jtsd.happyfeed.net Open in urlscan Pro
34.102.249.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://them.in/
Effective URL:
https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Submission: On May 11 via api (May 11th 2020, 4:41:27 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 18 domains to perform 19 HTTP transactions. The main IP is 34.102.249.222, located in United States and belongs to GOOGLE, US. The main domain is jtsd.happyfeed.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 4th 2020. Valid for: 3 months.

This is the only time jtsd.happyfeed.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.98.192.36 172.98.192.36	31863 (DACEN-2) (DACEN-2)
1 1	198.134.116.18 198.134.116.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	52.72.55.123 52.72.55.123	14618 (AMAZON-AES) (AMAZON-AES)
1 1	159.89.225.89 159.89.225.89	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	107.178.249.212 107.178.249.212	15169 (GOOGLE) (GOOGLE)
1 2	35.201.123.4 35.201.123.4	15169 (GOOGLE) (GOOGLE)
2	34.102.249.222 34.102.249.222	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
2	130.211.12.92 130.211.12.92	15169 (GOOGLE) (GOOGLE)
2 2	131.153.70.114 131.153.70.114	19437 (SS-ASH) (SS-ASH)
1 1	38.140.142.154 38.140.142.154	174 (COGENT-174) (COGENT-174)
2	149.11.201.98 149.11.201.98	174 (COGENT-174) (COGENT-174)
2 2	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	2600:1f18:40f... 2600:1f18:40f7:9700:a108:e95a:4ac8:642e	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.164.208.23 69.164.208.23	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	198.134.116.30 198.134.116.30	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
19	12

1 172.98.192.36 (Rochester, United States) 1 redirects

ASN31863 (DACEN-2, US)

them.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.18 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.junmediadirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.55.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-55-123.compute-1.amazonaws.com

r.ewoss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.225.89 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

clicks.torromi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.249.212 (United States)

ASN15169 (GOOGLE, US)
PTR: 212.249.178.107.bc.googleusercontent.com

rdr.rtbravo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.123.4 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 4.123.201.35.bc.googleusercontent.com

ok.plsnotifyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imp.plsnotifyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.249.222 (United States)

ASN15169 (GOOGLE, US)
PTR: 222.249.102.34.bc.googleusercontent.com

jtsd.happyfeed.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.12.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 92.12.211.130.bc.googleusercontent.com

get.securedcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 131.153.70.114 (Ashburn, United States) 2 redirects

ASN19437 (SS-ASH, US)

images.jordanobruno.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.140.142.154 (Fort Lauderdale, United States) 1 redirects

ASN174 (COGENT-174, US)

xml.auxml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.11.201.98 (United States)

ASN174 (COGENT-174, US)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.16 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.pclk.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:40f7:9700:a108:e95a:4ac8:642e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

besa-mad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.164.208.23 (Newark, United States) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li123-23.members.linode.com

i.mobopushclick01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.134.116.30 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.realtime-bid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

static.realtime-bid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	realtime-bid.com 2 redirects xml.realtime-bid.com static.realtime-bid.com	95 KB
3	rtbravo.com rdr.rtbravo.com	5 KB
2	mobopushclick01.com 2 redirects i.mobopushclick01.com	456 B
2	besa-mad.com besa-mad.com	16 KB
2	pclk.name 2 redirects click.pclk.name	2 KB
2	adx1.com cdn.adx1.com	67 KB
2	jordanobruno.live 2 redirects images.jordanobruno.live	884 B
2	securedcdn.com get.securedcdn.com	18 KB
2	gstatic.com www.gstatic.com	22 KB
2	happyfeed.net jtsd.happyfeed.net	9 KB
2	plsnotifyme.com 1 redirects ok.plsnotifyme.com imp.plsnotifyme.com	3 KB
2	ewoss.com 1 redirects r.ewoss.com	2 KB
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	auxml.com 1 redirects xml.auxml.com	107 B
1	torromi.com 1 redirects clicks.torromi.com	397 B
1	junmediadirect.com 1 redirects click.junmediadirect.com	181 B
1	them.in 1 redirects them.in	378 B
19	18

	Domain	Requested by
3	rdr.rtbravo.com	r.ewoss.com rdr.rtbravo.com jtsd.happyfeed.net
2	static.realtime-bid.com	jtsd.happyfeed.net
2	xml.realtime-bid.com	2 redirects
2	i.mobopushclick01.com	2 redirects
2	besa-mad.com	jtsd.happyfeed.net
2	click.pclk.name	2 redirects
2	cdn.adx1.com	jtsd.happyfeed.net
2	images.jordanobruno.live	2 redirects
2	get.securedcdn.com	jtsd.happyfeed.net
2	www.gstatic.com	jtsd.happyfeed.net
2	jtsd.happyfeed.net	rdr.rtbravo.com jtsd.happyfeed.net
2	r.ewoss.com	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	jtsd.happyfeed.net
1	xml.auxml.com	1 redirects
1	imp.plsnotifyme.com	get.securedcdn.com
1	ok.plsnotifyme.com	1 redirects
1	clicks.torromi.com	1 redirects
1	click.junmediadirect.com	1 redirects
1	them.in	1 redirects
19	20

This site contains no links.

Subject Issuer	Validity	Valid
rtbravo.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
happyfeed.net Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
securedcdn.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
plsnotifyme.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.adx1.com Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
besa-mad.com Amazon	`2020-02-27` - `2021-03-27`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-06` - `2021-05-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Frame ID: 7AD7592F4DC0697823D74E4E836F4BD3
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://them.in/ HTTP 302
http://click.junmediadirect.com/click?i=klprSEqBvcQ_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3LndpbGxpZS5ubCZiPTAuMDAxMCZzPT... HTTP 302
http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a Page URL
http://clicks.torromi.com/feed/click/?t1=128&tid=27&uid=15&subid=xzo9qtyy5u3ol2zw08p_hejhed&id=6505f98... HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7 Page URL
https://ok.plsnotifyme.com/lp?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&s=77372840eb15e8ac35ccee74ea... HTTP 302
https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

19
Requests

84 %
HTTPS

11 %
IPv6

18
Domains

20
Subdomains

12
IPs

3
Countries

246 kB
Transfer

307 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://them.in/ HTTP 302
http://click.junmediadirect.com/click?i=klprSEqBvcQ_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3LndpbGxpZS5ubCZiPTAuMDAxMCZzPTIzNjgzNg2 HTTP 302
http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a Page URL
http://clicks.torromi.com/feed/click/?t1=128&tid=27&uid=15&subid=xzo9qtyy5u3ol2zw08p_hejhed&id=6505f98895cb8375dc64a9b682113a0d%3A259e874b72bbd168b67e1d3884d26722fe80ddbcfeb793fd7fd92a34047902616a0122c2a7c2c897b7af086107bb8ab33fc8c67ec3420d5ac466518a7cec60ce5cb61919d7b6ab54b28226a5d885ebc539aea64dddc1974b2ad74798ad0ed8f55057e702405ef0e382a8d57b8f04a08a9bba268abcf467104fc2787d5748a7a031a016b5e10371e96ffd40eb40c2950574fd0ee88b75db926230abd3a908b6ae43c47cbaf6dcfdf5126b839537b3628b025854d5bafce18a7bcb26656ea83726dd768914a77c3a909c72d1fce9dba8f9fdfeb76154cb363c132270334eda7aa49a6a828838e5ac86f97d1a7ba11e12aa73bb823ba4dd1c88a7c7920a144c5e92cef8cd3aeb188b89b338a31ac943d459545ec7be96d84190ceafba265b49b21327a130d4646b635996dfb91deca613e4bae5dfde2af89ce88a2d62d7361c9984fd6315b039a20ba2be2ea2199c14ef6f2af3564400657969e090d26b778ac1a85faceafa27267e03a121ef820a73b886 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7 Page URL
https://ok.plsnotifyme.com/lp?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&s=77372840eb15e8ac35ccee74eac515ca0d97e38603bec191d093c3eeac42c26bd13eeedc10395abb5b565876034d64233b06357ec861d924e20c&ex=b2100&d=- HTTP 302
https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://them.in/ HTTP 302
http://click.junmediadirect.com/click?i=klprSEqBvcQ_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3LndpbGxpZS5ubCZiPTAuMDAxMCZzPTIzNjgzNg2 HTTP 302
http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a

Request Chain 1

http://clicks.torromi.com/feed/click/?t1=128&tid=27&uid=15&subid=xzo9qtyy5u3ol2zw08p_hejhed&id=6505f98895cb8375dc64a9b682113a0d%3A259e874b72bbd168b67e1d3884d26722fe80ddbcfeb793fd7fd92a34047902616a0122c2a7c2c897b7af086107bb8ab33fc8c67ec3420d5ac466518a7cec60ce5cb61919d7b6ab54b28226a5d885ebc539aea64dddc1974b2ad74798ad0ed8f55057e702405ef0e382a8d57b8f04a08a9bba268abcf467104fc2787d5748a7a031a016b5e10371e96ffd40eb40c2950574fd0ee88b75db926230abd3a908b6ae43c47cbaf6dcfdf5126b839537b3628b025854d5bafce18a7bcb26656ea83726dd768914a77c3a909c72d1fce9dba8f9fdfeb76154cb363c132270334eda7aa49a6a828838e5ac86f97d1a7ba11e12aa73bb823ba4dd1c88a7c7920a144c5e92cef8cd3aeb188b89b338a31ac943d459545ec7be96d84190ceafba265b49b21327a130d4646b635996dfb91deca613e4bae5dfde2af89ce88a2d62d7361c9984fd6315b039a20ba2be2ea2199c14ef6f2af3564400657969e090d26b778ac1a85faceafa27267e03a121ef820a73b886 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7

Request Chain 9

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xMVQxNjo0MToxOC4xMjBaIiwidHlwZSI6Imljb24iLCJ1aWQiOjYsInRpZCI6NTcsInN1YmlkIjoiNDcwOTY5MTIiLCJzaWQiOiIiLCJzZWFyY2hfaXAiOiIxODUuMjE3LjE3MS4xMiIsInNlYXJjaF91YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJmaWQiOjc4LCJ1cmwiOiJodHRwczovL3htbC5hdXhtbC5jb20vbWV0cmljcy9zYXZlLmltZz9ldmVudD1pbXByZXNzaW9ucyZiaWRfaWQ9Mjc1OS0yNzU5LTctNWRmOGI1MmQtNzFkMC1lODMxLTBlNzUtMmJjMjBiM2RmZTdkJmltZz1odHRwcyUzQSUyRiUyRmNkbi5hZHgxLmNvbSUyRmY1OTliMGM4NjQwZjIxYTBmMzhkNTc2YmE4YmU3NjkxLnBuZyIsInBpeGVsIjoiIiwiciI6MH0= HTTP 302
https://xml.auxml.com/metrics/save.img?event=impressions&bid_id=2759-2759-7-5df8b52d-71d0-e831-0e75-2bc20b3dfe7d&img=https%3A%2F%2Fcdn.adx1.com%2Ff599b0c8640f21a0f38d576ba8be7691.png HTTP 302
https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png

Request Chain 10

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xMVQxNjo0MToxOC4xMjBaIiwidHlwZSI6ImltYWdlIiwidWlkIjo2LCJ0aWQiOjU3LCJzdWJpZCI6IjQ3MDk2OTEyIiwic2lkIjoiIiwic2VhcmNoX2lwIjoiMTg1LjIxNy4xNzEuMTIiLCJzZWFyY2hfdWEiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwiZmlkIjo3OCwidXJsIjoiaHR0cHM6Ly9jZG4uYWR4MS5jb20vNDdmM2E5NmE3NzU0MTE0ZjQ1NmE0ODQzZmQzNjkxYWEuanBnIiwicGl4ZWwiOiIiLCJyIjowfQ== HTTP 302
https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg

Request Chain 11

http://click.pclk.name/thumbnail?i=4Wl1-Da9wT8_0&imgt=icon HTTP 302
https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dRJDe9VtymHIAerbcYHtjze5Neaghwya9LdSh787veNNJMgcHwS9aO_zz5zvFJupIsHsx2wnQ4ZJTpFfJxQvWrDBoW5QKc3zsMGHoH3AATZ8rpdhq1u5The_kIxz_PXNv-Srd2Sxey9HbYcFLruimhs3f1mSJhctbt9sbc5ZduJStsxIpht1XhO1qi5s1g_U3xIo745h_xPuNfKy69BXUfTdidfMjpGFoK3bmYgRbplXLRljdbi697k8iWLMV4s6zf8Qo6zBoVMqbl5pqjs1l4fu2uIHPQ4cDQQZk35euYrvNT2ax61EV68SCRPEGD6iVoPFUdD0HB5HY4Xyd9XRoVIsoYO70mw71bsnFfbgppZxBCVoYX2s8ugFq_Iu5-ab1GxXJ4zjmTvlaXXpObP18HegzMsmQ2g95SYev_nUMy1caNsfzYSuvmbDiyUkgNwnirU0Basi9k7bOXORjXXum3JRbaVOQmgqljSg8syrWdSIhlTtgvV3_fCSZ3HvJFjfOjiyzsnA=.CVL42HrEL7QCdo-ghYSE7Q==

Request Chain 12

http://click.pclk.name/thumbnail?i=4Wl1-Da9wT8_0 HTTP 302
https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dRJDe9VtymHIAerbcYHtjze5Neaghwya9LdSh787veNNJMgcHwS9aO_zz5zvFJupIsHsx2wnQ4ZJTpFfJxQvWrDBoW5QKc3zsMGHoH3AATZ8rpdhq1u5The_kIxz_PXNv-Srd2Sxey9HbYcFLruimhs3f1mSJhctbt9sbc5ZduJStsxIpht1XhO1qi5s1g_U3xIo745h_xPuNfKy69BXUfTdidfMjpGFoK3bmYgRbplXLRljdbi697k8iWLMV4s6zf8Qo6zBoVMqbl5pqjs1l4fu2uIHPQ4cDQQZk35euYrvNT2ax61EV68SCRPEGD6iVoPFUdD0HB5HY4Xyd9XRoVIsoYO70mw71bsnFfbgppZxBCVoYX2s8ugFq_Iu5-ab1GxXJ4zjmTvlaXXpObP18HegzMsmQ2g95SYev_nUMy1caNsfzYSuvmbDiyUkgNwnirU0Basi9k7bOXORjXXum3JRbaVOQmgqljSg8syrWdSIhlTtgvV3_fCSZ3HvJFjfOjiyzsnA=.CVL42HrEL7QCdo-ghYSE7Q==

Request Chain 13

https://i.mobopushclick01.com/win_url?req_id=3cb67f29-93a6-11ea-a12e-f23c929b96a5_2020051116&ic=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPW1XZU9JVk9qVjZ3XzAmaW1ndD1pY29u&aim=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPW1XZU9JVk9qVjZ3XzA=&mobopixel=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3BpeGVsP2k9bVdlT0lWT2pWNndfMA== HTTP 302
http://xml.realtime-bid.com/thumbnail?i=mWeOIVOjV6w_0&imgt=icon HTTP 302
http://static.realtime-bid.com/n337/ad/300x300_N5ZG84kB5JTQyOqhUedr.png

Request Chain 14

https://i.mobopushclick01.com/win_url?req_id=3cb67f29-93a6-11ea-a12e-f23c929b96a5_2020051116&im=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPW1XZU9JVk9qVjZ3XzA=&aic=aHR0cHM6Ly9pLm1vYm9wdXNoY2xpY2swMS5jb20vd2luX3VybD9yZXFfaWQ9M2NiNjdmMjktOTNhNi0xMWVhLWExMmUtZjIzYzkyOWI5NmE1XzIwMjAwNTExMTYmaWM9YUhSMGNEb3ZMM2h0YkM1eVpXRnNkR2x0WlMxaWFXUXVZMjl0TDNSb2RXMWlibUZwYkQ5cFBXMVhaVTlKVms5cVZqWjNYekFtYVcxbmREMXBZMjl1JmFpbT1hSFIwY0RvdkwzaHRiQzV5WldGc2RHbHRaUzFpYVdRdVkyOXRMM1JvZFcxaWJtRnBiRDlwUFcxWFpVOUpWazlxVmpaM1h6QT0=&mobopixel=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3BpeGVsP2k9bVdlT0lWT2pWNndfMA== HTTP 302
http://xml.realtime-bid.com/thumbnail?i=mWeOIVOjV6w_0 HTTP 302
http://static.realtime-bid.com/n337/ad/300x300_RfEaCav6Fowrgska3Pkw.png

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set out.aspx Show response
r.ewoss.com/
Redirect Chain

http://them.in/
http://click.junmediadirect.com/click?i=klprSEqBvcQ_0
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3LndpbGxpZS5ubCZiPTAuMDAxMCZzPTIzNjgzNg2
http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a

2 KB
1 KB

111ms
110ms

Document
text/html

52.72.55.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a
Protocol: HTTP/1.1
Server: 52.72.55.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-55-123.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 87c126492beb1dd337353e32952fb09c47b506d0f22900975137d0b90af3e060

Request headers

Host: r.ewoss.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 16:41:11 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=q4j241o3trudsgrvx13dc3oj; path=/; HttpOnly
Vary: Accept-Encoding
Content-Length: 1118
Connection: keep-alive

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Mon, 11 May 2020 16:41:11 GMT
Location: http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a
Server: Microsoft-IIS/10.0
Content-Length: 183
Connection: keep-alive

GET
H2

200

p Show response
rdr.rtbravo.com/brdr/
Redirect Chain

http://clicks.torromi.com/feed/click/?t1=128&tid=27&uid=15&subid=xzo9qtyy5u3ol2zw08p_hejhed&id=6505f98895cb8375dc64a9b682113a0d%3A259e874b72bbd168b67e1d3884d26722fe80ddbcfeb793fd7fd92a34047902616a0...
https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7

4 KB
5 KB

179ms
129ms

Document
text/html

107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Requested by: Host: r.ewoss.com
URL: http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 655b925eb7c449e5308bd0d18b24b7e1380006d7b5cb1b3d668c63922ed4a222

Request headers

:method: GET
:authority: rdr.rtbravo.com
:scheme: https
:path: /brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://r.ewoss.com/out.aspx?u=951e50fe-59d0-45fe-ac54-9450cc40c08a

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Mon, 11 May 2020 16:41:12 GMT
content-type: text/html; charset=utf-8
content-length: 4546
etag: W/"11c2-hajVNHJqIad9+yrpBkRjog"
via: 1.1 google
alt-svc: clear

Redirect headers

X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 194
Date: Mon, 11 May 2020 16:41:12 GMT
Connection: keep-alive

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 oij23rewlnkads
rdr.rtbravo.com/brdr/ 216 B
329 B 128ms
128ms XHR
application/json 107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr.rtbravo.com/brdr/oij23rewlnkads?i=eyJiaWRpZCI6InYyMWNkOG4xYTc2YjBwY2ZtbjlnaXV4czcxc2NxaDF0OTJ3N2o3b3V3NyIsImlzaWYiOiJuby1pZnJhbWUiLCJwbWZzIjowLCJpbmZyYW1lIjpmYWxzZSwic2l6ZSI6IjE2MDB4MTIwMCIsInJlZiI6InIuZXdvc3MuY29tIiwiZnJlZiI6Imh0dHA6Ly9yLmV3b3NzLmNvbS9vdXQuYXNweD91PTk1MWU1MGZlLTU5ZDAtNDVmZS1hYzU0LTk0NTBjYzQwYzA4YSIsImlzZm9jdXMiOnRydWV9
Requested by: Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 16:41:12 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"d8-d/7OQ3mZKHCw2Ulr9h3m7A"
content-type: application/json; charset=utf-8
status: 200
alt-svc: clear
content-length: 216

GET
H2

200

Primary Request sw.js Show response
jtsd.happyfeed.net/psh/
Redirect Chain

https://ok.plsnotifyme.com/lp?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&s=77372840eb15e8ac35ccee74eac515ca0d97e38603bec191d093c3eeac42c26bd13eeedc10395abb5b565876034d64233b06357ec861d924e20c&ex=...
https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100

8 KB
8 KB

194ms
139ms

Document
text/html

34.102.249.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Requested by: Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.249.222 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.249.102.34.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 866fa0ea4edf55f024d54a12f87e548669416c3024d23e6bc1ebd90b3bef8597

Request headers

:method: GET
:authority: jtsd.happyfeed.net
:scheme: https
:path: /psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rdr.rtbravo.com/brdr/p?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Mon, 11 May 2020 16:41:17 GMT
content-type: text/html;charset=UTF-8
cache-control: no-cache
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
server: nginx/1.10.3 (Ubuntu)
date: Mon, 11 May 2020 16:41:17 GMT
content-type: text/html; charset=utf-8
content-length: 274
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
location: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
vary: Accept
via: 1.1 google
alt-svc: clear

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.7/ 34 KB
12 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.7/firebase-app.js

Requested by

Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 19:53:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:05:34 GMT
server: sffe
age: 3358056
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
expires: Fri, 02 Apr 2021 19:53:41 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.7/ 35 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.7/firebase-messaging.js

Requested by

Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 05 May 2020 22:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:05:34 GMT
server: sffe
age: 498404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10096
x-xss-protection: 0
expires: Wed, 05 May 2021 22:14:33 GMT

GET
H2 200 imp Show response
get.securedcdn.com/lp/ 8 KB
8 KB 190ms
134ms Script
text/javascript 130.211.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.12.211.130.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b71cd34832e419ceeebae1f6bfd9007eab60ebc5d80d90f696be77c6dd1db146

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 16:41:17 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"200b-gXGYimbbPfdoqAzpVrT+nSV1t20"
surrogate-control: no-store
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 8203
expires: 0

GET
H2 200 signup Show response
get.securedcdn.com/sub/ 10 KB
10 KB 81ms
25ms Script
text/javascript 130.211.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://get.securedcdn.com/sub/signup?a=b2100&lp=pushallow&vid=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.12.211.130.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 16:41:17 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"276b-jEwo2yXUAv2hpuqeBWpvGeokuvk"
surrogate-control: no-store
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 10091
expires: 0

GET
H2 200 get Show response
imp.plsnotifyme.com/feed/ 2 KB
2 KB 1473ms
1459ms Script
application/json 35.201.123.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.plsnotifyme.com/feed/get?v=2&s=pushallow&uid=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Requested by: Host: get.securedcdn.com
URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.4 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 4.123.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 763c9a6c5c42b95647ee00a067cf06e08b1152c86d9a238a14cca65fe2c6dec6

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 May 2020 16:41:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"926-EEXIQO4kQTDMsLtTPBMXw2n/wog"
surrogate-control: no-store
content-type: application/json; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 2342
expires: 0

GET
H2

200

f599b0c8640f21a0f38d576ba8be7691.png
cdn.adx1.com/
Redirect Chain

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xMVQxNjo0MToxOC4xMjBaIiwidHlwZSI6Imljb24iLCJ1aWQiOjYsInRpZCI6NTcsInN1YmlkIjoiNDcwOTY5MTIiLCJzaWQiOiIiLCJzZWFyY2hfaXAiOiIxODUuM...
https://xml.auxml.com/metrics/save.img?event=impressions&bid_id=2759-2759-7-5df8b52d-71d0-e831-0e75-2bc20b3dfe7d&img=https%3A%2F%2Fcdn.adx1.com%2Ff599b0c8640f21a0f38d576ba8be7691.png
https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png

24 KB
25 KB

15ms
14ms

Image
image/png

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 16:41:20 GMT
last-modified: Wed, 24 Apr 2019 10:33:53 GMT
server: openresty/1.15.8.3
etag: "5cc03b91-61ad"
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 25005
expires: Thu, 14 May 2020 08:57:43 GMT

Redirect headers

status: 302
date: Mon, 11 May 2020 16:41:20 GMT
server: openresty/1.15.8.3
content-length: 0
location: https://cdn.adx1.com/f599b0c8640f21a0f38d576ba8be7691.png

GET
H2

200

47f3a96a7754114f456a4843fd3691aa.jpg
cdn.adx1.com/
Redirect Chain

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xMVQxNjo0MToxOC4xMjBaIiwidHlwZSI6ImltYWdlIiwidWlkIjo2LCJ0aWQiOjU3LCJzdWJpZCI6IjQ3MDk2OTEyIiwic2lkIjoiIiwic2VhcmNoX2lwIjoiMTg1L...
https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg

42 KB
42 KB

47ms
15ms

Image
image/jpeg

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e280a986dec023767e9780260764ea473ed2557d0a5e56209a1dd0a83ecb3982

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 16:41:19 GMT
last-modified: Wed, 24 Apr 2019 10:33:52 GMT
server: openresty/1.15.8.3
etag: "5cc03b90-a673"
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 42611
expires: Thu, 14 May 2020 08:59:44 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 May 2020 16:41:19 GMT
X-Powered-By: Express
Surrogate-Control: no-store
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://cdn.adx1.com/47f3a96a7754114f456a4843fd3691aa.jpg
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 79
Expires: 0

GET
H2

200

udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dR...
besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/
Redirect Chain

http://click.pclk.name/thumbnail?i=4Wl1-Da9wT8_0&imgt=icon
https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRa...

8 KB
8 KB

178ms
91ms

Image
image/webp

2600:1f18:40f7:9700:a108:e95a:4ac8:642e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dRJDe9VtymHIAerbcYHtjze5Neaghwya9LdSh787veNNJMgcHwS9aO_zz5zvFJupIsHsx2wnQ4ZJTpFfJxQvWrDBoW5QKc3zsMGHoH3AATZ8rpdhq1u5The_kIxz_PXNv-Srd2Sxey9HbYcFLruimhs3f1mSJhctbt9sbc5ZduJStsxIpht1XhO1qi5s1g_U3xIo745h_xPuNfKy69BXUfTdidfMjpGFoK3bmYgRbplXLRljdbi697k8iWLMV4s6zf8Qo6zBoVMqbl5pqjs1l4fu2uIHPQ4cDQQZk35euYrvNT2ax61EV68SCRPEGD6iVoPFUdD0HB5HY4Xyd9XRoVIsoYO70mw71bsnFfbgppZxBCVoYX2s8ugFq_Iu5-ab1GxXJ4zjmTvlaXXpObP18HegzMsmQ2g95SYev_nUMy1caNsfzYSuvmbDiyUkgNwnirU0Basi9k7bOXORjXXum3JRbaVOQmgqljSg8syrWdSIhlTtgvV3_fCSZ3HvJFjfOjiyzsnA=.CVL42HrEL7QCdo-ghYSE7Q==
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:a108:e95a:4ac8:642e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 119bf3ef36b63a1a99052d8eedb9b3e484e2d46598f846c71f247be5cd207142

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 11 May 2020 16:41:19 GMT
content-disposition: inline;filename=f.txt
content-length: 8336
content-type: image/webp

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dRJDe9VtymHIAerbcYHtjze5Neaghwya9LdSh787veNNJMgcHwS9aO_zz5zvFJupIsHsx2wnQ4ZJTpFfJxQvWrDBoW5QKc3zsMGHoH3AATZ8rpdhq1u5The_kIxz_PXNv-Srd2Sxey9HbYcFLruimhs3f1mSJhctbt9sbc5ZduJStsxIpht1XhO1qi5s1g_U3xIo745h_xPuNfKy69BXUfTdidfMjpGFoK3bmYgRbplXLRljdbi697k8iWLMV4s6zf8Qo6zBoVMqbl5pqjs1l4fu2uIHPQ4cDQQZk35euYrvNT2ax61EV68SCRPEGD6iVoPFUdD0HB5HY4Xyd9XRoVIsoYO70mw71bsnFfbgppZxBCVoYX2s8ugFq_Iu5-ab1GxXJ4zjmTvlaXXpObP18HegzMsmQ2g95SYev_nUMy1caNsfzYSuvmbDiyUkgNwnirU0Basi9k7bOXORjXXum3JRbaVOQmgqljSg8syrWdSIhlTtgvV3_fCSZ3HvJFjfOjiyzsnA=.CVL42HrEL7QCdo-ghYSE7Q==

GET
H2

200

http://click.pclk.name/thumbnail?i=4Wl1-Da9wT8_0
https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRa...

8 KB
8 KB

377ms
179ms

Image
image/webp

2600:1f18:40f7:9700:a108:e95a:4ac8:642e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dRJDe9VtymHIAerbcYHtjze5Neaghwya9LdSh787veNNJMgcHwS9aO_zz5zvFJupIsHsx2wnQ4ZJTpFfJxQvWrDBoW5QKc3zsMGHoH3AATZ8rpdhq1u5The_kIxz_PXNv-Srd2Sxey9HbYcFLruimhs3f1mSJhctbt9sbc5ZduJStsxIpht1XhO1qi5s1g_U3xIo745h_xPuNfKy69BXUfTdidfMjpGFoK3bmYgRbplXLRljdbi697k8iWLMV4s6zf8Qo6zBoVMqbl5pqjs1l4fu2uIHPQ4cDQQZk35euYrvNT2ax61EV68SCRPEGD6iVoPFUdD0HB5HY4Xyd9XRoVIsoYO70mw71bsnFfbgppZxBCVoYX2s8ugFq_Iu5-ab1GxXJ4zjmTvlaXXpObP18HegzMsmQ2g95SYev_nUMy1caNsfzYSuvmbDiyUkgNwnirU0Basi9k7bOXORjXXum3JRbaVOQmgqljSg8syrWdSIhlTtgvV3_fCSZ3HvJFjfOjiyzsnA=.CVL42HrEL7QCdo-ghYSE7Q==
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:a108:e95a:4ac8:642e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 119bf3ef36b63a1a99052d8eedb9b3e484e2d46598f846c71f247be5cd207142

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 11 May 2020 16:41:19 GMT
content-disposition: inline;filename=f.txt
content-length: 8336
content-type: image/webp

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://besa-mad.com/imp/3cc29228-93a6-11ea-9172-0a6aaa934afb/1/udxqL60akVJthfEBZnQSWcmYET7FzjZPvcK6-MV7kUp7KO6i00w_OUwxLBb9uYK9YFvvzexhOZ9Q1-bPHnscxyejcRKCrKF-eajS2J_hRjUPM-P6FRPmPZxgJjJ2w42GIvFRavS2jgQA0E0XQ72v_LLZsnY1II_wSy3eueXxboDXAI2BGJ4Ru3tyAlCPdu3R0K2dRJDe9VtymHIAerbcYHtjze5Neaghwya9LdSh787veNNJMgcHwS9aO_zz5zvFJupIsHsx2wnQ4ZJTpFfJxQvWrDBoW5QKc3zsMGHoH3AATZ8rpdhq1u5The_kIxz_PXNv-Srd2Sxey9HbYcFLruimhs3f1mSJhctbt9sbc5ZduJStsxIpht1XhO1qi5s1g_U3xIo745h_xPuNfKy69BXUfTdidfMjpGFoK3bmYgRbplXLRljdbi697k8iWLMV4s6zf8Qo6zBoVMqbl5pqjs1l4fu2uIHPQ4cDQQZk35euYrvNT2ax61EV68SCRPEGD6iVoPFUdD0HB5HY4Xyd9XRoVIsoYO70mw71bsnFfbgppZxBCVoYX2s8ugFq_Iu5-ab1GxXJ4zjmTvlaXXpObP18HegzMsmQ2g95SYev_nUMy1caNsfzYSuvmbDiyUkgNwnirU0Basi9k7bOXORjXXum3JRbaVOQmgqljSg8syrWdSIhlTtgvV3_fCSZ3HvJFjfOjiyzsnA=.CVL42HrEL7QCdo-ghYSE7Q==

GET
H/1.1

200
OK

300x300_N5ZG84kB5JTQyOqhUedr.png
static.realtime-bid.com/n337/ad/
Redirect Chain

https://i.mobopushclick01.com/win_url?req_id=3cb67f29-93a6-11ea-a12e-f23c929b96a5_2020051116&ic=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPW1XZU9JVk9qVjZ3XzAmaW1ndD1pY29u&aim=aHR0cDovL3ht...
http://xml.realtime-bid.com/thumbnail?i=mWeOIVOjV6w_0&imgt=icon
http://static.realtime-bid.com/n337/ad/300x300_N5ZG84kB5JTQyOqhUedr.png

47 KB
47 KB

30ms
18ms

Image
image/png

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.realtime-bid.com/n337/ad/300x300_N5ZG84kB5JTQyOqhUedr.png
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: HTTP/1.1
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1ff112aa4d868347956f7077353fec1d57ad77bf0495c2c91ca6fb3da30cf9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 16:41:19 GMT
Last-Modified: Tue, 14 Apr 2020 10:37:29 GMT
Server: nginx
ETag: "5e959269-bb35"
X-HW: 1589215279.cds121.am5.h2,1589215279.cds009.am5.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47925

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: http://static.realtime-bid.com/n337/ad/300x300_N5ZG84kB5JTQyOqhUedr.png

GET
H/1.1

200
OK

300x300_RfEaCav6Fowrgska3Pkw.png
static.realtime-bid.com/n337/ad/
Redirect Chain

https://i.mobopushclick01.com/win_url?req_id=3cb67f29-93a6-11ea-a12e-f23c929b96a5_2020051116&im=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPW1XZU9JVk9qVjZ3XzA=&aic=aHR0cHM6Ly9pLm1vYm9wdXNo...
http://xml.realtime-bid.com/thumbnail?i=mWeOIVOjV6w_0
http://static.realtime-bid.com/n337/ad/300x300_RfEaCav6Fowrgska3Pkw.png

47 KB
47 KB

49ms
17ms

Image
image/png

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.realtime-bid.com/n337/ad/300x300_RfEaCav6Fowrgska3Pkw.png
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: HTTP/1.1
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1ff112aa4d868347956f7077353fec1d57ad77bf0495c2c91ca6fb3da30cf9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 11 May 2020 16:41:19 GMT
Last-Modified: Tue, 14 Apr 2020 10:37:15 GMT
Server: nginx
ETag: "5e95925b-bb35"
X-HW: 1589215279.cds147.am5.h2,1589215279.cds232.am5.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47925

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: http://static.realtime-bid.com/n337/ad/300x300_RfEaCav6Fowrgska3Pkw.png

GET
H2 404 null
jtsd.happyfeed.net/psh/ 580 B
580 B 20ms
19ms Image
text/html 34.102.249.222
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtsd.happyfeed.net/psh/null
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.249.222 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.249.102.34.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Mon, 11 May 2020 16:41:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
alt-svc: clear
content-length: 580
content-type: text/html

GET
H2 200 conv
rdr.rtbravo.com/brdr/ 0
0 122ms
121ms Image
application/json 107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdr.rtbravo.com/brdr/conv?i=v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&event=bvw&payout=0
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 81ms
27ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: jtsd.happyfeed.net
URL: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 16:41:20 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19177-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1589215280.344978,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 16499

GET
H/1.1 200
OK 716b9007af Show response
bam.nr-data.net/1/ 57 B
275 B 442ms
110ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/716b9007af?a=291159666&v=1167.2a4546b&to=ZFwHMEFTDxZUVU1eWF0WMBZaHREWXRlKQBlZSksUW0I%3D&rst=7851&ref=https://jtsd.happyfeed.net/psh/sw.js&ap=115&be=4915&fe=7765&dc=5160&perf=%7B%22timing%22:%7B%22of%22:1589215272512,%22n%22:0,%22f%22:4709,%22dn%22:4710,%22dne%22:4735,%22c%22:4735,%22s%22:4747,%22ce%22:4764,%22rq%22:4764,%22rp%22:4903,%22rpe%22:4904,%22dl%22:4908,%22di%22:5160,%22ds%22:5160,%22de%22:5160,%22dc%22:7765,%22l%22:7765,%22le%22:7765%7D,%22navigation%22:%7B%7D%7D&at=SBsERglJHBg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://jtsd.happyfeed.net/psh/sw.js?cb=289440644222294ball3v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.happyfeed.net/	1970-01-19 09:28:21	Name: uidsv3 Value: v21cd8n1a76b0pcfmn9giuxs71scqh1t92w7j7ouw7^1589215280

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
besa-mad.com
cdn.adx1.com
click.junmediadirect.com
click.pclk.name
clicks.torromi.com
get.securedcdn.com
i.mobopushclick01.com
images.jordanobruno.live
imp.plsnotifyme.com
js-agent.newrelic.com
jtsd.happyfeed.net
ok.plsnotifyme.com
r.ewoss.com
rdr.rtbravo.com
static.realtime-bid.com
them.in
www.gstatic.com
xml.auxml.com
xml.realtime-bid.com
107.178.249.212
130.211.12.92
131.153.70.114
149.11.201.98
151.101.14.110
151.139.128.11
159.89.225.89
162.247.242.20
172.98.192.36
174.137.133.16
198.134.116.18
198.134.116.30
2600:1f18:40f7:9700:a108:e95a:4ac8:642e
2a00:1450:4001:821::2003
34.102.249.222
35.201.123.4
38.140.142.154
52.72.55.123
69.164.208.23
119bf3ef36b63a1a99052d8eedb9b3e484e2d46598f846c71f247be5cd207142
3a1ff112aa4d868347956f7077353fec1d57ad77bf0495c2c91ca6fb3da30cf9
4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
655b925eb7c449e5308bd0d18b24b7e1380006d7b5cb1b3d668c63922ed4a222
763c9a6c5c42b95647ee00a067cf06e08b1152c86d9a238a14cca65fe2c6dec6
866fa0ea4edf55f024d54a12f87e548669416c3024d23e6bc1ebd90b3bef8597
87c126492beb1dd337353e32952fb09c47b506d0f22900975137d0b90af3e060
8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc
9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0
b71cd34832e419ceeebae1f6bfd9007eab60ebc5d80d90f696be77c6dd1db146
d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45
e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f
e280a986dec023767e9780260764ea473ed2557d0a5e56209a1dd0a83ecb3982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

jtsd.happyfeed.net Open in urlscan Pro 34.102.249.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

84 %HTTPS

11 %IPv6

18 Domains

20 Subdomains

12 IPs

3 Countries

246 kBTransfer

307 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

1 Cookies

Indicators

jtsd.happyfeed.net Open in urlscan Pro
34.102.249.222 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

11 %
IPv6

18
Domains

20
Subdomains

12
IPs

3
Countries

246 kB
Transfer

307 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions