-status DYNAMIC x-mg-request-uuid f6b4abbb-e9aa-4954-925e-abe23f5f2200 access-control-allow-headers Content-Type, Cache-Control, X-Requested-With, User-Agent, Referer expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-allow-method HEAD, OPTIONS, POST p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 608ee2af3c4a087b-CDG content-type image/gif cf-request-id 074d2c017f0000087bd9247000000001 server cloudflare Redirect headers Date Mon, 28 Dec 2020 22:58:20 GMT Server cloudflare Vary Accept-Encoding Location https://c.adskeeper.co.uk/metric?data=eyJwYWdlIjp7InVybCI6Imh0dHA6Ly9kYWZmb2RpbC1ydWRkeS1ydW4uZ2xpdGNoLm1lLyJ9LCJ0YWdzIjpbInRyYW5zaXQtdGVtcGxhdGU6YWRza2VlcGVyIiwidHJhbnNpdC1kZXZpY2U6ZGVza3RvcCIsInRyYW5zaXQtdHlwZTpnb29kcyJdLCJwZXJmb3JtYW5jZSI6eyJjb25uZWN0VGltZSI6MC40MzQsImRvbUNvbXBsZXRlIjoxMC41MDEsInBhZ2VMb2FkVGltZSI6MTAuNTA3LCJyZXF1ZXN0U3RhcnRUaW1lIjowLjAyNywicmVzcG9uc2VFbmRUaW1lIjowLjQ2MX19 Cache-Control max-age=3600 Transfer-Encoding chunked Connection keep-alive CF-RAY 608ee2af0d6c331e-CDG cf-request-id 074d2c01640000331ed6a3f000000001 Expires Mon, 28 Dec 2020 23:58:20 GMT
OPTIONS H/1.1	200 OK	11 api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/6d5633477c6608022b6d35d6f4831059d4aeac0e/ Frame	0 0	68ms 67ms	Other application/json	78.140.188.189 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/6d5633477c6608022b6d35d6f4831059d4aeac0e/11 Protocol HTTP/1.1 Server 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / PHP/5.6.40-0+deb8u12 Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://daffodil-ruddy-run.glitch.me User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Content-Type application/json Transfer-Encoding chunked X-Powered-By PHP/5.6.40-0+deb8u12 Access-Control-Allow-Headers origin, content-type, accept Access-Control-Allow-Methods POST Access-Control-Allow-Credentials true Cache-Control no-cache Date Mon, 28 Dec 2020 22:58:21 GMT Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me X-Server-ID shn11 X-UA-Compatible IE=Edge
POST H/1.1	200 OK	11 Show response api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/6d5633477c6608022b6d35d6f4831059d4aeac0e/	15 B 784 B	97ms 96ms	XHR application/json	78.140.188.189 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://api.shorte.st/end-adsession/0dcd3da5ac03016ecbc321ca7f9149a3/6d5633477c6608022b6d35d6f4831059d4aeac0e/11 Requested by Host: cdn.shorte.st URL: http://cdn.shorte.st/link-converter.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / PHP/5.6.40-0+deb8u12 Resource Hash a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288 Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers Date Mon, 28 Dec 2020 22:58:21 GMT Server nginx X-Powered-By PHP/5.6.40-0+deb8u12 Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin http://daffodil-ruddy-run.glitch.me X-Server-ID shn08 Cache-Control no-cache Access-Control-Allow-Credentials true X-UA-Compatible IE=Edge
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 215 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=47884802&t=event&_s=2&dl=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&dp=%2Foverlay%2F0dcd3da5ac03016ecbc321ca7f9149a3&ul=en-us&de=UTF-8&dt=Trying%20to%20reach%20the%20most%20ads%20since%202020&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=0dcd3da5ac03016ecbc321ca7f9149a3&cs=http%3A%2F%2Fdaffodil-ruddy-run.glitch.me%2F&cm=overlay&ec=interstitial&ea=callback&el=success&_u=aEBAAEABAAAAAC~&jid=1496067722&gjid=581461868&cid=272017713.1609196293&tid=UA-42296749-1&_gid=303920119.1609196293&_r=1&z=104176066 Requested by Host: www.google-analytics.com URL: http://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://daffodil-ruddy-run.glitch.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 28 Dec 2020 22:58:21 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://daffodil-ruddy-run.glitch.me cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ervfcd5lqzhx.n.adsco.re

URL

https://ervfcd5lqzhx.n.adsco.re/

Domain

ervfcd5lqzhx.s.adsco.re

URL

https://ervfcd5lqzhx.s.adsco.re/