urlscan.io logo urlscan.io
SecurityTrails logo

ftp8.org Open in urlscan Pro
104.153.46.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://funzonehere.ml/
Effective URL: http://ftp8.org/TweetPeets/redirect_locopengu.php
Submission: On October 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 15 domains to perform 30 HTTP transactions. The main IP is 104.153.46.194, located in Nanuet, United States and belongs to WEBLINE19 - Webline Services Inc, US. The main domain is ftp8.org.
This is the only time ftp8.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 195.20.48.239 31624 (VFMNL-AS ...)
1 104.153.46.194 29757 (WEBLINE19)
4 2a00:1450:400... 15169 (GOOGLE)
4 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 78.140.188.189 35415 (WEBZILLA)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 216.58.210.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 78.140.191.94 35415 (WEBZILLA)
1 194.187.98.220 35415 (WEBZILLA)
30 11
1    195.20.48.239 (Netherlands)

ASN31624 (VFMNL-AS Amsterdam Location BGP Setup, NL)
funzonehere.ml
1    104.153.46.194 (Nanuet, United States)

ASN29757 (WEBLINE19 - Webline Services Inc, US)
ftp8.org
4    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
4    2400:cb00:2048:1::681b:8338 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
ceesty.com
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
4    78.140.188.189 (Netherlands)

ASN35415 (WEBZILLA, NL)
static.sh.st
ads.shorte.st
3    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagservices.com
adservice.google.com
pagead2.googlesyndication.com
2    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
4    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra16s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:816::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
tpc.googlesyndication.com
1    78.140.191.94 (Netherlands)

ASN35415 (WEBZILLA, NL)
go.oclasrv.com
1    194.187.98.220 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 194.187.98.220.webazilla.com
deloton.com
Domain Requested by
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
4 ceesty.com ceesty.com
4 www.google-analytics.com ftp8.org
ceesty.com
3 static.sh.st ceesty.com
2 fonts.gstatic.com ceesty.com
1 deloton.com ceesty.com
1 go.oclasrv.com 1 redirects
1 ads.shorte.st ceesty.com
static.sh.st
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 www.googletagservices.com ceesty.com
1 fonts.googleapis.com ceesty.com
1 ftp8.org
1 funzonehere.ml 1 redirects
0 mt.rtmark.net Failed ftp8.org
30 16

This site contains links to these domains. Also see Links.

Domain
shorte.st
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2017-10-17 -
2018-01-09		 3 months crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-10-17 -
2017-12-29		 2 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-10-17 -
2018-01-09		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-10-17 -
2017-12-29		 2 months crt.sh

This page contains 6 frames:

Frame: http://ceesty.com/wqqxKA
Frame ID: 470.1
Requests: 4 HTTP requests in this frame

Frame: http://ceesty.com/wqqxKA
Frame ID: 492.1
Requests: 23 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Frame ID: 492.2
Requests: 1 HTTP requests in this frame

Frame: http://mt.rtmark.net/pp?geo=DE&zoneid=1241630&oaid=c1955182db4d89b9ac51fd4f8c0c3b7a&ftz=0&aid=0&nls=0&ltm=1&frl=0&rtg=1
Frame ID: 492.4
Requests: 1 HTTP requests in this frame

Frame: http://ads.shorte.st/notify.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=3683575&cp.dest_domain=btcheat.com&cp.oid=3683575&cp.referrer=http://ftp8.org/TweetPeets/redirect_locopengu.php&cp.locked=0&cp.proxy=0&cp.quarantine_status=1&cp.vno=191&cp.enc_url=UoYbtO745blfS57RGXWvD78kF6WLUbr/TdOwNqYn3HI=&cp.asid=769168c95f92279895239b27058da92e84a8d2af&title=&description=&keywords=&captcha_verified=0
Frame ID: 492.5
Requests: 1 HTTP requests in this frame

Frame: http://deloton.com/afu.php?zoneid=1241630&cb=769168c95f92279895239b27058da92e84a8d2af
Frame ID: 492.6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://funzonehere.ml/ HTTP 301
    http://ftp8.org/TweetPeets/redirect_locopengu.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

30
Requests

43 %
HTTPS

50 %
IPv6

15
Domains

16
Subdomains

11
IPs

3
Countries

350 kB
Transfer

748 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://funzonehere.ml/ HTTP 301
    http://ftp8.org/TweetPeets/redirect_locopengu.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 24
  • http://www.google-analytics.com/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABI~&jid=1431411775&gjid=524434794&cid=488156805.1509013775&uid=3683575&tid=UA-42296749-1&_gid=1753284680.1509013775&_r=1&cd2=2017-10-13.0&cd7=3683575&cd5=0&z=237777319 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABI~&jid=1431411775&gjid=524434794&cid=488156805.1509013775&uid=3683575&tid=UA-42296749-1&_gid=1753284680.1509013775&_r=1&cd2=2017-10-13.0&cd7=3683575&cd5=0&z=237777319
Request Chain 25
  • http://go.oclasrv.com/apu.php?zoneid=1241630 HTTP 302
  • http://deloton.com/apu.php?zoneid=1241630
Request Chain 28
  • http://go.pub2srv.com/afu.php?zoneid=1241630&cb=769168c95f92279895239b27058da92e84a8d2af HTTP 302
  • http://deloton.com/afu.php?zoneid=1241630&cb=769168c95f92279895239b27058da92e84a8d2af

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect_locopengu.php
ftp8.org/TweetPeets/
Redirect Chain
  • http://funzonehere.ml/
  • http://ftp8.org/TweetPeets/redirect_locopengu.php
657 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ftp8.org/TweetPeets/redirect_locopengu.php
Protocol
HTTP/1.1
Server
104.153.46.194 Nanuet, United States, ASN29757 (WEBLINE19 - Webline Services Inc, US),
Reverse DNS
Software
Apache /
Resource Hash
da88df531210f2d70d97f26d771954c691364d5a42807e0e1834c0a29fa6b894

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ftp8.org
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:34 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
Date
Thu, 26 Oct 2017 10:29:35 GMT
Server
nginx
Location
http://ftp8.org/TweetPeets/redirect_locopengu.php
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ftp8.org
URL: http://ftp8.org/TweetPeets/redirect_locopengu.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://ftp8.org/TweetPeets/redirect_locopengu.php
:scheme
https
:method
GET
Referer
http://ftp8.org/TweetPeets/redirect_locopengu.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Sep 2017 22:31:34 GMT
server
Golfe2
age
5188
date
Thu, 26 Oct 2017 09:03:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14089
expires
Thu, 26 Oct 2017 11:03:07 GMT
collect
www.google-analytics.com/r/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j64&a=15840334&t=pageview&_s=1&dl=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=613647392&gjid=404889507&cid=822621090.1509013775&tid=UA-9728265-66&_gid=1293415917.1509013775&_r=1&z=386941828
Requested by
Host: ftp8.org
URL: http://ftp8.org/TweetPeets/redirect_locopengu.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&_v=j64&a=15840334&t=pageview&_s=1&dl=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=613647392&gjid=404889507&cid=822621090.1509013775&tid=UA-9728265-66&_gid=1293415917.1509013775&_r=1&z=386941828
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://ftp8.org/TweetPeets/redirect_locopengu.php
:scheme
https
:method
GET
Referer
http://ftp8.org/TweetPeets/redirect_locopengu.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2017 10:29:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
wqqxKA
ceesty.com/ 		0
0
Cookie set wqqxKA
ceesty.com/ Frame 492. 		65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:8338 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.6.30-0+deb8u1
Resource Hash
fe61c190d3d6dc794bfc334db200c30f90e13089bbd9520ae826e1a1f52d3364
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ceesty.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ftp8.org/TweetPeets/redirect_locopengu.php
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://ftp8.org/TweetPeets/redirect_locopengu.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
cloudflare-nginx
X-Powered-By
PHP/5.6.30-0+deb8u1
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Set-Cookie
__cfduid=d008a8313c9d1e2692e0bf2b019bca7df1509013775; expires=Fri, 26-Oct-18 10:29:35 GMT; path=/; domain=.ceesty.com; HttpOnly PHPSESSID=2j2a1fm3in7qiurafp7t6tfj33; expires=Thu, 26-Oct-2017 11:29:35 GMT; Max-Age=3600; path=/ hl=en; expires=Fri, 26-Oct-2018 10:29:35 GMT; Max-Age=31536000; path=/ referrer_url=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php; expires=Fri, 27-Oct-2017 10:29:35 GMT; Max-Age=86400; path=/; httponly cookies-enable=1; path=/; httponly
X-Server-ID
shn11
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
3b3cbc3ed30663e5-FRA
X-UA-Compatible
IE=Edge
css
fonts.googleapis.com/ Frame 492. 		475 B
286 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
53b905c65eae2a44068334c6065f8a98d9a1b9e77a8419090a4c7adf41b0320f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Raleway:400,700
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Thu, 26 Oct 2017 10:29:35 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2017 10:29:35 GMT
tracking.gif
ceesty.com/bundles/advertisement/img/ Frame 492. 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ceesty.com/bundles/advertisement/img/tracking.gif?test=769168c95f92279895239b27058da92e84a8d2af
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:8338 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ceesty.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ceesty.com/wqqxKA
Cookie
__cfduid=d008a8313c9d1e2692e0bf2b019bca7df1509013775; PHPSESSID=2j2a1fm3in7qiurafp7t6tfj33; hl=en; referrer_url=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php; cookies-enable=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
CF-Cache-Status
MISS
Connection
keep-alive
Content-Length
0
X-UA-Compatible
IE=Edge
Last-Modified
Fri, 13 Oct 2017 11:02:34 GMT
Server
cloudflare-nginx
ETag
"59e09d4a-0"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn01
Cache-Control
public, max-age=14400
Accept-Ranges
bytes
CF-RAY
3b3cbc3fd3ac63e5-FRA
Expires
Thu, 26 Oct 2017 14:29:35 GMT
advertisement-tracking-3683575.gif
ceesty.com/bundles/smeweb/img/ Frame 492. 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ceesty.com/bundles/smeweb/img/advertisement-tracking-3683575.gif?t=1509013775
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:8338 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ceesty.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ceesty.com/wqqxKA
Cookie
__cfduid=d008a8313c9d1e2692e0bf2b019bca7df1509013775; PHPSESSID=2j2a1fm3in7qiurafp7t6tfj33; hl=en; referrer_url=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php; cookies-enable=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare-nginx
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn04
Cache-Control
public, max-age=14400
X-UA-Compatible
IE=Edge
Connection
keep-alive
CF-RAY
3b3cbc3ff3c463e5-FRA
Content-Length
43
Expires
Thu, 26 Oct 2017 14:29:35 GMT
tracking-3683575.gif
ceesty.com/bundles/smeweb/img/ Frame 492. 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ceesty.com/bundles/smeweb/img/tracking-3683575.gif?t=1509013775
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::681b:8338 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ceesty.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ceesty.com/wqqxKA
Cookie
__cfduid=d008a8313c9d1e2692e0bf2b019bca7df1509013775; PHPSESSID=2j2a1fm3in7qiurafp7t6tfj33; hl=en; referrer_url=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php; cookies-enable=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
CF-Cache-Status
MISS
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare-nginx
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-Server-ID
shn04
Cache-Control
public, max-age=14400
X-UA-Compatible
IE=Edge
Connection
keep-alive
CF-RAY
3b3cbc4006a426d8-FRA
Content-Length
43
Expires
Thu, 26 Oct 2017 14:29:35 GMT
logo1707.png
static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/ Frame 492. 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/b5/4c/45/48/be/0d/ca/35/64/1c/e2/75/9d/8f/9e/2c/logo1707.png?2017-10-13.0
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.sh.st
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
Last-Modified
Fri, 17 Jul 2015 13:29:04 GMT
Server
nginx
ETag
"55a90320-1852"
Content-Type
image/png
X-Server-ID
shn08
Cache-Control
max-age=86400
X-UA-Compatible
IE=Edge
Accept-Ranges
bytes
Content-Length
6226
Expires
Fri, 27 Oct 2017 10:29:35 GMT
interstitial-page.js
static.sh.st/js/packed/ Frame 492. 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.sh.st/js/packed/interstitial-page.js?2017-10-13.0
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
8b3502819fa48b2d24e230900daa2785f3e1e34224f136b720a21ab892a39871

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.sh.st
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2017 11:10:15 GMT
Server
nginx
ETag
W/"59e09f17-fcc0"
Vary
Accept-Encoding
Content-Type
application/javascript
X-Server-ID
shn10
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-UA-Compatible
IE=Edge
Expires
Fri, 27 Oct 2017 10:29:35 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 492. 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
aef8e5f3f7bfe38b9278f9a7b02f26ba21d1341925f46db6c1f4b41fcd021995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/tag/js/gpt.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagservices.com
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Thu, 26 Oct 2017 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1508982400215844"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
4486
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2017 10:29:35 GMT
analytics.js
www.google-analytics.com/ Frame 492.
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Sep 2017 22:31:34 GMT
server
Golfe2
age
5188
date
Thu, 26 Oct 2017 09:03:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14089
expires
Thu, 26 Oct 2017 11:03:07 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
bIcY3_3JNqUVRAQQRNVteQ.ttf
fonts.gstatic.com/s/raleway/v12/ Frame 492. 		52 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v12/bIcY3_3JNqUVRAQQRNVteQ.ttf
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
c9242c9e38a8f38f4a58d73b3fbeeee4737b123bfe0ec8bfc554b340e2310c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/raleway/v12/bIcY3_3JNqUVRAQQRNVteQ.ttf
pragma
no-cache
origin
http://ceesty.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Raleway:400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700
Origin
http://ceesty.com

Response headers

date
Wed, 11 Oct 2017 18:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1266228
status
200
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
25729
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:25:44 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Oct 2018 18:45:47 GMT
JbtMzqLaYbbbCL9X6EvaIy3USBnSvpkopQaUR-2r7iU.ttf
fonts.gstatic.com/s/raleway/v12/ Frame 492. 		52 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v12/JbtMzqLaYbbbCL9X6EvaIy3USBnSvpkopQaUR-2r7iU.ttf
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
69b87813dc3e26df61bd73f62035f339f17671150d823debfe9a9e2a3e7d4ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/raleway/v12/JbtMzqLaYbbbCL9X6EvaIy3USBnSvpkopQaUR-2r7iU.ttf
pragma
no-cache
origin
http://ceesty.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Raleway:400,700
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700
Origin
http://ceesty.com

Response headers

date
Wed, 11 Oct 2017 18:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1266227
status
200
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
25995
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:26:12 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Oct 2018 18:45:48 GMT
widget-sprite.png
static.sh.st/bundles/smeweb/img/ Frame 492. 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.sh.st/bundles/smeweb/img/widget-sprite.png?2017-10-13.0
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.sh.st
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
Last-Modified
Fri, 13 Oct 2017 11:10:49 GMT
Server
nginx
ETag
"59e09f39-14a41"
Content-Type
image/png
X-Server-ID
shn11
Cache-Control
max-age=86400
X-UA-Compatible
IE=Edge
Accept-Ranges
bytes
Content-Length
84545
Expires
Fri, 27 Oct 2017 10:29:35 GMT
pubads_impl_162.js
securepubads.g.doubleclick.net/gpt/ Frame 492. 		184 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a09dc0db7d0684852b3eb4b6ba5d37fef05e3ef058e10efac5ba8f9df1ed2c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_162.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 26 Oct 2017 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2017 18:42:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
65960
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2017 10:29:35 GMT
integrator.sync.js
adservice.google.com/adsid/ Frame 492. 		112 B
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.sync.js?domain=ceesty.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
57b4db8e04f917ceebdda97a6edcc37ccaa415f5a948cf522d7f58457c1128b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/adsid/integrator.sync.js?domain=ceesty.com
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
adservice.google.com
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 26 Oct 2017 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
111
x-xss-protection
1; mode=block
container.html
tpc.googlesyndication.com/safeframe/1-0-13/html/ Frame 492. 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
df7197d9f56dd4d697cb8a64cc76cf628f0b6597b177437f4b2a904742551e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Purpose
prefetch
Accept-Encoding
gzip, deflate
Host
tpc.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Purpose
prefetch
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Fri, 20 Oct 2017 23:14:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Sep 2017 20:57:39 GMT
Server
sffe
Age
472505
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1576
X-XSS-Protection
1; mode=block
Expires
Sat, 20 Oct 2018 23:14:30 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 492. 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2273986822276946&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809107%2C21060362%2C21061149&sc=0&sfv=1-0-13&iu=%2F60345044%2FWafra_Media_TOP%2FshorteST&sz=728x90&eri=6&cookie_enabled=1&abxe=1&lmt=1509013775&dt=1509013775524&frm=20&biw=1600&bih=1200&oid=3&adk=1979617055&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fshorte.st%2F&loc=http%3A%2F%2Fceesty.com%2FwqqxKA&ref=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&dssz=6&icsg=10&std=0&vrg=162&vis=1&ga_vid=488156805.1509013775&ga_sid=1509013776&ga_hid=2054134943
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
d7269790c53b6311d3cf906139bd4e0112282269e566923e914b6e6731462244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gampad/ads?gdfp_req=1&correlator=2273986822276946&output=json_html&callback=googletag.impl.pubads.setPassbackAdContents&impl=s&eid=108809107%2C21060362%2C21061149&sc=0&sfv=1-0-13&iu=%2F60345044%2FWafra_Media_TOP%2FshorteST&sz=728x90&eri=6&cookie_enabled=1&abxe=1&lmt=1509013775&dt=1509013775524&frm=20&biw=1600&bih=1200&oid=3&adk=1979617055&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fshorte.st%2F&loc=http%3A%2F%2Fceesty.com%2FwqqxKA&ref=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&dssz=6&icsg=10&std=0&vrg=162&vis=1&ga_vid=488156805.1509013775&ga_sid=1509013776&ga_hid=2054134943
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 26 Oct 2017 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
6556
x-xss-protection
1; mode=block
google-lineitem-id
432647164
pragma
no-cache
server
cafe
google-creative-id
119523148804
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Oct-2017 10:44:35 GMT; path=/; domain=.doubleclick.net
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_162.js
securepubads.g.doubleclick.net/gpt/ Frame 492. 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_162.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb0de02ef3d09319cff4297b98c712606f815453eb8345d394933f719194ba1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/gpt/pubads_impl_rendering_162.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 26 Oct 2017 10:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2017 18:42:44 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
10842
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2017 10:29:35 GMT
3p_cookie.html
securepubads.g.doubleclick.net/static/ Frame 492. 		223 B
185 B 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/3p_cookie.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
sffe /
Resource Hash
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/3p_cookie.html
pragma
no-cache
purpose
prefetch
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
securepubads.g.doubleclick.net
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Purpose
prefetch
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Thu, 26 Oct 2017 07:12:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11837
status
200
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
176
x-xss-protection
1; mode=block
server
sffe
etag
"1502910952331160"
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=43200
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2017 19:12:18 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-13/html/ Frame 492. 		0
0
osd.js
pagead2.googlesyndication.com/pagead/ Frame 492. 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_162.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
9fabe13c5ec460db21f0a9f8ca82557238f95d216ceecdea245f6aa53009308f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 26 Oct 2017 09:55:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
2051
ETag
3737912977758499713
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
29905
X-XSS-Protection
1; mode=block
Expires
Thu, 26 Oct 2017 10:55:24 GMT
pop.php
ads.shorte.st/ Frame 492. 		242 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.shorte.st/pop.php
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
78.140.188.189 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx / PHP/5.6.30-0+deb8u1
Resource Hash
95c8c5e2c7fee9f51c794390e18d21d9d0b6ece24deb4dd2d8fba0c308f620e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.shorte.st
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Thu, 26 Oct 2017 10:29:35 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.6.30-0+deb8u1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
X-Server-ID
shn02
Cache-Control
max-age=0, must-revalidate, no-store, private, s-maxage=0
Transfer-Encoding
chunked
X-UA-Compatible
IE=Edge
collect
www.google-analytics.com/r/ Frame 492.
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-...
  • https://www.google-analytics.com/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF...
35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABI~&jid=1431411775&gjid=524434794&cid=488156805.1509013775&uid=3683575&tid=UA-42296749-1&_gid=1753284680.1509013775&_r=1&cd2=2017-10-13.0&cd7=3683575&cd5=0&z=237777319
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABI~&jid=1431411775&gjid=524434794&cid=488156805.1509013775&uid=3683575&tid=UA-42296749-1&_gid=1753284680.1509013775&_r=1&cd2=2017-10-13.0&cd7=3683575&cd5=0&z=237777319
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://ceesty.com/wqqxKA
:scheme
https
:method
GET
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2017 10:29:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j64&a=2054134943&t=pageview&_s=1&dl=http%3A%2F%2Fceesty.com%2FwqqxKA&dr=http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php&ul=en-us&de=UTF-8&dt=Earn%20money%20on%20short%20links.%20Make%20short%20links%20and%20earn%20the%20biggest%20money%20-%20shorte.st&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABI~&jid=1431411775&gjid=524434794&cid=488156805.1509013775&uid=3683575&tid=UA-42296749-1&_gid=1753284680.1509013775&_r=1&cd2=2017-10-13.0&cd7=3683575&cd5=0&z=237777319
Non-Authoritative-Reason
HSTS
Cookie set apu.php
deloton.com/ Frame 492.
Redirect Chain
  • http://go.oclasrv.com/apu.php?zoneid=1241630
  • http://deloton.com/apu.php?zoneid=1241630
34 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://deloton.com/apu.php?zoneid=1241630
Requested by
Host: ceesty.com
URL: http://ceesty.com/wqqxKA
Protocol
HTTP/1.1
Server
194.187.98.220 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
194.187.98.220.webazilla.com
Software
nginx /
Resource Hash
fc6709cc1276acef704f6082141ea0c8f03f426d9f572bad262f5e0e9a61d743

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
deloton.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://ceesty.com/wqqxKA
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ceesty.com/wqqxKA
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2017 10:29:35 GMT
Content-Encoding
gzip
Server
nginx
Timing-Allow-Origin
* *
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Set-Cookie
SeenToday=1; expires=Fri, 27-Oct-2017 10:29:35 GMT; Max-Age=86400; path=/ OAGEO9457f=12%7CDE%7CBY%7CGUNZENHAUSEN%7CBROADBAND%7CHETZNER+ONLINE+AG%7CHOSTING%7C10436%7C42476%7C%3F%7C276005; expires=Fri, 27-Oct-2017 10:29:35 GMT; Max-Age=86400; path=/ oaidts=1509013775; expires=Fri, 26-Oct-2018 10:29:35 GMT; Max-Age=31536000; path=/ OAID=c1955182db4d89b9ac51fd4f8c0c3b7a; expires=Fri, 26-Oct-2018 10:29:35 GMT; Max-Age=31536000; path=/ exsdsf=1509013775 pbk3=68dcbeb3ad3e614fe72001bf419d54f86481164814873091042; expires=Thu, 26-Oct-2017 10:39:35 GMT; Max-Age=600 fac_ltm=1; expires=Fri, 27-Oct-2017 10:29:35 GMT; Max-Age=86400; path=/
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
http://deloton.com/apu.php?zoneid=1241630
Date
Thu, 26 Oct 2017 10:29:35 GMT
Server
nginx
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
Content-Type
text/html
pp
mt.rtmark.net/ Frame 492. 		0
0
notify.php
ads.shorte.st/ Frame 492. 		0
0
afu.php
deloton.com/ Frame 492.
Redirect Chain
  • http://go.pub2srv.com/afu.php?zoneid=1241630&cb=769168c95f92279895239b27058da92e84a8d2af
  • http://deloton.com/afu.php?zoneid=1241630&cb=769168c95f92279895239b27058da92e84a8d2af
0
0
truncated
/ Frame 492. 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ceesty.com
URL
http://ceesty.com/wqqxKA
Domain
tpc.googlesyndication.com
URL
http://tpc.googlesyndication.com/safeframe/1-0-13/html/container.html
Domain
mt.rtmark.net
URL
http://mt.rtmark.net/pp?geo=DE&zoneid=1241630&oaid=c1955182db4d89b9ac51fd4f8c0c3b7a&ftz=0&aid=0&nls=0&ltm=1&frl=0&rtg=1
Domain
ads.shorte.st
URL
http://ads.shorte.st/notify.php?key=2ea5b261f06ca771033a5fa9e22493f1&width=1024&height=768&ch=3683575&cp.dest_domain=btcheat.com&cp.oid=3683575&cp.referrer=http://ftp8.org/TweetPeets/redirect_locopengu.php&cp.locked=0&cp.proxy=0&cp.quarantine_status=1&cp.vno=191&cp.enc_url=UoYbtO745blfS57RGXWvD78kF6WLUbr/TdOwNqYn3HI=&cp.asid=769168c95f92279895239b27058da92e84a8d2af&title=&description=&keywords=&captcha_verified=0
Domain
deloton.com
URL
http://deloton.com/afu.php?zoneid=1241630&cb=769168c95f92279895239b27058da92e84a8d2af

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ceesty.com/ Name: _gid
Value: GA1.2.1753284680.1509013775
.ceesty.com/ Name: __PPU_BACKCLCK_1241630
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUnj5Wtq9ffCY8bXU58t3Bc-rlthbJAgHIL8bH-ty3ftAzJ7v_SFeIYSA8KT
.ceesty.com/ Name: _ga
Value: GA1.2.488156805.1509013775
ceesty.com/ Name: referrer_url
Value: http%3A%2F%2Fftp8.org%2FTweetPeets%2Fredirect_locopengu.php
ceesty.com/ Name: hl
Value: en
.ceesty.com/ Name: _gat
Value: 1
ceesty.com/ Name: cookies-enable
Value: 1
ceesty.com/ Name: PHPSESSID
Value: 2j2a1fm3in7qiurafp7t6tfj33
ceesty.com/ Name:
Value: __test
.ceesty.com/ Name: __cfduid
Value: d008a8313c9d1e2692e0bf2b019bca7df1509013775

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.shorte.st
adservice.google.com
ceesty.com
deloton.com
fonts.googleapis.com
fonts.gstatic.com
ftp8.org
funzonehere.ml
go.oclasrv.com
mt.rtmark.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.sh.st
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
ads.shorte.st
ceesty.com
deloton.com
mt.rtmark.net
tpc.googlesyndication.com
104.153.46.194
194.187.98.220
195.20.48.239
216.58.210.2
2400:cb00:2048:1::681b:8338
2a00:1450:4001:816::2001
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:4001:819::2002
78.140.188.189
78.140.191.94
0a42d405c353edd15594d2ee30d099097ea995e7d7c990ecf81bec9a0ad90082
53b905c65eae2a44068334c6065f8a98d9a1b9e77a8419090a4c7adf41b0320f
57b4db8e04f917ceebdda97a6edcc37ccaa415f5a948cf522d7f58457c1128b3
69b87813dc3e26df61bd73f62035f339f17671150d823debfe9a9e2a3e7d4ce7
8146dfca511f063c33c05e13e151ed3d3456441590a4b1358bbc99b320a02b8d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b3502819fa48b2d24e230900daa2785f3e1e34224f136b720a21ab892a39871
95c8c5e2c7fee9f51c794390e18d21d9d0b6ece24deb4dd2d8fba0c308f620e3
9fabe13c5ec460db21f0a9f8ca82557238f95d216ceecdea245f6aa53009308f
a09dc0db7d0684852b3eb4b6ba5d37fef05e3ef058e10efac5ba8f9df1ed2c54
aef8e5f3f7bfe38b9278f9a7b02f26ba21d1341925f46db6c1f4b41fcd021995
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
c9242c9e38a8f38f4a58d73b3fbeeee4737b123bfe0ec8bfc554b340e2310c52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7269790c53b6311d3cf906139bd4e0112282269e566923e914b6e6731462244
da88df531210f2d70d97f26d771954c691364d5a42807e0e1834c0a29fa6b894
df7197d9f56dd4d697cb8a64cc76cf628f0b6597b177437f4b2a904742551e14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0de02ef3d09319cff4297b98c712606f815453eb8345d394933f719194ba1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6709cc1276acef704f6082141ea0c8f03f426d9f572bad262f5e0e9a61d743
fd7607ab554a8c5af9aed32593ae99aaf0682198dbbd277372e8b663bd98b001
fe61c190d3d6dc794bfc334db200c30f90e13089bbd9520ae826e1a1f52d3364