vlkq.happyfeed.net Open in urlscan Pro
34.102.249.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bikmn.net/?bikmn
Effective URL:
https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Submission: On May 14 via api (May 14th 2020, 9:39:53 am UTC) from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 25 domains to perform 21 HTTP transactions. The main IP is 34.102.249.222, located in United States and belongs to GOOGLE, US. The main domain is vlkq.happyfeed.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 4th 2020. Valid for: 3 months.

This is the only time vlkq.happyfeed.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	78.41.204.28 78.41.204.28	62370 (SNEL) (SNEL)
2 2	198.134.116.18 198.134.116.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	52.203.154.39 52.203.154.39	14618 (AMAZON-AES) (AMAZON-AES)
3	107.178.249.212 107.178.249.212	15169 (GOOGLE) (GOOGLE)
1 2	35.201.123.4 35.201.123.4	15169 (GOOGLE) (GOOGLE)
1	34.102.249.222 34.102.249.222	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	130.211.12.92 130.211.12.92	15169 (GOOGLE) (GOOGLE)
2 2	69.164.208.23 69.164.208.23	63949 (LINODE-AP...) (LINODE-AP Linode)
2 2	198.134.116.29 198.134.116.29	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2 2	131.153.70.114 131.153.70.114	19437 (SS-ASH) (SS-ASH)
1 1	38.122.162.114 38.122.162.114	174 (COGENT-174) (COGENT-174)
1 4	149.11.201.98 149.11.201.98	174 (COGENT-174) (COGENT-174)
2 2	174.137.133.16 174.137.133.16	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	2600:1f18:40f... 2600:1f18:40f7:9700:7ee8:3714:8678:680	14618 (AMAZON-AES) (AMAZON-AES)
1 1	173.239.53.18 173.239.53.18	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	104.22.19.89 104.22.19.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	195.201.189.16 195.201.189.16	24940 (HETZNER-AS) (HETZNER-AS)
2 2	144.76.223.70 144.76.223.70	24940 (HETZNER-AS) (HETZNER-AS)
2 2	138.201.31.55 138.201.31.55	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:b4a:1:6::2 2a02:b4a:1:6::2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	213.174.135.32 213.174.135.32	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
21	13

1 78.41.204.28 (Netherlands) 1 redirects

ASN62370 (SNEL, NL)
PTR: server368.snel.com

bikmn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.134.116.18 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.junmediadirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.203.154.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-154-39.compute-1.amazonaws.com

r.ewoss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.249.212 (United States)

ASN15169 (GOOGLE, US)
PTR: 212.249.178.107.bc.googleusercontent.com

rdr.rtbravo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.123.4 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 4.123.201.35.bc.googleusercontent.com

ok.plsnotifyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imp.plsnotifyme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.249.222 (United States)

ASN15169 (GOOGLE, US)
PTR: 222.249.102.34.bc.googleusercontent.com

vlkq.happyfeed.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.12.92 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 92.12.211.130.bc.googleusercontent.com

get.securedcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.164.208.23 (Newark, United States) 2 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li123-23.members.linode.com

i.mobopushclick01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.134.116.29 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.realtime-bid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

static.realtime-bid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 131.153.70.114 (Ashburn, United States) 2 redirects

ASN19437 (SS-ASH, US)

images.jordanobruno.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.122.162.114 (Memphis, United States) 1 redirects

ASN174 (COGENT-174, US)

xml.auxml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.11.201.98 (United States) 1 redirects

ASN174 (COGENT-174, US)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.4armn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.16 (Garden City, United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.pclk.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:40f7:9700:7ee8:3714:8678:680 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

tanit-dio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.18 (Garden City, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.fastdlr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.19.89 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.adport.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.189.16 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.16.189.201.195.clients.your-server.de

tracking.push.sincityinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.223.70 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.223.76.144.clients.your-server.de

tracking.revquake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.31.55 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.31.201.138.clients.your-server.de

4.gotrkpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:6::2 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

evadrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.32 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.imstks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	realtime-bid.com 2 redirects xml.realtime-bid.com static.realtime-bid.com	75 KB
3	adx1.com cdn.adx1.com	76 KB
3	rtbravo.com rdr.rtbravo.com	5 KB
2	imstks.com i.imstks.com	50 KB
2	gotrkpsh.com 2 redirects 4.gotrkpsh.com	498 B
2	revquake.com 2 redirects tracking.revquake.com	716 B
2	sincityinteractive.com 2 redirects tracking.push.sincityinteractive.com	286 B
2	tanit-dio.com tanit-dio.com	16 KB
2	pclk.name 2 redirects click.pclk.name	2 KB
2	jordanobruno.live 2 redirects images.jordanobruno.live	884 B
2	mobopushclick01.com 2 redirects i.mobopushclick01.com	456 B
2	securedcdn.com get.securedcdn.com	18 KB
2	gstatic.com www.gstatic.com	22 KB
2	plsnotifyme.com 1 redirects ok.plsnotifyme.com imp.plsnotifyme.com	3 KB
2	ewoss.com 1 redirects r.ewoss.com	925 B
2	junmediadirect.com 2 redirects click.junmediadirect.com	342 B
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	evadrm.com 1 redirects evadrm.com	109 B
1	4armn.com 1 redirects rtb.4armn.com	107 B
1	adport.io 1 redirects r.adport.io	461 B
1	fastdlr.com 1 redirects xml.fastdlr.com	609 B
1	auxml.com 1 redirects xml.auxml.com	107 B
1	happyfeed.net vlkq.happyfeed.net	8 KB
1	bikmn.net 1 redirects bikmn.net	380 B
21	25

	Domain	Requested by
3	cdn.adx1.com	vlkq.happyfeed.net
3	rdr.rtbravo.com	r.ewoss.com rdr.rtbravo.com vlkq.happyfeed.net
2	i.imstks.com	vlkq.happyfeed.net
2	4.gotrkpsh.com	2 redirects
2	tracking.revquake.com	2 redirects
2	tracking.push.sincityinteractive.com	2 redirects
2	tanit-dio.com	vlkq.happyfeed.net
2	click.pclk.name	2 redirects
2	images.jordanobruno.live	2 redirects
2	static.realtime-bid.com	vlkq.happyfeed.net
2	xml.realtime-bid.com	2 redirects
2	i.mobopushclick01.com	2 redirects
2	get.securedcdn.com	vlkq.happyfeed.net
2	www.gstatic.com	vlkq.happyfeed.net
2	r.ewoss.com	1 redirects
2	click.junmediadirect.com	2 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	vlkq.happyfeed.net
1	evadrm.com	1 redirects
1	rtb.4armn.com	1 redirects
1	r.adport.io	1 redirects
1	xml.fastdlr.com	1 redirects
1	xml.auxml.com	1 redirects
1	imp.plsnotifyme.com	get.securedcdn.com
1	vlkq.happyfeed.net	rdr.rtbravo.com
1	ok.plsnotifyme.com	1 redirects
1	bikmn.net	1 redirects
21	27

This site contains no links.

Subject Issuer	Validity	Valid
rtbravo.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
happyfeed.net Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
securedcdn.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
plsnotifyme.com Let's Encrypt Authority X3	`2020-04-04` - `2020-07-03`	3 months	crt.sh
*.adx1.com Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
tanit-dio.com Amazon	`2020-03-20` - `2021-04-20`	a year	crt.sh
i.imstks.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-26` - `2020-12-25`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-06` - `2021-05-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Frame ID: 81552C98C24A33AEDBB8C0B3C795AA6F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bikmn.net/?bikmn HTTP 302
http://click.junmediadirect.com/click?i=OA69OvIFDmI_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3Lm1hc2tlcnN3aW5rZWwubmwmYj0wLj... HTTP 302
http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995 Page URL
http://click.junmediadirect.com/click?i=GkB1sSYJuhg_0 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz Page URL
https://ok.plsnotifyme.com/lp?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&s=78213e57f50ce5ea6591ae7cfd... HTTP 302
https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

21
Requests

86 %
HTTPS

12 %
IPv6

25
Domains

27
Subdomains

13
IPs

4
Countries

284 kB
Transfer

344 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bikmn.net/?bikmn HTTP 302
http://click.junmediadirect.com/click?i=OA69OvIFDmI_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3Lm1hc2tlcnN3aW5rZWwubmwmYj0wLjAwMDgmcz0yMzY4MzY1 HTTP 302
http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995 Page URL
http://click.junmediadirect.com/click?i=GkB1sSYJuhg_0 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz Page URL
https://ok.plsnotifyme.com/lp?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&s=78213e57f50ce5ea6591ae7cfd9f589c5ed4a4891bb8c2998ecdc6baa149c26bda31ebd10d2257b65e53127308076b267d0d2e7ec33dd62fbe50&ex=b2100&d=www.maskerswinkel.nl HTTP 302
https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bikmn.net/?bikmn HTTP 302
http://click.junmediadirect.com/click?i=OA69OvIFDmI_0 HTTP 302
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3Lm1hc2tlcnN3aW5rZWwubmwmYj0wLjAwMDgmcz0yMzY4MzY1 HTTP 302
http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995

Request Chain 1

http://click.junmediadirect.com/click?i=GkB1sSYJuhg_0 HTTP 302
https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz

Request Chain 9

https://i.mobopushclick01.com/win_url?req_id=d4b93ce4-95c6-11ea-9e7b-f23c929b2f68_2020051409&ic=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPUlMVGY4aFUwQjcwXzAmaW1ndD1pY29u&aim=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPUlMVGY4aFUwQjcwXzA=&mobopixel=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3BpeGVsP2k9SUxUZjhoVTBCNzBfMA== HTTP 302
http://xml.realtime-bid.com/thumbnail?i=ILTf8hU0B70_0&imgt=icon HTTP 302
http://static.realtime-bid.com/n337/ad/300x300_fL63lxnnb4Xu9sBl0fny.png

Request Chain 10

https://i.mobopushclick01.com/win_url?req_id=d4b93ce4-95c6-11ea-9e7b-f23c929b2f68_2020051409&im=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPUlMVGY4aFUwQjcwXzA=&aic=aHR0cHM6Ly9pLm1vYm9wdXNoY2xpY2swMS5jb20vd2luX3VybD9yZXFfaWQ9ZDRiOTNjZTQtOTVjNi0xMWVhLTllN2ItZjIzYzkyOWIyZjY4XzIwMjAwNTE0MDkmaWM9YUhSMGNEb3ZMM2h0YkM1eVpXRnNkR2x0WlMxaWFXUXVZMjl0TDNSb2RXMWlibUZwYkQ5cFBVbE1WR1k0YUZVd1FqY3dYekFtYVcxbmREMXBZMjl1JmFpbT1hSFIwY0RvdkwzaHRiQzV5WldGc2RHbHRaUzFpYVdRdVkyOXRMM1JvZFcxaWJtRnBiRDlwUFVsTVZHWTRhRlV3UWpjd1h6QT0=&mobopixel=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3BpeGVsP2k9SUxUZjhoVTBCNzBfMA== HTTP 302
http://xml.realtime-bid.com/thumbnail?i=ILTf8hU0B70_0 HTTP 302
http://static.realtime-bid.com/n337/ad/300x300_e79TJniNE4BYQvIay09A.png

Request Chain 11

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xNFQwOTozOTozOS40NTZaIiwidHlwZSI6Imljb24iLCJ1aWQiOjYsInRpZCI6NTcsInN1YmlkIjoiMzIwNjQ2MDgiLCJzaWQiOiIiLCJzZWFyY2hfaXAiOiIxODUuMjE3LjE3MS4xMiIsInNlYXJjaF91YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJmaWQiOjc4LCJ1cmwiOiJodHRwczovL3htbC5hdXhtbC5jb20vbWV0cmljcy9zYXZlLmltZz9ldmVudD1pbXByZXNzaW9ucyZiaWRfaWQ9Mjc1OS0yNzU5LTctZmU4YjZjMTAtMjk2NC0yMmY1LWY5NjQtNjNmODY0Y2E1YjRmJmltZz1odHRwcyUzQSUyRiUyRmNkbi5hZHgxLmNvbSUyRjk1MzU0ZjQ3NzUxZGY5NTlhMDA5OGQxNzEyMTliOWM0LnBuZyIsInBpeGVsIjoiIiwiciI6MH0= HTTP 302
https://xml.auxml.com/metrics/save.img?event=impressions&bid_id=2759-2759-7-fe8b6c10-2964-22f5-f964-63f864ca5b4f&img=https%3A%2F%2Fcdn.adx1.com%2F95354f47751df959a0098d171219b9c4.png HTTP 302
https://cdn.adx1.com/95354f47751df959a0098d171219b9c4.png

Request Chain 12

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xNFQwOTozOTozOS40NTZaIiwidHlwZSI6ImltYWdlIiwidWlkIjo2LCJ0aWQiOjU3LCJzdWJpZCI6IjMyMDY0NjA4Iiwic2lkIjoiIiwic2VhcmNoX2lwIjoiMTg1LjIxNy4xNzEuMTIiLCJzZWFyY2hfdWEiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwiZmlkIjo3OCwidXJsIjoiaHR0cHM6Ly9jZG4uYWR4MS5jb20vMzhkY2NjMGYyNTQ3ODczYTNmOGM5MjEzZDc0MGZiMjUuanBnIiwicGl4ZWwiOiIiLCJyIjowfQ== HTTP 302
https://cdn.adx1.com/38dccc0f2547873a3f8c9213d740fb25.jpg

Request Chain 13

http://click.pclk.name/thumbnail?i=tiIqI01iVhY_0&imgt=icon HTTP 302
https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO4kWdiusAL8sdGsQUh8ddYB7zVyrK4L2ERQRKkZ0UuuokVNd0WdAwNms-ReLK1EUlB5VHf4WonCNaEIqYHxnwhjBzmMwT8Q_afVSgALkK6hSiDhYDAYN_z-hoK4_vaJIlaf5UtmeBKORJvhsKS2xxCsTPIRP2YRDmt_EvfoYcEPzVYaUXz8LzVqmmvc5qJnsBUbRKKZBi8Iv-PfpkRm2uHwHOdD28zkVPFOswW6Kf6UTgrU57fRlDh6e4TPsb4GMuCC6Ict2Z3HFPYgq8n_Yxe_nLQdjglTNU23nay4Akjs6whub4pParoIP4rhLMgtwwAkAVLkkAnc9Y8BJU2KqMDIxtOwoz5jEfcJfXtQSAhQBuOlrduglOd0iG00QVskq2JEfNENDNR-EkS0iCxIrNdpCNZL2EF4Hck2-ZuUjVGhkiSopImi7z1CPtsIjcd7kXaUUdg-2vauZ0UrcvW00gMeopfnLUCcXsWUxHnIVCesqdrsOn1rWrz-JpFJaHlwX3Tjd87o=.XNSv0uSdUaKofjr6s1ulsg==

Request Chain 14

http://click.pclk.name/thumbnail?i=tiIqI01iVhY_0 HTTP 302
https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO4kWdiusAL8sdGsQUh8ddYB7zVyrK4L2ERQRKkZ0UuuokVNd0WdAwNms-ReLK1EUlB5VHf4WonCNaEIqYHxnwhjBzmMwT8Q_afVSgALkK6hSiDhYDAYN_z-hoK4_vaJIlaf5UtmeBKORJvhsKS2xxCsTPIRP2YRDmt_EvfoYcEPzVYaUXz8LzVqmmvc5qJnsBUbRKKZBi8Iv-PfpkRm2uHwHOdD28zkVPFOswW6Kf6UTgrU57fRlDh6e4TPsb4GMuCC6Ict2Z3HFPYgq8n_Yxe_nLQdjglTNU23nay4Akjs6whub4pParoIP4rhLMgtwwAkAVLkkAnc9Y8BJU2KqMDIxtOwoz5jEfcJfXtQSAhQBuOlrduglOd0iG00QVskq2JEfNENDNR-EkS0iCxIrNdpCNZL2EF4Hck2-ZuUjVGhkiSopImi7z1CPtsIjcd7kXaUUdg-2vauZ0UrcvW00gMeopfnLUCcXsWUxHnIVCesqdrsOn1rWrz-JpFJaHlwX3Tjd87o=.XNSv0uSdUaKofjr6s1ulsg==

Request Chain 15

http://xml.fastdlr.com/thumbnail?i=imDzBXNMDgg_0&imgt=icon HTTP 302
https://r.adport.io/ix/ic/EClHeP33V_V0FUAgk0i4Iw7QDIPT_YuQJs2BqL3c4UYROqW8tGjmypZMH6oDMQMkrkHt3SYXFMRoiyu7Q_01JiEBYlgg-6Zw1QFg5ZMIrtmaNis_ZeYSYONoJ5E26yoOeU1CMHxwXCqCvq97u5_4Kg33p93MtfA5hasl3HAjrapUpjVCZvpu9GKzLXmUKd07BCdo28DMDQRpEgz7bDuiqhy1PEmHWBtrRbJ8OYjnjrWBaGVWR9VUqACBcbj0BaTs7i4YRA8VwUjaUCh8gZJw8xGqQYKPJ6FGULlm1jh6U_BTcE3hWAUmhXOGuLthntH80Yy7QuW8dPLV99t28eeC9QsrvZCtrAf38QMgutEyqknMZOSQjUHWi9GHfkTOd3Kazmln4fJ26Xypef6o7dxDoyeGE1t5SLe_iUlHzj7KgpTcmDcMDoRTR-R1mn3u3lNktqfYu_0LMF5-xS9TjiW4BwgUCTSxkwfYvDAHi4V5Q3ZGXdD1NhqDWxq-GQ HTTP 302
https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=4916-4916-7-1f4d3d8a-6c16-cccf-5724-69c18bd235bd&img=https%3A%2F%2Fcdn.adx1.com%2F5f2050bce828dac1734c5a48b9359a3c.png HTTP 302
https://cdn.adx1.com/5f2050bce828dac1734c5a48b9359a3c.png

Request Chain 16

https://tracking.push.sincityinteractive.com/impress?id=44c44046-af0f-42f8-8583-39f84962e939 HTTP 301
https://tracking.revquake.com/impress?id=436544d2-aed4-40d3-8b69-8642810b6854 HTTP 301
https://4.gotrkpsh.com/ic?sid=2&data=HoHFkG%2Bvg481dWdoVjO2SK5lNIIdX9ToNaj%2F4mLtaoVKyFoK5iqguZkZvjDt%2F7aVURJ3bYxMJLkcySJNV%2BpZl54uVZdJkOtjvK9AkxfmEgNZcI5dk7cZOgEL6oPFDIo0Ws%2Bh1Z%2BKoLhNbuBNdWhNPV1DGbHZBFPYUIByNpvmfZDM1vJ2TFVTvrF1cMhv56u4dIQjEObuzQBqRsPI0Oc6i1zBU5NxovqWsK%2BFY%2B0VVaZ5CCr0LcGlRit%2BPK9m27F%2FUFSqLq%2BQz4jyiSZeKovfX3w84ChNdsf796tOAlYO3bU%3D HTTP 302
https://evadrm.com/dsp/ph/icm?aid=12293400972926535630&mid=0&sid=355&t=1589449179 HTTP 302
https://i.imstks.com/cic/dgMuSihhQQAHPx9QZmyznswdw1V3Q2CN.png

Request Chain 17

https://tracking.push.sincityinteractive.com/image?id=44c44046-af0f-42f8-8583-39f84962e939 HTTP 301
https://tracking.revquake.com/image?id=436544d2-aed4-40d3-8b69-8642810b6854 HTTP 301
https://4.gotrkpsh.com/im?sid=2&data=9Ngq7WgJ19TZlshDvNw7yGuWt%2BUY0wLiYI0t5f9j0g47w9D4jjF1QozhCEJo94f2MbwyHzm5YdtUVxPQIcCtKeGLVBxtNIe5GfNysqd6qgNmMnAp%2BOwulSxe%2FPYjDKo2CFY9PmJSgQbqMV4GcXBJrZa5TOnow73ZfNjIlqb2%2BDFD2sEjnwKoQarOX%2BKf8fScvgzSDhAEAXGKNVkd%2Fk6TBrNia6NgpWqN9VMTxSc6ktu5PNwYuXKO8deXIcl7RLvpGixANGEiTig2Pd%2FOKrwQ9g%3D%3D HTTP 302
https://i.imstks.com/cim/Y8OuR8209XJlfe2NmN_MUw6KrxZ4v8Mn.png

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set out.aspx Show response
r.ewoss.com/
Redirect Chain

http://bikmn.net/?bikmn
http://click.junmediadirect.com/click?i=OA69OvIFDmI_0
http://r.ewoss.com/go.ashx?w=cD1leHBsb3JhZHNqdW5uaWZ5ZG9tJms9d3d3Lm1hc2tlcnN3aW5rZWwubmwmYj0wLjAwMDgmcz0yMzY4MzY1
http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995

322 B
651 B

100ms
100ms

Document
text/html

52.203.154.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995
Protocol: HTTP/1.1
Server: 52.203.154.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-154-39.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: fe055e199d64b522752b5a72b191bc672b3740b380a7b6c5916c9928b09c835d

Request headers

Host: r.ewoss.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 14 May 2020 09:39:37 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ASP.NET_SessionId=5mpvzotanp2vfa0dcw0ubqqz; path=/; HttpOnly
Vary: Accept-Encoding
Content-Length: 337
Connection: keep-alive

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Thu, 14 May 2020 09:39:37 GMT
Location: http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995
Server: Microsoft-IIS/10.0
Content-Length: 183
Connection: keep-alive

GET
H2

200

p Show response
rdr.rtbravo.com/brdr/
Redirect Chain

http://click.junmediadirect.com/click?i=GkB1sSYJuhg_0
https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz

4 KB
5 KB

178ms
124ms

Document
text/html

107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Requested by: Host: r.ewoss.com
URL: http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bcee2edb77ae144f9b3075af9360fe2459f37732bae3a8f32e3129ac6f0cbd7f

Request headers

:method: GET
:authority: rdr.rtbravo.com
:scheme: https
:path: /brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://r.ewoss.com/out.aspx?u=5b4c6471-e8b7-4881-a26d-b1db96f04995

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Thu, 14 May 2020 09:39:38 GMT
content-type: text/html; charset=utf-8
content-length: 4546
etag: W/"11c2-4I9ciGzbd9JdiTIidi0Y3A"
via: 1.1 google
alt-svc: clear

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 oij23rewlnkads
rdr.rtbravo.com/brdr/ 235 B
348 B 126ms
126ms XHR
application/json 107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rdr.rtbravo.com/brdr/oij23rewlnkads?i=eyJiaWRpZCI6InYyMDl1MDRoODlic254OHJlOHN5dDJ0ZDl1a3AyYjVvMmZyMDR4a2doeiIsImlzaWYiOiJuby1pZnJhbWUiLCJwbWZzIjowLCJpbmZyYW1lIjpmYWxzZSwic2l6ZSI6IjE2MDB4MTIwMCIsInJlZiI6InIuZXdvc3MuY29tIiwiZnJlZiI6Imh0dHA6Ly9yLmV3b3NzLmNvbS9vdXQuYXNweD91PTViNGM2NDcxLWU4YjctNDg4MS1hMjZkLWIxZGI5NmYwNDk5NSIsImlzZm9jdXMiOnRydWV9
Requested by: Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"eb-Gn8q38EeRKUHT3Xw5K3J8g"
content-type: application/json; charset=utf-8
status: 200
alt-svc: clear
content-length: 235

GET
H2

200

Primary Request sw.js Show response
vlkq.happyfeed.net/psh/
Redirect Chain

https://ok.plsnotifyme.com/lp?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&s=78213e57f50ce5ea6591ae7cfd9f589c5ed4a4891bb8c2998ecdc6baa149c26bda31ebd10d2257b65e53127308076b267d0d2e7ec33dd62fbe50&ex=...
https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100

8 KB
8 KB

207ms
139ms

Document
text/html

34.102.249.222
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Requested by: Host: rdr.rtbravo.com
URL: https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.249.222 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 222.249.102.34.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ec10adbcbeb0383b2b8c5d5ecd502777a740b74fcdda5189dd9a3810c875860e

Request headers

:method: GET
:authority: vlkq.happyfeed.net
:scheme: https
:path: /psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rdr.rtbravo.com/brdr/p?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Thu, 14 May 2020 09:39:38 GMT
content-type: text/html;charset=UTF-8
cache-control: no-cache
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
server: nginx/1.10.3 (Ubuntu)
date: Thu, 14 May 2020 09:39:38 GMT
content-type: text/html; charset=utf-8
content-length: 274
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
location: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
vary: Accept
via: 1.1 google
alt-svc: clear

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.5.7/ 34 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.7/firebase-app.js

Requested by

Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 01:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:05:34 GMT
server: sffe
age: 3053941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12419
x-xss-protection: 0
expires: Fri, 09 Apr 2021 01:20:37 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.5.7/ 35 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.5.7/firebase-messaging.js

Requested by

Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 11:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 22:05:34 GMT
server: sffe
age: 81175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10096
x-xss-protection: 0
expires: Thu, 13 May 2021 11:06:43 GMT

GET
H2 200 imp Show response
get.securedcdn.com/lp/ 8 KB
8 KB 183ms
153ms Script
text/javascript 130.211.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.12.211.130.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 09076b4484a559d4c2f1827c571d747338f6eec34e26cc2fec50130a3b5b30fb

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 May 2020 09:39:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"201f-1b50XR7Do9uzU7Gm1RUvV5OB2k8"
surrogate-control: no-store
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 8223
expires: 0

GET
H2 200 signup Show response
get.securedcdn.com/sub/ 10 KB
10 KB 54ms
24ms Script
text/javascript 130.211.12.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://get.securedcdn.com/sub/signup?a=b2100&lp=pushallow&vid=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.12.92 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 92.12.211.130.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 May 2020 09:39:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"276b-jEwo2yXUAv2hpuqeBWpvGeokuvk"
surrogate-control: no-store
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 10091
expires: 0

GET
H2 200 get Show response
imp.plsnotifyme.com/feed/ 3 KB
3 KB 1503ms
1496ms Script
application/json 35.201.123.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imp.plsnotifyme.com/feed/get?v=2&s=pushallow&uid=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Requested by: Host: get.securedcdn.com
URL: https://get.securedcdn.com/lp/imp?v=2&s=pushallow&uid=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.4 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 4.123.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8053eddf406363f58b8f3c2aff1361daf19a85c41304345c3bf4a69fc5f1ebf2

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 May 2020 09:39:40 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
etag: W/"a0e-ggvKeKRFn66rIj6PHlyNA6B1qzA"
surrogate-control: no-store
content-type: application/json; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
alt-svc: clear
content-length: 2574
expires: 0

GET
H/1.1

200
OK

300x300_fL63lxnnb4Xu9sBl0fny.png
static.realtime-bid.com/n337/ad/
Redirect Chain

https://i.mobopushclick01.com/win_url?req_id=d4b93ce4-95c6-11ea-9e7b-f23c929b2f68_2020051409&ic=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPUlMVGY4aFUwQjcwXzAmaW1ndD1pY29u&aim=aHR0cDovL3ht...
http://xml.realtime-bid.com/thumbnail?i=ILTf8hU0B70_0&imgt=icon
http://static.realtime-bid.com/n337/ad/300x300_fL63lxnnb4Xu9sBl0fny.png

31 KB
31 KB

47ms
16ms

Image
image/png

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.realtime-bid.com/n337/ad/300x300_fL63lxnnb4Xu9sBl0fny.png
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: HTTP/1.1
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 46c057c7e9b5796c89fe13760dd654ba2d4d5d2b955b4a3f78c1d78e33988ba1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 May 2020 09:39:41 GMT
Last-Modified: Tue, 18 Feb 2020 13:06:45 GMT
Server: nginx
ETag: "5e4be165-7a5d"
X-HW: 1589449181.cds136.am5.h2,1589449181.cds218.am5.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31325

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: http://static.realtime-bid.com/n337/ad/300x300_fL63lxnnb4Xu9sBl0fny.png

GET
H/1.1

200
OK

300x300_e79TJniNE4BYQvIay09A.png
static.realtime-bid.com/n337/ad/
Redirect Chain

https://i.mobopushclick01.com/win_url?req_id=d4b93ce4-95c6-11ea-9e7b-f23c929b2f68_2020051409&im=aHR0cDovL3htbC5yZWFsdGltZS1iaWQuY29tL3RodW1ibmFpbD9pPUlMVGY4aFUwQjcwXzA=&aic=aHR0cHM6Ly9pLm1vYm9wdXNo...
http://xml.realtime-bid.com/thumbnail?i=ILTf8hU0B70_0
http://static.realtime-bid.com/n337/ad/300x300_e79TJniNE4BYQvIay09A.png

43 KB
43 KB

36ms
16ms

Image
image/png

151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.realtime-bid.com/n337/ad/300x300_e79TJniNE4BYQvIay09A.png
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: HTTP/1.1
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c2d29ccd0fc98f1abe6bcf4950a26da131a6409e3d8042762385f42451660b97

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 May 2020 09:39:41 GMT
Last-Modified: Tue, 18 Feb 2020 13:05:58 GMT
Server: nginx
ETag: "5e4be136-abc0"
X-HW: 1589449181.cds056.am5.h2,1589449181.cds142.am5.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43968

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: http://static.realtime-bid.com/n337/ad/300x300_e79TJniNE4BYQvIay09A.png

GET
H2

200

95354f47751df959a0098d171219b9c4.png
cdn.adx1.com/
Redirect Chain

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xNFQwOTozOTozOS40NTZaIiwidHlwZSI6Imljb24iLCJ1aWQiOjYsInRpZCI6NTcsInN1YmlkIjoiMzIwNjQ2MDgiLCJzaWQiOiIiLCJzZWFyY2hfaXAiOiIxODUuM...
https://xml.auxml.com/metrics/save.img?event=impressions&bid_id=2759-2759-7-fe8b6c10-2964-22f5-f964-63f864ca5b4f&img=https%3A%2F%2Fcdn.adx1.com%2F95354f47751df959a0098d171219b9c4.png
https://cdn.adx1.com/95354f47751df959a0098d171219b9c4.png

15 KB
16 KB

14ms
14ms

Image
image/png

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/95354f47751df959a0098d171219b9c4.png
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 01e4627dad98251e2a112f58ef31d6f8e0c57da1fcbc578ff4152ca58f6ea02a

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:41 GMT
last-modified: Sun, 30 Dec 2018 10:56:29 GMT
server: openresty/1.15.8.3
etag: "5c28a45d-3dcf"
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 15823
expires: Thu, 28 May 2020 09:15:41 GMT

Redirect headers

status: 302
date: Thu, 14 May 2020 09:39:41 GMT
server: openresty/1.15.8.3
content-length: 0
location: https://cdn.adx1.com/95354f47751df959a0098d171219b9c4.png

GET
H2

200

38dccc0f2547873a3f8c9213d740fb25.jpg
cdn.adx1.com/
Redirect Chain

https://images.jordanobruno.live/image/feed/?id=eyJkYXRlIjoiMjAyMC0wNS0xNFQwOTozOTozOS40NTZaIiwidHlwZSI6ImltYWdlIiwidWlkIjo2LCJ0aWQiOjU3LCJzdWJpZCI6IjMyMDY0NjA4Iiwic2lkIjoiIiwic2VhcmNoX2lwIjoiMTg1L...
https://cdn.adx1.com/38dccc0f2547873a3f8c9213d740fb25.jpg

35 KB
35 KB

155ms
13ms

Image
image/jpeg

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/38dccc0f2547873a3f8c9213d740fb25.jpg
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0adc5df00ed68771efe2beb31c16664596fbde608b640bf9810dfc5641e57dd7

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:40 GMT
last-modified: Sun, 30 Dec 2018 10:56:28 GMT
server: openresty/1.15.8.3
etag: "5c28a45c-8ca3"
content-type: image/jpeg
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 36003
expires: Thu, 14 May 2020 09:58:55 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 May 2020 09:39:40 GMT
X-Powered-By: Express
Surrogate-Control: no-store
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://cdn.adx1.com/38dccc0f2547873a3f8c9213d740fb25.jpg
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 79
Expires: 0

GET
H2

200

5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO...
tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/
Redirect Chain

http://click.pclk.name/thumbnail?i=tiIqI01iVhY_0&imgt=icon
https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhG...

8 KB
8 KB

339ms
172ms

Image
image/webp

2600:1f18:40f7:9700:7ee8:3714:8678:680
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO4kWdiusAL8sdGsQUh8ddYB7zVyrK4L2ERQRKkZ0UuuokVNd0WdAwNms-ReLK1EUlB5VHf4WonCNaEIqYHxnwhjBzmMwT8Q_afVSgALkK6hSiDhYDAYN_z-hoK4_vaJIlaf5UtmeBKORJvhsKS2xxCsTPIRP2YRDmt_EvfoYcEPzVYaUXz8LzVqmmvc5qJnsBUbRKKZBi8Iv-PfpkRm2uHwHOdD28zkVPFOswW6Kf6UTgrU57fRlDh6e4TPsb4GMuCC6Ict2Z3HFPYgq8n_Yxe_nLQdjglTNU23nay4Akjs6whub4pParoIP4rhLMgtwwAkAVLkkAnc9Y8BJU2KqMDIxtOwoz5jEfcJfXtQSAhQBuOlrduglOd0iG00QVskq2JEfNENDNR-EkS0iCxIrNdpCNZL2EF4Hck2-ZuUjVGhkiSopImi7z1CPtsIjcd7kXaUUdg-2vauZ0UrcvW00gMeopfnLUCcXsWUxHnIVCesqdrsOn1rWrz-JpFJaHlwX3Tjd87o=.XNSv0uSdUaKofjr6s1ulsg==
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:7ee8:3714:8678:680 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 119bf3ef36b63a1a99052d8eedb9b3e484e2d46598f846c71f247be5cd207142

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 14 May 2020 09:39:40 GMT
content-disposition: inline;filename=f.txt
content-length: 8336
content-type: image/webp

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO4kWdiusAL8sdGsQUh8ddYB7zVyrK4L2ERQRKkZ0UuuokVNd0WdAwNms-ReLK1EUlB5VHf4WonCNaEIqYHxnwhjBzmMwT8Q_afVSgALkK6hSiDhYDAYN_z-hoK4_vaJIlaf5UtmeBKORJvhsKS2xxCsTPIRP2YRDmt_EvfoYcEPzVYaUXz8LzVqmmvc5qJnsBUbRKKZBi8Iv-PfpkRm2uHwHOdD28zkVPFOswW6Kf6UTgrU57fRlDh6e4TPsb4GMuCC6Ict2Z3HFPYgq8n_Yxe_nLQdjglTNU23nay4Akjs6whub4pParoIP4rhLMgtwwAkAVLkkAnc9Y8BJU2KqMDIxtOwoz5jEfcJfXtQSAhQBuOlrduglOd0iG00QVskq2JEfNENDNR-EkS0iCxIrNdpCNZL2EF4Hck2-ZuUjVGhkiSopImi7z1CPtsIjcd7kXaUUdg-2vauZ0UrcvW00gMeopfnLUCcXsWUxHnIVCesqdrsOn1rWrz-JpFJaHlwX3Tjd87o=.XNSv0uSdUaKofjr6s1ulsg==

GET
H2

200

http://click.pclk.name/thumbnail?i=tiIqI01iVhY_0
https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhG...

8 KB
8 KB

286ms
92ms

Image
image/webp

2600:1f18:40f7:9700:7ee8:3714:8678:680
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO4kWdiusAL8sdGsQUh8ddYB7zVyrK4L2ERQRKkZ0UuuokVNd0WdAwNms-ReLK1EUlB5VHf4WonCNaEIqYHxnwhjBzmMwT8Q_afVSgALkK6hSiDhYDAYN_z-hoK4_vaJIlaf5UtmeBKORJvhsKS2xxCsTPIRP2YRDmt_EvfoYcEPzVYaUXz8LzVqmmvc5qJnsBUbRKKZBi8Iv-PfpkRm2uHwHOdD28zkVPFOswW6Kf6UTgrU57fRlDh6e4TPsb4GMuCC6Ict2Z3HFPYgq8n_Yxe_nLQdjglTNU23nay4Akjs6whub4pParoIP4rhLMgtwwAkAVLkkAnc9Y8BJU2KqMDIxtOwoz5jEfcJfXtQSAhQBuOlrduglOd0iG00QVskq2JEfNENDNR-EkS0iCxIrNdpCNZL2EF4Hck2-ZuUjVGhkiSopImi7z1CPtsIjcd7kXaUUdg-2vauZ0UrcvW00gMeopfnLUCcXsWUxHnIVCesqdrsOn1rWrz-JpFJaHlwX3Tjd87o=.XNSv0uSdUaKofjr6s1ulsg==
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:40f7:9700:7ee8:3714:8678:680 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 119bf3ef36b63a1a99052d8eedb9b3e484e2d46598f846c71f247be5cd207142

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 14 May 2020 09:39:40 GMT
content-disposition: inline;filename=f.txt
content-length: 8336
content-type: image/webp

Redirect headers

Connection: keep-alive
Content-Length: 0
Location: https://tanit-dio.com/imp/d4bab312-95c6-11ea-bfd1-127f9580d809/1/5bH0It0ULrlMsYRtK8CG_EZGgCvpaWYhDPBv5J9xq3KMkN6SYLt5FYcTHA84dmfFfitVaZpmnVGemNcadU1spE87TnNf9b571FN_5Qnqh70dWyVAM0C0eYHxahXYKDljrKhGpkIg2RNJtPb0Xpo_fjm_nOYiaOPaaVbHYRz4TtBoRXgVpBGMRFLio6gIkJsfXOqYO4kWdiusAL8sdGsQUh8ddYB7zVyrK4L2ERQRKkZ0UuuokVNd0WdAwNms-ReLK1EUlB5VHf4WonCNaEIqYHxnwhjBzmMwT8Q_afVSgALkK6hSiDhYDAYN_z-hoK4_vaJIlaf5UtmeBKORJvhsKS2xxCsTPIRP2YRDmt_EvfoYcEPzVYaUXz8LzVqmmvc5qJnsBUbRKKZBi8Iv-PfpkRm2uHwHOdD28zkVPFOswW6Kf6UTgrU57fRlDh6e4TPsb4GMuCC6Ict2Z3HFPYgq8n_Yxe_nLQdjglTNU23nay4Akjs6whub4pParoIP4rhLMgtwwAkAVLkkAnc9Y8BJU2KqMDIxtOwoz5jEfcJfXtQSAhQBuOlrduglOd0iG00QVskq2JEfNENDNR-EkS0iCxIrNdpCNZL2EF4Hck2-ZuUjVGhkiSopImi7z1CPtsIjcd7kXaUUdg-2vauZ0UrcvW00gMeopfnLUCcXsWUxHnIVCesqdrsOn1rWrz-JpFJaHlwX3Tjd87o=.XNSv0uSdUaKofjr6s1ulsg==

GET
H2

200

5f2050bce828dac1734c5a48b9359a3c.png
cdn.adx1.com/
Redirect Chain

http://xml.fastdlr.com/thumbnail?i=imDzBXNMDgg_0&imgt=icon
https://r.adport.io/ix/ic/EClHeP33V_V0FUAgk0i4Iw7QDIPT_YuQJs2BqL3c4UYROqW8tGjmypZMH6oDMQMkrkHt3SYXFMRoiyu7Q_01JiEBYlgg-6Zw1QFg5ZMIrtmaNis_ZeYSYONoJ5E26yoOeU1CMHxwXCqCvq97u5_4Kg33p93MtfA5hasl3HAjrap...
https://rtb.4armn.com/metrics/save.img?event=impressions&bid_id=4916-4916-7-1f4d3d8a-6c16-cccf-5724-69c18bd235bd&img=https%3A%2F%2Fcdn.adx1.com%2F5f2050bce828dac1734c5a48b9359a3c.png
https://cdn.adx1.com/5f2050bce828dac1734c5a48b9359a3c.png

24 KB
25 KB

149ms
31ms

Image
image/png

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/5f2050bce828dac1734c5a48b9359a3c.png
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:40 GMT
last-modified: Wed, 24 Apr 2019 10:33:55 GMT
server: openresty/1.15.8.3
etag: "5cc03b93-61ad"
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 25005
expires: Thu, 28 May 2020 08:59:30 GMT

Redirect headers

status: 302
date: Thu, 14 May 2020 09:39:40 GMT
server: openresty/1.15.8.3
content-length: 0
location: https://cdn.adx1.com/5f2050bce828dac1734c5a48b9359a3c.png

GET
H2

200

dgMuSihhQQAHPx9QZmyznswdw1V3Q2CN.png
i.imstks.com/cic/
Redirect Chain

https://tracking.push.sincityinteractive.com/impress?id=44c44046-af0f-42f8-8583-39f84962e939
https://tracking.revquake.com/impress?id=436544d2-aed4-40d3-8b69-8642810b6854
https://4.gotrkpsh.com/ic?sid=2&data=HoHFkG%2Bvg481dWdoVjO2SK5lNIIdX9ToNaj%2F4mLtaoVKyFoK5iqguZkZvjDt%2F7aVURJ3bYxMJLkcySJNV%2BpZl54uVZdJkOtjvK9AkxfmEgNZcI5dk7cZOgEL6oPFDIo0Ws%2Bh1Z%2BKoLhNbuBNdWhN...
https://evadrm.com/dsp/ph/icm?aid=12293400972926535630&mid=0&sid=355&t=1589449179
https://i.imstks.com/cic/dgMuSihhQQAHPx9QZmyznswdw1V3Q2CN.png

13 KB
14 KB

15ms
14ms

Image
image/jpeg

213.174.135.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imstks.com/cic/dgMuSihhQQAHPx9QZmyznswdw1V3Q2CN.png

Requested by

Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

213.174.135.32 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

a939485ccdbfe6581462e6edec281d97c197ac10d5c57d5cf9e628fbd159d4cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:42 GMT
server: nginx/1.17.6
status: 200
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 May 2020 21:39:42 GMT
cache-control: max-age=43200
x-proxy-cache: HIT

Redirect headers

status: 302
date: Thu, 14 May 2020 09:39:42 GMT
server: nginx/1.17.4
content-length: 0
location: https://i.imstks.com/cic/dgMuSihhQQAHPx9QZmyznswdw1V3Q2CN.png

GET
H2

200

Y8OuR8209XJlfe2NmN_MUw6KrxZ4v8Mn.png
i.imstks.com/cim/
Redirect Chain

https://tracking.push.sincityinteractive.com/image?id=44c44046-af0f-42f8-8583-39f84962e939
https://tracking.revquake.com/image?id=436544d2-aed4-40d3-8b69-8642810b6854
https://4.gotrkpsh.com/im?sid=2&data=9Ngq7WgJ19TZlshDvNw7yGuWt%2BUY0wLiYI0t5f9j0g47w9D4jjF1QozhCEJo94f2MbwyHzm5YdtUVxPQIcCtKeGLVBxtNIe5GfNysqd6qgNmMnAp%2BOwulSxe%2FPYjDKo2CFY9PmJSgQbqMV4GcXBJrZa5TO...
https://i.imstks.com/cim/Y8OuR8209XJlfe2NmN_MUw6KrxZ4v8Mn.png

36 KB
37 KB

42ms
13ms

Image
image/jpeg

213.174.135.32
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imstks.com/cim/Y8OuR8209XJlfe2NmN_MUw6KrxZ4v8Mn.png

Requested by

Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

213.174.135.32 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

79c616adb2611b8e68fe0b9e17376650a186f8d8a3e3f99ab93c885c32f59bed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:42 GMT
server: nginx/1.17.6
status: 200
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 14 May 2020 21:39:42 GMT
cache-control: max-age=43200
x-proxy-cache: HIT

Redirect headers

Location: https://i.imstks.com/cim/Y8OuR8209XJlfe2NmN_MUw6KrxZ4v8Mn.png
Date: Thu, 14 May 2020 09:39:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 conv
rdr.rtbravo.com/brdr/ 0
0 127ms
127ms Image
application/json 107.178.249.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdr.rtbravo.com/brdr/conv?i=v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&event=bvw&payout=0
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.249.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.249.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 59ms
21ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: vlkq.happyfeed.net
URL: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 09:39:42 GMT
content-encoding: gzip
x-amz-request-id: 9F168BA697B778D0
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by: cache-hhn4034-HHN
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1589449182.261484,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 917

GET
H/1.1 200
OK 716b9007af Show response
bam.nr-data.net/1/ 57 B
275 B 439ms
110ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/716b9007af?a=291159666&v=1167.2a4546b&to=ZFwHMEFTDxZUVU1eWF0WMBZaHREWXRlKQBlZSksUW0I%3D&rst=4002&ref=https://vlkq.happyfeed.net/psh/sw.js&ap=119&be=411&fe=3939&dc=635&perf=%7B%22timing%22:%7B%22of%22:1589449178273,%22n%22:0,%22f%22:190,%22dn%22:191,%22dne%22:230,%22c%22:230,%22s%22:241,%22ce%22:258,%22rq%22:258,%22rp%22:398,%22rpe%22:399,%22dl%22:403,%22di%22:635,%22ds%22:635,%22de%22:635,%22dc%22:3939,%22l%22:3939,%22le%22:3939%7D,%22navigation%22:%7B%7D%7D&at=SBsERglJHBg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://vlkq.happyfeed.net/psh/sw.js?cb=289483244377523ball3v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz&ex=b2100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.happyfeed.net/	1970-01-19 09:32:15	Name: uidsv3 Value: v209u04h89bsnx8re8syt2td9ukp2b5o2fr04xkghz^1589449182

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.gotrkpsh.com
bam.nr-data.net
bikmn.net
cdn.adx1.com
click.junmediadirect.com
click.pclk.name
evadrm.com
get.securedcdn.com
i.imstks.com
i.mobopushclick01.com
images.jordanobruno.live
imp.plsnotifyme.com
js-agent.newrelic.com
ok.plsnotifyme.com
r.adport.io
r.ewoss.com
rdr.rtbravo.com
rtb.4armn.com
static.realtime-bid.com
tanit-dio.com
tracking.push.sincityinteractive.com
tracking.revquake.com
vlkq.happyfeed.net
www.gstatic.com
xml.auxml.com
xml.fastdlr.com
xml.realtime-bid.com
104.22.19.89
107.178.249.212
130.211.12.92
131.153.70.114
138.201.31.55
144.76.223.70
149.11.201.98
151.101.114.110
151.139.128.11
162.247.242.21
173.239.53.18
174.137.133.16
195.201.189.16
198.134.116.18
198.134.116.29
213.174.135.32
2600:1f18:40f7:9700:7ee8:3714:8678:680
2a00:1450:4001:820::2003
2a02:b4a:1:6::2
34.102.249.222
35.201.123.4
38.122.162.114
52.203.154.39
69.164.208.23
78.41.204.28
01e4627dad98251e2a112f58ef31d6f8e0c57da1fcbc578ff4152ca58f6ea02a
09076b4484a559d4c2f1827c571d747338f6eec34e26cc2fec50130a3b5b30fb
0adc5df00ed68771efe2beb31c16664596fbde608b640bf9810dfc5641e57dd7
119bf3ef36b63a1a99052d8eedb9b3e484e2d46598f846c71f247be5cd207142
46c057c7e9b5796c89fe13760dd654ba2d4d5d2b955b4a3f78c1d78e33988ba1
4f6a938b2286c5cbd6999a584a32ef176d9f9ba18af608f8f6226a856ef8d018
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
79c616adb2611b8e68fe0b9e17376650a186f8d8a3e3f99ab93c885c32f59bed
8053eddf406363f58b8f3c2aff1361daf19a85c41304345c3bf4a69fc5f1ebf2
8fc22626a2c0d84180ce8ae5305edcb1dadc961d941e38619223d5889a7920cc
a939485ccdbfe6581462e6edec281d97c197ac10d5c57d5cf9e628fbd159d4cf
bcee2edb77ae144f9b3075af9360fe2459f37732bae3a8f32e3129ac6f0cbd7f
c2d29ccd0fc98f1abe6bcf4950a26da131a6409e3d8042762385f42451660b97
d632b3c9689bdabf6e0f30cbc6f496bc690c9c4aa4574cf6322a3e2c36de5f45
e0be0c764f4a77affb63a8515b59d47fd5b5f998ddebeba65af8128a9b85790f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec10adbcbeb0383b2b8c5d5ecd502777a740b74fcdda5189dd9a3810c875860e
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fe055e199d64b522752b5a72b191bc672b3740b380a7b6c5916c9928b09c835d

vlkq.happyfeed.net Open in urlscan Pro 34.102.249.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

86 %HTTPS

12 %IPv6

25 Domains

27 Subdomains

13 IPs

4 Countries

284 kBTransfer

344 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

vlkq.happyfeed.net Open in urlscan Pro
34.102.249.222 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

86 %
HTTPS

12 %
IPv6

25
Domains

27
Subdomains

13
IPs

4
Countries

284 kB
Transfer

344 kB
Size

1
Cookies

21 HTTP transactions
1 data transactions