urlscan.io logo urlscan.io
SecurityTrails logo

0.greentopper.online Open in urlscan Pro
188.166.68.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dancemoms.tk/
Effective URL: https://0.greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper
Submission: On April 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 47 HTTP transactions. The main IP is 188.166.68.96, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is 0.greentopper.online.
TLS certificate: Issued by R3 on March 19th 2022. Valid for: 3 months.
This is the only time 0.greentopper.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 116.202.128.32 24940 (HETZNER-AS)
6 111.90.143.157 45839 (SHINJIRU-...)
2 2a00:1450:400... 15169 (GOOGLE)
3 188.166.68.96 14061 (DIGITALOC...)
47 5
2    116.202.128.32 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cpanel2.hostlab.net.tr
dancemoms.tk
6    111.90.143.157 (Kuala Lumpur, Malaysia)

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la
ads.specialadves.com
local.specialadves.com
brend.specialadves.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    188.166.68.96 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
greentopper.online
0.greentopper.online
Apex Domain
Subdomains		 Transfer
6 specialadves.com
ads.specialadves.com — Cisco Umbrella Rank: 445830
local.specialadves.com — Cisco Umbrella Rank: 364473 Failed
brend.specialadves.com — Cisco Umbrella Rank: 400451
5 KB
3 greentopper.online
greentopper.online — Cisco Umbrella Rank: 689694 Failed
0.greentopper.online
105 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
2 dancemoms.tk
dancemoms.tk
6 KB
0 yandex.ru Failed
mc.yandex.ru Failed
0 amazon-adsystem.com Failed
ws-na.amazon-adsystem.com Failed
47 6
Domain Requested by
4 ads.specialadves.com dancemoms.tk
2 0.greentopper.online dancemoms.tk
2 fonts.googleapis.com dancemoms.tk
2 dancemoms.tk 1 redirects dancemoms.tk
1 greentopper.online brend.specialadves.com
1 brend.specialadves.com local.specialadves.com
1 local.specialadves.com ads.specialadves.com
0 mc.yandex.ru Failed dancemoms.tk
0 ws-na.amazon-adsystem.com Failed dancemoms.tk
47 9

This site contains no links.

Subject Issuer Validity Valid
*.dancemoms.tk
R3		 2022-02-23 -
2022-05-24		 3 months crt.sh
specialadves.com
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
local.specialadves.com
R3		 2022-03-25 -
2022-06-23		 3 months crt.sh
brend.specialadves.com
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh
greentopper.online
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh

This page contains 1 frames:

Frame: https://0.greentopper.online/?auf=mu2dkmdcgi5diojygyxtmojsgixtemzpge3diobyge4tmmzy&s=1&sub1=rodny&sub2=cooper&sub3=&sub4=&cpc=0&cpm=0
Frame ID: 602B5BDAB8873EB598B194D9FA6B7DA1
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dancemoms.tk/ HTTP 301
    https://dancemoms.tk/ Page URL
  2. https://local.specialadves.com/1QtY8z Page URL
  3. https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643 Page URL
  4. https://greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper Page URL
  5. https://0.greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

47
Requests

26 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

5
IPs

3
Countries

117 kB
Transfer

169 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dancemoms.tk/ HTTP 301
    https://dancemoms.tk/ Page URL
  2. https://local.specialadves.com/1QtY8z Page URL
  3. https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643 Page URL
  4. https://greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper Page URL
  5. https://0.greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dancemoms.tk/ HTTP 301
  • https://dancemoms.tk/

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dancemoms.tk/
Redirect Chain
  • http://dancemoms.tk/
  • https://dancemoms.tk/
34 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dancemoms.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
116.202.128.32 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cpanel2.hostlab.net.tr
Software
LiteSpeed /
Resource Hash
223416163bae56fe9d0c460155f2ac029e391458e44ea3343cb1fe5e38bfb5c1

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-23=":443"; ma=2592000, h3-24=":443"; ma=2592000
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-length
5507
content-type
text/html
date
Fri, 01 Apr 2022 13:27:13 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Fri, 11 Mar 2022 21:23:06 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
705
Content-Type
text/html
Date
Fri, 01 Apr 2022 13:27:13 GMT
Location
https://dancemoms.tk/
Server
LiteSpeed
/
ads.specialadves.com/ping/ 		499 B
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.specialadves.com/ping/?velvet_js/wp-includes/css/dist/block-library/style_min_css&ver=5.1.11
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 21:27:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
499
Content-Type
text/plain; charset=utf-8
/
ads.specialadves.com/ping/ 		499 B
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis/style_css&ver=1.6.7
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 21:27:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
499
Content-Type
text/plain; charset=utf-8
/
ads.specialadves.com/ping/ 		499 B
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/skins/fresh/style-fresh_css&ver=1.6.7
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 21:27:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
499
Content-Type
text/plain; charset=utf-8
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C400italic&subset=latin%2Ccyrillic&ver=5.1.11
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e27e8e87d6b53d2bdc689c63bfb6e9f7c322a07765e38d02e666fbf9f7be77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 13:27:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 13:27:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 13:27:13 GMT
css
fonts.googleapis.com/ 		10 KB
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C700%2C900&subset=latin%2Ccyrillic&ver=5.1.11
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 13:27:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 01 Apr 2022 13:27:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Apr 2022 13:27:13 GMT
/
ads.specialadves.com/ping/ 		499 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.specialadves.com/ping/?velvet_js/wp-includes/js/jquery/jquery_js&ver=1.12.4
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Fri, 01 Apr 2022 21:27:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
499
Content-Type
text/plain; charset=utf-8
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
win-ocsdaulus.jpg
dancemoms.tk/wp-content/uploads/2021/06/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
/
ads.specialadves.com/ping/ 		0
0
q
ws-na.amazon-adsystem.com/widgets/ 		0
0
tag.js
mc.yandex.ru/metrika/ 		0
0
1QtY8z
local.specialadves.com/ 		0
0
1QtY8z
local.specialadves.com/ 		719 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://local.specialadves.com/1QtY8z
Requested by
Host: ads.specialadves.com
URL: https://ads.specialadves.com/ping/?velvet_js/wp-includes/js/jquery/jquery_js&ver=1.12.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dancemoms.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
719
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Apr 2022 21:27:26 GMT
Expires
0
Last-Modified
Fri, 01 Apr 2022 13:27:15 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
away.php
brend.specialadves.com/ 		848 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643
Requested by
Host: local.specialadves.com
URL: https://local.specialadves.com/1QtY8z
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
server1.kamon.la
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://local.specialadves.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
413
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Apr 2022 21:27:27 GMT
Server
nginx
Vary
Accept-Encoding
/
greentopper.online/ 		0
0
/
greentopper.online/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper
Requested by
Host: brend.specialadves.com
URL: https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1d43a7ec615a1ef718a93629074b11e75a343661f0a27bb16f79ffdf58e921a5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://brend.specialadves.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 13:27:17 GMT
server
nginx
strict-transport-security
max-age=31536000
w46899721.js
greentopper.online/ 		0
0
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
Primary Request /
0.greentopper.online/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
02679ac5a1d28851f67bc12545c2f4587462cddff5af8c6d52d27723ddceb46f
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://greentopper.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 13:27:18 GMT
server
nginx
strict-transport-security
max-age=31536000
w46899721.js
0.greentopper.online/ 		0
0
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/gif
/
0.greentopper.online/ 		0
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://0.greentopper.online/?auf=mu2dkmdcgi5diojygyxtmojsgixtemzpge3diobyge4tmmzy&s=1&sub1=rodny&sub2=cooper&sub3=&sub4=&cpc=0&cpm=0
Requested by
Host: dancemoms.tk
URL: https://dancemoms.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.68.96 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://0.greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 01 Apr 2022 13:27:18 GMT
server
nginx
strict-transport-security
max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Domain
dancemoms.tk
URL
https://dancemoms.tk/wp-content/uploads/2021/06/win-ocsdaulus.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/themes/pinthis5745747/skins/fresh/images/logo.png
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Chloe-Lukasiak-Instagram-post-%E2%80%A2-July-24-2015.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Mackenzie-and-Maddie-jenzie-jenzieedits-jenzie.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Maddie-Ziegler-stars-in-a-FOURTH-music-video-for-Sia.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Good-Morning.-Get-On-Down.-Photo.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Julianne-Hough-starred-in-Safe-Haven-2012.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/My-favorite-photo-of-Maddie-by-Sally-Miller-Sp.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Maddie-Ziegler-Social-Media-11052019.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2019/12/The-stars-of-%E2%80%98Dance-Moms%E2%80%99-Maddie-Ziegler-JoJo-Siwa-S.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/Dance-Moms-opens-tonight-January-1-2014-make-sure-you.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet.js/wp-content/uploads/2020/02/1582148219_477_notitle.jpg
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/modernizr_min_js&ver=2.8.3
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/spin_js&ver=2.3.2
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-mousewheel_js&ver=3.1.12
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-masonry_min_js&ver=4.2.0
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-imagesloaded_js&ver=4.1.2
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-selectbox_js&ver=0.2
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-clearinginput_js&ver=1.0
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-atooltip_min_js&ver=1.5
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-magnific-popup_js&ver=1.1.0
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-spin_min_js&ver=1.0
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-jscrollpane_min_js&ver=2.0.21
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-finger_min_js&ver=0.1.0
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/jquery-flickerplate_min_js&ver=2.1.1
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-content/themes/pinthis5745747/js/main_js&ver=1.6.7
Domain
ads.specialadves.com
URL
https://ads.specialadves.com/ping/?velvet_js/wp-includes/js/wp-embed_min_js&ver=5.1.11
Domain
ws-na.amazon-adsystem.com
URL
https://ws-na.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&MarketPlace=US
Domain
mc.yandex.ru
URL
https://mc.yandex.ru/metrika/tag.js
Domain
local.specialadves.com
URL
https://local.specialadves.com/1QtY8z
Domain
greentopper.online
URL
https://greentopper.online/?p=ha2tazdbhe5gi3bpgy4temq&sub1=rodny&sub2=cooper
Domain
greentopper.online
URL
https://greentopper.online/w46899721.js
Domain
0.greentopper.online
URL
https://0.greentopper.online/w46899721.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

5 Cookies

Domain/Path Name / Value
local.specialadves.com/ Name: _subid
Value: pt2rd06246fdb331f7a
local.specialadves.com/ Name: af1c2
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTY0ODgxOTYzNX0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTY0ODgxOTYzNX0sXCJ0aW1lXCI6MTY0ODgxOTYzNX0ifQ.TdKL77Tr6Q4g4xyrYxJrmfk5pcns_MHeXIZMKAjicyQ
.greentopper.online/ Name: uuid
Value: ac4ec639-a836-4759-81d3-c223bc120221
.0.greentopper.online/ Name: uuid
Value: ac4ec639-a836-4759-81d3-c223bc120221
0.greentopper.online/ Name: uuid
Value: ac4ec639-a836-4759-81d3-c223bc120221