ww25.fr.countre.online
199.59.243.228 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://toeicreviewserfr.web.app/ 3yr old
Effective URL:
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc 1yr old
Submission: On October 07 via automatic, source phishtank (October 7th 2025, 11:33:31 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 16 HTTP transactions. The main IP is 199.59.243.228, located in United States and belongs to AMAZON-02, US. The main domain is ww25.fr.countre.online. 1yr old
TLS certificate: Issued by R10 on July 29th 2025. Valid for: 3mo.

This is the only time ww25.fr.countre.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1 4	103.224.182.242 103.224.182.242	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
4	199.59.243.228 199.59.243.228	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.164 216.58.212.164	15169 (GOOGLE) (GOOGLE)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
4	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
16	7

1 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

toeicreviewserfr.web.app 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 103.224.182.242 (San Diego, United States) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com

fr.countre.online 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 199.59.243.228 (United States)

ASN16509 (AMAZON-02, US)

ww25.fr.countre.online 1yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f4.1e100.net

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

partner.googleadservices.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net

syndicatedsearch.goog 3yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

afs.googleusercontent.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
8	countre.online 1 redirects fr.countre.online 3yr old ww25.fr.countre.online 1yr old	80 KB
4	syndicatedsearch.goog syndicatedsearch.goog — Cisco Umbrella Rank: 3438 3yr old	61 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 14322 9yr old	962 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 6183 10yr old	267 B
1	google.com www.google.com — Cisco Umbrella Rank: 2 13yr old	57 KB
1	web.app toeicreviewserfr.web.app 3yr old	599 B
16	6

	Domain	Requested by
4	syndicatedsearch.goog	www.google.com syndicatedsearch.goog
4	ww25.fr.countre.online	fr.countre.online ww25.fr.countre.online
4	fr.countre.online	1 redirects toeicreviewserfr.web.app fr.countre.online
2	afs.googleusercontent.com
1	partner.googleadservices.com	www.google.com
1	www.google.com	ww25.fr.countre.online
1	toeicreviewserfr.web.app
16	7

This site contains links to these domains. Also see Links.

Domain
ww25.fr.countre.online

Subject Issuer	Validity	Valid
web.app WR4	`2025-08-26` - `2025-11-24`	3mo	crt.sh
gamatotvmovies.com R13	`2025-09-28` - `2025-12-27`	3mo	crt.sh
ww25.fr.countre.online R10	`2025-07-29` - `2025-10-27`	3mo	crt.sh
*.google.com WE2	`2025-09-15` - `2025-12-08`	3mo	crt.sh
*.googleadservices.com WE2	`2025-09-15` - `2025-12-08`	3mo	crt.sh
syndicatedsearch.goog WE2	`2025-09-15` - `2025-12-08`	3mo	crt.sh
*.googleusercontent.com WE2	`2025-09-15` - `2025-12-08`	3mo	crt.sh

This page contains 2 frames:

Primary Page: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
Frame ID: 7A984C93E0ED5723B359ADCBB4B9CA53
Requests: 12 HTTP requests in this frame

Frame: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol446%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fww25.fr.countre.online%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251007-2233-32b4-91e9-50657aa910dc&type=3&swp=as-drid-2670805077781048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108%2C73110181&format=r3&nocache=3131759836814727&num=0&output=afd_ads&domain_name=ww25.fr.countre.online&v=3&bsl=8&pac=0&u_his=1&u_tz=120&dt=1759836814728&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=813237002&rurl=https%3A%2F%2Fww25.fr.countre.online%2F%3Fsubid1%3D20251007-2233-32b4-91e9-50657aa910dc
Frame ID: A6C2A7A7FBC6B298A813618FDC95A1E4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

countre.online

Page URL History Show full URLs

https://toeicreviewserfr.web.app/ Page URL
https://fr.countre.online/ Page URL
http://fr.countre.online/?tr_uuid=20251007-2233-32b4-91e9-50657aa910dc&fp=9496ef34b3adaf3e1c8dbc1a07a... HTTP 307
https://fr.countre.online/?tr_uuid=20251007-2233-32b4-91e9-50657aa910dc&fp=9496ef34b3adaf3e1c8dbc1a07a... HTTP 302
http://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc HTTP 307
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc HTTP 307
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

200 kB
Transfer

404 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ww25.fr.countre.online/?caf=1&bpt=345&subid1=20251007-2233-32b4-91e9-50657aa910dc&query=Games+Freispiele&afdToken=ChMIzsbTgf-RkAMV0eICBx0TAROyEnABlLqpjxN7E-RNrJNu_Rc0NDirdl2wTgMUdfI7WtRB0D7TBe7xsxTfiFs839r4JEWv-vhQdPF5c0HeDuc3ZCgm5BkubtRwuxNZ881ODYKFNz1etH8tCjhP9tq1O8yV8KbI79DmSmY2B862G4iH5C06IAEyNAGxUlSq-w88cwWAZbYC6WMgjD0LPh9ro4Ulh10iLIFmay3FeTqR1bp7VbEsZe9Q_m6TioM&pcsa=false&nb=0
Title: Games Freispiele

Search URL Search Domain Scan URL

URL: https://ww25.fr.countre.online/?caf=1&bpt=345&subid1=20251007-2233-32b4-91e9-50657aa910dc&query=Kostenlose+Browser&afdToken=ChMIzsbTgf-RkAMV0eICBx0TAROyEnABlLqpj3yw_yuvGXWmwf-e_1LWU3LaTAFwIBMz43atTikZQJdCm2gOGdwoQ8IDnd_JTpxTbOBMYSoO8wvx-gEc-odqvUhinj_nMAPykWyOT-eOmGAmFRTPtRH6pMKcLEPIo_wwSxtkhQsXy5ho89HXIAEyNAGxUlSqPASHYP4P06L5gIzfPiLIZ4A1N5t99H47FhD_oICuc8CMydGgqEq5nOQH53rzJm4&pcsa=false&nb=0
Title: Kostenlose Browser

Search URL Search Domain Scan URL

URL: https://ww25.fr.countre.online/?caf=1&bpt=345&subid1=20251007-2233-32b4-91e9-50657aa910dc&query=Busch+Modellbau+Preisliste&afdToken=ChMIzsbTgf-RkAMV0eICBx0TAROyEnABlLqpj6D7ovdV23OU1pJCr6CPfntB3UOBtg6xl3Yi_vSghm_r9t7-8xfkTz2XxD3wWvCJ6d3xEVCgRojaFluDjFzDOx7vuMK9J9knkf4_dEuZyjAmF5u-WkGzr7cLH80d6S_pkGoQ6avmD7zAoIiRIAEyNAGxUlSq4E3Zg1cCQ9iELszZKv5dZxBwbmogtnFxM4a9dcxjgTVwvujGNSXi4cU4MERkXLs&pcsa=false&nb=0
Title: Busch Modellbau Preisliste

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://toeicreviewserfr.web.app/ Page URL
https://fr.countre.online/ Page URL
http://fr.countre.online/?tr_uuid=20251007-2233-32b4-91e9-50657aa910dc&fp=9496ef34b3adaf3e1c8dbc1a07a24989 HTTP 307
https://fr.countre.online/?tr_uuid=20251007-2233-32b4-91e9-50657aa910dc&fp=9496ef34b3adaf3e1c8dbc1a07a24989 HTTP 302
http://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc HTTP 307
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc HTTP 307
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
toeicreviewserfr.web.app/ 564 B
599 B 52ms
15ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Download Go to

Full URL

https://toeicreviewserfr.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 230
content-type: text/html; charset=utf-8
date: Tue, 07 Oct 2025 11:33:31 GMT
etag: "c697ff0443ece2f4400694b547ffc4a5c9e01905594a324923fa8117788c59ea-br"
last-modified: Fri, 04 Aug 2023 16:00:42 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-eddf8230063-FRA
x-timer: S1759836812.854996,VS0,VE6

GET
H/1.1 200
OK / Show response
fr.countre.online/ 1 KB
863 B 631ms
228ms Document
text/html 103.224.182.242
TRELLIAN-AS-AP Tr...

General

Check archive.org

Download Go to

Full URL: https://fr.countre.online/
Requested by: Host: toeicreviewserfr.web.app
URL: https://toeicreviewserfr.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.242 San Diego, United States, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-242.above.com
Software: Apache /
Resource Hash: ab9b115feda7b5d391f8982a54ac79004c71393e52adc4189ea1850ba63600d5

Request headers

Referer: https://toeicreviewserfr.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

connection: close
content-encoding: gzip
content-length: 568
content-type: text/html; charset=UTF-8
date: Tue, 07 Oct 2025 11:33:32 GMT
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK iife.min.js Show response
fr.countre.online/js/fingerprint/ 33 KB
34 KB 826ms
508ms Script
text/javascript 103.224.182.242
TRELLIAN-AS-AP Tr...

General

Check archive.org

Download Go to

Full URL: https://fr.countre.online/js/fingerprint/iife.min.js
Requested by: Host: fr.countre.online
URL: https://fr.countre.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.242 San Diego, United States, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-242.above.com
Software: Apache /
Resource Hash: c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://fr.countre.online/

Response headers

etag: "85c0-633d0d69b9ac0"
connection: close
accept-ranges: bytes
content-length: 34240
date: Tue, 07 Oct 2025 11:33:33 GMT
last-modified: Mon, 28 Apr 2025 06:31:47 GMT
content-type: text/javascript
server: Apache

GET
H/1.0 403
Forbidden favicon.ico
fr.countre.online/ 94 B
170 B 694ms
357ms Other
text/html 103.224.182.242
TRELLIAN-AS-AP Tr...

General

Check archive.org

Download Go to

Full URL: https://fr.countre.online/favicon.ico
Protocol: HTTP/1.0
Security: TLS 1.3, , AES_256_GCM
Server: 103.224.182.242 San Diego, United States, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-242.above.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://fr.countre.online/

Response headers

content-type: text/html
cache-control: no-cache

GET
H/1.1

200
OK

Primary Request / Show response
ww25.fr.countre.online/
Redirect Chain

http://fr.countre.online/?tr_uuid=20251007-2233-32b4-91e9-50657aa910dc&fp=9496ef34b3adaf3e1c8dbc1a07a24989
https://fr.countre.online/?tr_uuid=20251007-2233-32b4-91e9-50657aa910dc&fp=9496ef34b3adaf3e1c8dbc1a07a24989
http://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc

1 KB
2 KB

79ms
36ms

Document
text/html

199.59.243.228
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
Requested by: Host: fr.countre.online
URL: https://fr.countre.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 81196c63db9dc34def72847de81e7be76e5c17f76fa5262821d1603e90c6b6a2

Request headers

Referer: https://fr.countre.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Accept-Ch: sec-ch-prefers-color-scheme
Cache-Control: no-store, max-age=0
Content-Length: 1190
Content-Type: text/html; charset=utf-8
Critical-Ch: sec-ch-prefers-color-scheme
Date: Tue, 07 Oct 2025 11:33:33 GMT
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_XTOoqtsyHGPeBfO3HmkYpSqvemzfaBOACtHsbAkJ28jOv4zn11Iwg+wJJTu1LZC6OAfH3t6Ae2riNrUBkyn5qQ==
X-Request-Id: 27325b3a-2cff-4fcb-9396-a07b4fd2671b

Redirect headers

Location: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc

GET
H/1.1 200
OK bFhyAVkvf.js Show response
ww25.fr.countre.online/ 38 KB
38 KB 37ms
36ms Script
application/javascript 199.59.243.228
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ww25.fr.countre.online/bFhyAVkvf.js
Requested by: Host: ww25.fr.countre.online
URL: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 40c39476fa8cec4a8d5eed23acc6c6a99d686b58eb16fff4ee199eac5f8f0619

Request headers

sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc

Response headers

X-Request-Id: 4eb3601c-b084-49e2-95ee-1d82efd47619
Content-Length: 38577
Date: Tue, 07 Oct 2025 11:33:33 GMT
Content-Type: application/javascript; charset=utf-8

POST
H/1.1 200
OK _fd Show response
ww25.fr.countre.online/ 5 KB
5 KB 40ms
40ms Fetch
application/json 199.59.243.228
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ww25.fr.countre.online/_fd?subid1=20251007-2233-32b4-91e9-50657aa910dc
Requested by: Host: ww25.fr.countre.online
URL: https://ww25.fr.countre.online/bFhyAVkvf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 40746b71064ab398b86149b8f67df6b8d1e3c0ec60d8b0a0324f6c1f7a0e142c

Request headers

Referer: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
sec-ch-prefers-color-scheme: light
Accept: application/json
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

X-Request-Id: 6f379984-bd58-4dc0-9344-c5e9c19de3ac
Content-Length: 5201
Date: Tue, 07 Oct 2025 11:33:33 GMT
Content-Type: application/json; charset=utf-8

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 155 KB
57 KB 32ms
17ms Script
text/javascript 216.58.212.164
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Requested by

Host: ww25.fr.countre.online
URL: https://ww25.fr.countre.online/bFhyAVkvf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f4.1e100.net

Software

sffe /

Resource Hash

c76b45c32ebeb9de48ca2758e64f60d405505d8cd412ca17e93a96b58749018c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ww25.fr.countre.online/

Response headers

content-encoding: gzip
etag: "2515289997359019041"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 11:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Oct 2025 11:33:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 382 B
267 B 34ms
17ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ww25.fr.countre.online&client=partner-dp-bodis30_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f5f84433b9f34cff8035436f9f282695e41a6c776afd8b3a4dd5aef1c558cfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ww25.fr.countre.online/

Response headers

timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 246
date: Tue, 07 Oct 2025 11:33:34 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 ads Show response
syndicatedsearch.goog/afs/ Frame A6C2 14 KB
3 KB 188ms
162ms Document
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol446%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fww25.fr.countre.online%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251007-2233-32b4-91e9-50657aa910dc&type=3&swp=as-drid-2670805077781048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108%2C73110181&format=r3&nocache=3131759836814727&num=0&output=afd_ads&domain_name=ww25.fr.countre.online&v=3&bsl=8&pac=0&u_his=1&u_tz=120&dt=1759836814728&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=813237002&rurl=https%3A%2F%2Fww25.fr.countre.online%2F%3Fsubid1%3D20251007-2233-32b4-91e9-50657aa910dc

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

gws /

Resource Hash

41370c368f14c2875391cfb26feb10b670180a166f8ae64ba1bb7b95d531b553

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-9O4Lak7V4-DznqXNxlWDMg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: https://ww25.fr.countre.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

accept-ch: Downlink RTT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2934
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9O4Lak7V4-DznqXNxlWDMg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 07 Oct 2025 11:33:34 GMT
expires: Tue, 07 Oct 2025 11:33:34 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 200 caf.js Show response
syndicatedsearch.goog/adsense/domains/ Frame A6C2 155 KB
57 KB 17ms
16ms Script
text/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://syndicatedsearch.goog/adsense/domains/caf.js?pac=0

Requested by

Host: syndicatedsearch.goog
URL: https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol111%2Cpid-bodis-gcontrol446%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis30_3ph&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fww25.fr.countre.online%2F%3Fcaf%3D1%26bpt%3D345%26subid1%3D20251007-2233-32b4-91e9-50657aa910dc&type=3&swp=as-drid-2670805077781048&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442%2C17301548%2C17301266%2C72717108%2C73110181&format=r3&nocache=3131759836814727&num=0&output=afd_ads&domain_name=ww25.fr.countre.online&v=3&bsl=8&pac=0&u_his=1&u_tz=120&dt=1759836814728&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=813237002&rurl=https%3A%2F%2Fww25.fr.countre.online%2F%3Fsubid1%3D20251007-2233-32b4-91e9-50657aa910dc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

sffe /

Resource Hash

2b7f3e68ae809902a695123155dcadccb1d5966249fe4733b7db47ee1bfe7c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://syndicatedsearch.goog/

Response headers

content-encoding: gzip
etag: "17043669188516178500"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 11:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Oct 2025 11:33:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame A6C2 200 B
700 B 46ms
13ms Image
image/svg+xml 142.250.184.225
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://syndicatedsearch.goog/

Response headers

content-encoding: gzip
age: 55299
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
x-content-type-options: nosniff
expires: Tue, 07 Oct 2025 19:11:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 06 Oct 2025 20:11:56 GMT
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cache-control: public, max-age=82800
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
accept-ranges: bytes
content-length: 174
x-xss-protection: 0
server: sffe

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame A6C2 200 B
262 B 47ms
13ms Image
image/svg+xml 142.250.184.225
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://syndicatedsearch.goog/

Response headers

content-encoding: gzip
age: 25289
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
x-content-type-options: nosniff
expires: Wed, 08 Oct 2025 03:32:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 07 Oct 2025 04:32:06 GMT
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cache-control: public, max-age=82800
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
accept-ranges: bytes
content-length: 174
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK _tr Show response
ww25.fr.countre.online/ 2 B
281 B 39ms
37ms Fetch
application/json 199.59.243.228
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ww25.fr.countre.online/_tr
Requested by: Host: ww25.fr.countre.online
URL: https://ww25.fr.countre.online/bFhyAVkvf.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.59.243.228 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://ww25.fr.countre.online/?subid1=20251007-2233-32b4-91e9-50657aa910dc
sec-ch-prefers-color-scheme: light
Accept: application/json
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

X-Request-Id: e573914a-5efa-4e7f-b103-ac6fee9cd647
Content-Length: 2
Date: Tue, 07 Oct 2025 11:33:34 GMT
Content-Type: application/json; charset=utf-8

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
509 B 83ms
61ms Image
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=l9jazqe44pky&cd_fexp=72717108%2C73110181&aqid=jvrkaNzPMde6juwPxcDooQI&psid=3113057640&pbt=bs&adbx=450&adby=143&adbh=363&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=813237002&csala=2%7C0%7C197%7C29%7C10&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-ebimEEphsZq9M8_xGVJ-yQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ww25.fr.countre.online/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ebimEEphsZq9M8_xGVJ-yQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 07 Oct 2025 11:33:36 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

GET
H2 204 gen_204
syndicatedsearch.goog/afs/ 0
212 B 82ms
60ms Image
text/html 216.58.206.46
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://syndicatedsearch.goog/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=uiq7qc9n5lcm&cd_fexp=72717108%2C73110181&aqid=jvrkaNzPMde6juwPxcDooQI&psid=3113057640&pbt=bv&adbx=450&adby=143&adbh=363&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=813237002&csala=2%7C0%7C197%7C29%7C10&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-pJiN9BT46rPzUiaMKhZ5yA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer: https://ww25.fr.countre.online/

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-pJiN9BT46rPzUiaMKhZ5yA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 07 Oct 2025 11:33:36 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: gws
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fr.countre.online/	1970-01-21 18:26:36	Name: __tad Value: 1759836812.5082773
ww25.fr.countre.online/	1970-01-21 08:50:37	Name: parking_session Value: 05aef3ef-7262-49c3-9c4d-dead024f33cf
.countre.online/	1970-01-21 18:12:12	Name: __gsas Value: ID=6d9b29b9801e7dc9:T=1759836814:RT=1759836814:S=ALNI_MY48yYqjut37VAEpqH-wAlky2t5Mw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://fr.countre.online/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E020002C1C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://fr.countre.online/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
fr.countre.online
partner.googleadservices.com
syndicatedsearch.goog
toeicreviewserfr.web.app
ww25.fr.countre.online
www.google.com
103.224.182.242
142.250.184.225
199.36.158.100
199.59.243.228
216.58.206.34
216.58.206.46
216.58.212.164
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b7f3e68ae809902a695123155dcadccb1d5966249fe4733b7db47ee1bfe7c1a
40746b71064ab398b86149b8f67df6b8d1e3c0ec60d8b0a0324f6c1f7a0e142c
40c39476fa8cec4a8d5eed23acc6c6a99d686b58eb16fff4ee199eac5f8f0619
41370c368f14c2875391cfb26feb10b670180a166f8ae64ba1bb7b95d531b553
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
81196c63db9dc34def72847de81e7be76e5c17f76fa5262821d1603e90c6b6a2
ab9b115feda7b5d391f8982a54ac79004c71393e52adc4189ea1850ba63600d5
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089
c76b45c32ebeb9de48ca2758e64f60d405505d8cd412ca17e93a96b58749018c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5f84433b9f34cff8035436f9f282695e41a6c776afd8b3a4dd5aef1c558cfd6

ww25.fr.countre.online 199.59.243.228 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

1 Countries

200 kBTransfer

404 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Window variables

3 Cookies

2 Console Messages

Security Headers

Indicators

ww25.fr.countre.online
199.59.243.228 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

1
Countries

200 kB
Transfer

404 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions