urlscan.io logo urlscan.io
SecurityTrails logo

t.frtyt.com Open in urlscan Pro
107.178.242.109  Public Scan

Go To Rescan Add Verdict Report
URL: http://t.frtyt.com/aff_ad?nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=00380...
Submission: On October 21 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 22 HTTP transactions. The main IP is 107.178.242.109, located in Mountain View, United States and belongs to GOOGLE - Google Inc., US. The main domain is t.frtyt.com.
This is the only time t.frtyt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 107.178.242.109 15169 (GOOGLE)
10 205.185.216.10 20446 (HIGHWINDS3)
1 66.155.97.33 13768 (PEER1)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (HIGHWINDS3)
1 95.172.94.57 27281 (QUANTCAST)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 95.172.94.54 15570 (Internap ...)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.19 23467 (NEWRELIC-...)
22 13
1    107.178.242.109 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 109.242.178.107.bc.googleusercontent.com
t.frtyt.com
10    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
ckstatic.com
static.filf.com
1    66.155.97.33 (Toronto, Canada)

ASN13768 (PEER1 - Peer 1 Network (USA) Inc., CA)
www.filf.com
1    2a00:1450:4001:817::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
1    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
static.filf.com
1    95.172.94.57 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
PTR: pixel.quantserve.com
secure.quantserve.com
2    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
1    2a00:1450:400c:c04::9d (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
stats.g.doubleclick.net
1    2a00:1450:4001:817::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.com
1    2a00:1450:4001:817::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.de
1    2600:9000:2002:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    95.172.94.54 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: pixel.quantserve.com
pixel.quantserve.com
1    151.101.114.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
10 static.filf.com www.filf.com
static.filf.com
2 www.google-analytics.com 1 redirects t.frtyt.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.filf.com
1 pixel.quantserve.com www.filf.com
1 rules.quantcount.com secure.quantserve.com
1 www.google.de www.filf.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 secure.quantserve.com www.googletagmanager.com
1 www.googletagmanager.com www.filf.com
1 www.filf.com t.frtyt.com
1 ckstatic.com t.frtyt.com
1 t.frtyt.com
22 14

This site contains links to these domains. Also see Links.

Domain
www.crakrevenue.com
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2017-10-10 -
2018-01-02		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2015-08-05 -
2018-11-02		 3 years crt.sh
www.google.de
Google Internet Authority G3		 2017-10-10 -
2018-01-02		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2017-10-19 -
2018-05-04		 6 months crt.sh
*.nr-data.net
GeoTrust SSL CA - G3		 2017-07-18 -
2018-03-17		 8 months crt.sh

This page contains 2 frames:

Frame: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Frame ID: 4591.1
Requests: 3 HTTP requests in this frame

Frame: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Frame ID: 4613.1
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i

Page Statistics

22
Requests

27 %
HTTPS

43 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

411 kB
Transfer

626 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j64&a=876500622&t=pageview&_s=1&dl=http%3A%2F%2Fwww.filf.com%2F26877%2F%3Fs2%3D102baaf528d4d10d9a6dccd0e3a72d%26s3%3DETO_999521370_CSO_SKY%26s4%3D21%26nopop%3D1%26file_id%3D0%26url%3D3&dr=http%3A%2F%2Ft.frtyt.com%2Faff_ad%3Fnopop%3D1%26nopop%3D1%26offer_id%3D4257%26aff_id%3D21%26url_id%3D10270%26aff_sub%3DETO_999521370_CSO_SKY%26aff_sub2%3D003803T%26file_id%3D0%26source%3DTS40-999521370%26bo%3D3246%252C3247%252C3248%26campaign_id%3D3239&ul=en-us&de=UTF-8&dt=FILF%20%7C%20Family%20I%27d%20like%20to%20fuck&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACMABJ~&jid=451358835&gjid=1979648796&cid=2101814253.1508595303&tid=UA-43420604-53&_gid=1877378273.1508595303&_r=1&z=1620239515 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_gid=1877378273.1508595303&gjid=1979648796&_v=j64&z=1620239515 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515&slf_rd=1&random=1188219164

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aff_ad
t.frtyt.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://t.frtyt.com/aff_ad?nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3239%2C3246%2C3247%2C3248&campaign_id=3238
Protocol
HTTP/1.1
Server
107.178.242.109 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
109.242.178.107.bc.googleusercontent.com
Software
nginx/1.11.8 / Express
Resource Hash
708c80e32db1e74f256e627e8b9661786d659d52c29cb1455ae5e8400efd146b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
t.frtyt.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Sat, 21 Oct 2017 14:15:01 GMT
Via
1.1 google
tracking_id
102baaf528d4d10d9a6dccd0e3a72d
X-Powered-By
Express
p3p
CP="NOI CUR OUR NOR INT"
realaction
/aff_ad
Content-Length
1779
pragma
no-cache
server
nginx/1.11.8
ETag
W/"6f3-vqOVqiC6e4u+y/gGyGLbpg"
content-type
text/html; charset=iso-8859-1
Access-Control-Allow-Origin
*
cache-control
no-cache, no-store, must-revalidate
set-cookie
aff_ran_url_4257=10431; expires=Sun, 22 Oct 2017 14:15:01 GMT; path=/; enc_aff_session_4257=ENC036e570e73fd4ed5475ceee151089fa592ec1c85e4488ca71335993d8167bf270b510d8e317c3b9edb931a72de91154de358552db3c33522f6e1dd9b0aa30c1c96d0019af980b660e89d576b0896ec39f805ff15cf0a86f6f05c74dd009fa1bd66a3f898c82302ae3d4178ae8b9d52ed3b162d36afa6edbe66a798d2906005d84818ca8b429c7d159d6d56cf3e153a7d47d2e7619590e83674793d6e7685dc8c410d2a16dd; expires=Sun, 13 Apr 2025 05:15:01 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI2Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IFg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgSGVhZGxlc3NDaHJvbWUvNjIuMC4zMjAyLjYyIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Tue, 15 Sep 2020 00:55:01 GMT; path=/;
x-robots-tag
noindex, nofollow
expires
Sat, 26 Jul 1997 05:00:00 GMT
history.js
ckstatic.com/js/historyjs/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ckstatic.com/js/historyjs/history.js
Requested by
Host: t.frtyt.com
URL: http://t.frtyt.com/aff_ad?nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3239%2C3246%2C3247%2C3248&campaign_id=3238
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ckstatic.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://t.frtyt.com/aff_ad?nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3239%2C3246%2C3247%2C3248&campaign_id=3238
Connection
keep-alive
Cache-Control
no-cache
Referer
http://t.frtyt.com/aff_ad?nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3239%2C3246%2C3247%2C3248&campaign_id=3238
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Dec 2014 21:06:56 GMT
ETag
1417727216
X-HW
1508595301.dop019.fr7.t,1508595301.cds006.fr7.c
Content-Type
text/javascript
Cache-Control
max-age=8903
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
6880
/
www.filf.com/26877/ 		0
0
Cookie set /
www.filf.com/26877/ Frame 4613 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
66.155.97.33 Toronto, Canada, ASN13768 (PEER1 - Peer 1 Network (USA) Inc., CA),
Reverse DNS
Software
nginx /
Resource Hash
a2ed39d8df0a9b5a7bd5711acb2856fffc23a32e232897ac9af8049649d13744

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.filf.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://t.frtyt.com/aff_ad?nopop=1&nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3246%2C3247%2C3248&campaign_id=3239
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://t.frtyt.com/aff_ad?nopop=1&nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3246%2C3247%2C3248&campaign_id=3239
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:02 GMT
Content-Encoding
gzip
UseVarnish
0
Age
0
X-Original-Host
www.filf.com
X-Cache-Layer-Request
disabled
Transfer-Encoding
chunked
X-Cache
MISS
OutlinksEnabled
0
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Server
nginx
X-Uncacheable
1
tracker
1.7513.DE.26877.typein_referral_Oct2017
Vary
Accept-Encoding
X-Varnish
158380807
Via
1.1 varnish-v4
Cache-Control
no-cache
Set-Cookie
nopop=1; path=/; domain=.filf.com tracking=%7B%22aff%22%3A%221%22%2C%22subId1%22%3A%22%22%2C%22subId2%22%3A%22102baaf528d4d10d9a6dccd0e3a72d%22%2C%22subId3%22%3A%22ETO_999521370_CSO_SKY%22%2C%22subId4%22%3A%2221%22%2C%22typeInUrl%22%3A%22%22%2C%22urlParam%22%3A%223%22%2C%22tourId%22%3A%2226877%22%2C%22mirrorId%22%3A%22%22%7D; expires=Sat, 28-Oct-2017 14:15:02 GMT; path=/ hash=57b01ff9b45e7de0142ea3c939a6104b5164f909; expires=Sat, 28-Oct-2017 14:15:02 GMT; path=/ crak=%7B%227513%22%3A%7B%22aff%22%3A%221%22%2C%22track%22%3A%22%22%2C%22subid2%22%3A%22102baaf528d4d10d9a6dccd0e3a72d%22%2C%22subid3%22%3A%22ETO_999521370_CSO_SKY%22%2C%22subid4%22%3A%2221%22%2C%22typein_url%22%3A%22%22%2C%22url_id%22%3A%223%22%2C%22exp%22%3A%221509200102%22%2C%22click%22%3A%22%22%7D%7D; expires=Sat, 28-Oct-2017 14:15:02 GMT; path=/; httponly regional=%5B%22Wehlheiden%22%2C%22Vollmarshausen%22%2C%22Heiligenrode%22%2C%22Kirchbauna%22%2C%22M%5Cu00f6nchehof%22%2C%22D%5Cu00f6rnhagen%22%2C%22Fuldabr%5Cu00fcck%22%2C%22Fuldatal%22%2C%22Spiekershausen%22%2C%22Bergshausen%22%5D; expires=Tue, 21-Nov-2017 14:15:02 GMT; path=/; httponly locale=en; expires=Sun, 22-Oct-2017 14:15:02 GMT; path=/; httponly
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
X-Cache-Hits
0
app.a317254c.css
static.filf.com/cr2/www.filf.com-26877/assets/styles/ Frame 4613 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://static.filf.com/cr2/www.filf.com-26877/assets/styles/app.a317254c.css
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
e61c207eef2b9e0cd99ead651d6f3ea3e633f1691052356b332cbe3645edc8ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jul 2017 20:47:16 GMT
ETag
1500497236
X-HW
1508595302.dop021.fr7.t,1508595302.cds074.fr7.sr,1508595302.dop004.dc1.r,1508595303.cds053.dc1.c,1508595303.cds074.fr7.pr
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=60027
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3599
modernizr.custom.js
static.filf.com/cr2/assets/scripts/ Frame 4613 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.filf.com/cr2/assets/scripts/modernizr.custom.js
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
27f353de45a3d453018e109f7dd041f7a7449981f36621c407b6c9d650b2a4e4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2015 13:43:19 GMT
ETag
1433857399
X-HW
1508595302.dop021.fr7.t,1508595302.cds051.fr7.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=27329
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4864
logo.svg
static.filf.com/cr2/www.filf.com-26877/www.filf.com/26877/assets/images/ Frame 4613 		972 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.filf.com/cr2/www.filf.com-26877/www.filf.com/26877/assets/images/logo.svg
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
140e165ddfda05a70098b54d9fd6c046e8d7fd58485246c244701b1cf7d118c9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Last-Modified
Wed, 19 Jul 2017 20:47:16 GMT
ETag
1500497236
X-HW
1508595303.dop021.fr7.t,1508595303.cds031.fr7.sr,1508595303.dop007.dc1.r,1508595303.cds031.dc1.c,1508595303.cds031.fr7.pr
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=77428
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
972
9507d66fa91e8f2321472b84ce5d1ebbf8bd3c20.jpg
static.filf.com/cr2/global/profiles/5RNZFw/108573/ Frame 4613 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.filf.com/cr2/global/profiles/5RNZFw/108573/9507d66fa91e8f2321472b84ce5d1ebbf8bd3c20.jpg
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
18336ad61f0752872b1dcf4f4f7df1372624a9695373e4f1387cd112e6b9cfdb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Last-Modified
Thu, 13 Jul 2017 17:44:56 GMT
ETag
1499967896
X-HW
1508595303.dop014.fr7.t,1508595303.cds018.fr7.sr,1508595303.dop009.dc1.r,1508595303.cds053.dc1.c,1508595303.cds018.fr7.pr
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=77423
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
186708
rta.jpg
static.filf.com/cr2/www.filf.com-26877/assets/images/copyright/ Frame 4613 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.filf.com/cr2/www.filf.com-26877/assets/images/copyright/rta.jpg
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
500609be0c6b4ea773c4c10087f549410014bf4e35d483d3b4dce284d6ce035d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Last-Modified
Wed, 19 Jul 2017 20:47:16 GMT
ETag
1500497236
X-HW
1508595303.dop021.fr7.t,1508595303.cds029.fr7.sr,1508595303.dop004.dc1.r,1508595303.cds006.dc1.c,1508595303.cds029.fr7.pr
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=77429
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1056
asacp.png
static.filf.com/cr2/www.filf.com-26877/assets/images/copyright/ Frame 4613 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.filf.com/cr2/www.filf.com-26877/assets/images/copyright/asacp.png
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
26e2c90b392d1986bd8e662d48385bd4de47aaf1602cbdc8da562b15b76ed7d7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Last-Modified
Wed, 19 Jul 2017 20:47:16 GMT
ETag
1500497236
X-HW
1508595303.dop021.fr7.t,1508595303.cds006.fr7.sr,1508595303.dop010.dc1.r,1508595303.cds053.dc1.c,1508595303.cds006.fr7.pr
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=77431
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1668
app.55a7c0e7.js
static.filf.com/cr2/www.filf.com-26877/assets/scripts/ Frame 4613 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.filf.com/cr2/www.filf.com-26877/assets/scripts/app.55a7c0e7.js
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9119ac2ee7c0053e000455d3804c7852db24b6abc5536bc715dce18a2ede3276

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jul 2017 20:47:16 GMT
ETag
1500497236
X-HW
1508595302.dop021.fr7.t,1508595302.cds047.fr7.sr,1508595302.dop007.dc1.r,1508595303.cds054.dc1.c,1508595303.cds047.fr7.pr
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=77428
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
42069
tracking-hasoffers-4-12-22-0.min.js
static.filf.com/cr2/assets/scripts/ Frame 4613 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.filf.com/cr2/assets/scripts/tracking-hasoffers-4-12-22-0.min.js
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
771a72ea6ab3f88a402b53e5b3394335012683a691c415202cc4ad49381c3bc7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Cookie
nopop=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Oct 2017 19:23:12 GMT
ETag
1507836192
X-HW
1508595303.dop021.fr7.t,1508595303.cds056.fr7.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=4416
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2384
400-normal.woff2
static.filf.com/cr2/www.filf.com-26877/assets/fonts/opensans/ Frame 4613 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://static.filf.com/cr2/www.filf.com-26877/assets/fonts/opensans/400-normal.woff2
Requested by
Host: static.filf.com
URL: http://static.filf.com/cr2/assets/scripts/modernizr.custom.js
Protocol
HTTP/1.1
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
c5d03c107a68b4cab3c95a99735fbfaaa4b0af5ab2e2ad40fc5c099732ff560e

Request headers

Pragma
no-cache
Origin
http://www.filf.com
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://static.filf.com/cr2/www.filf.com-26877/assets/styles/app.a317254c.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer
http://static.filf.com/cr2/www.filf.com-26877/assets/styles/app.a317254c.css
Origin
http://www.filf.com

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Last-Modified
Wed, 19 Jul 2017 20:47:15 GMT
ETag
1500497235
X-HW
1508595303.dop002.fr7.t,1508595303.cds008.fr7.c
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2521
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
50860
gtm.js
www.googletagmanager.com/ Frame 4613 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-562Z4GB
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
910470ee5903a549bc43640dcf0bfebd2ac0234741b36f1874457289a2269f62
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/gtm.js?id=GTM-562Z4GB
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagmanager.com
referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
:scheme
https
:method
GET
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Sat, 21 Oct 2017 14:15:03 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
31453
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2017 14:15:03 GMT
700-normal.woff2
static.filf.com/cr2/www.filf.com-26877/assets/fonts/opensans/ Frame 4613 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://static.filf.com/cr2/www.filf.com-26877/assets/fonts/opensans/700-normal.woff2
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4cb21a0cc5256911c9b455d11dcb0164aa06c03cde58c94caa9b532749434d45

Request headers

Pragma
no-cache
Origin
http://www.filf.com
Accept-Encoding
gzip, deflate
Host
static.filf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://static.filf.com/cr2/www.filf.com-26877/assets/styles/app.a317254c.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Referer
http://static.filf.com/cr2/www.filf.com-26877/assets/styles/app.a317254c.css
Origin
http://www.filf.com

Response headers

Date
Sat, 21 Oct 2017 14:15:03 GMT
Last-Modified
Wed, 19 Jul 2017 20:47:15 GMT
ETag
1500497235
X-HW
1508595303.dop017.fr7.t,1508595303.cds004.fr7.c
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=2521
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
52844
quant.js
secure.quantserve.com/ Frame 4613 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-562Z4GB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.172.94.57 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
pixel.quantserve.com
Software
QS /
Resource Hash
d4121b1ac82147941976acde0f0968522f0d3a5668ca20b6ec0868cc41802314

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
secure.quantserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Sat, 21 Oct 2017 14:15:04 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21-Oct-2017 14:15:04 GMT
Server
QS
ETag
M0-4b3288a6
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
close
Content-Length
4785
Expires
Sat, 28 Oct 2017 14:15:04 GMT
analytics.js
www.google-analytics.com/ Frame 4613 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t.frtyt.com
URL: http://t.frtyt.com/aff_ad?nopop=1&offer_id=4257&aff_id=21&url_id=10270&aff_sub=ETO_999521370_CSO_SKY&aff_sub2=003803T&file_id=0&source=TS40-999521370&bo=3239%2C3246%2C3247%2C3248&campaign_id=3238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
:scheme
https
:method
GET
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Sep 2017 22:31:34 GMT
server
Golfe2
age
3060
date
Sat, 21 Oct 2017 13:24:03 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
14089
expires
Sat, 21 Oct 2017 15:24:03 GMT
ga-audiences
www.google.de/ads/ Frame 4613
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j64&a=876500622&t=pageview&_s=1&dl=http%3A%2F%2Fwww.filf.com%2F26877%2F%3Fs2%3D102baaf528d4d10d9a6dccd0e3a72d%26s3%3DETO_999521370_CSO_SKY%26s4%3D2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_gid=1877378273.1508595303&gjid=1979648796&_v=j64&z=1620239515
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515&slf_rd=1&random=1188219164
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515&slf_rd=1&random=1188219164
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515&slf_rd=1&random=1188219164
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.de
referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
:scheme
https
:method
GET
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2017 14:15:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2017 14:15:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43420604-53&cid=2101814253.1508595303&jid=451358835&_v=j64&z=1620239515&slf_rd=1&random=1188219164
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-jsYst-Cd4uWwY.js
rules.quantcount.com/ Frame 4613 		3 B
3 B 		Script
General
Check archive.org
Download Go to
Full URL
http://rules.quantcount.com/rules-p-jsYst-Cd4uWwY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
HTTP/1.1
Server
2600:9000:2002:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
rules.quantcount.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date
Mon, 07 Aug 2017 21:35:33 GMT
Via
1.1 919df27e6545a230c475c50a2dc46d7e.cloudfront.net (CloudFront)
Last-Modified
Fri, 03 Mar 2017 23:52:35 GMT
Server
AmazonS3
Age
22
ETag
"8a80554c91d9fca8acb82f023de02f11"
X-Cache
Error from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3
X-Amz-Cf-Id
EBTsQCVBoWucFJpPckox0TASpLGFJ9edmbLEyo8PprX8LolnvlBcDA==
Cookie set pixel;r=1552099838;rf=0;a=p-jsYst-Cd4uWwY;url=http%3A%2F%2Fwww.filf.com%2F26877%2F%3Fs2%3D102baaf528d4d10d9a6dccd0e3a72d%26s3%3DETO_999521370_CSO_SKY%26s4%3D21%26nopop%3D1%26file_id%3D0%26url%3D3;r...
pixel.quantserve.com/ Frame 4613 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=1552099838;rf=0;a=p-jsYst-Cd4uWwY;url=http%3A%2F%2Fwww.filf.com%2F26877%2F%3Fs2%3D102baaf528d4d10d9a6dccd0e3a72d%26s3%3DETO_999521370_CSO_SKY%26s4%3D21%26nopop%3D1%26file_id%3D0%26url%3D3;ref=http%3A%2F%2Ft.frtyt.com%2Faff_ad%3Fnopop%3D1%26nopop%3D1%26offer_id%3D4257%26aff_id%3D21%26url_id%3D10270%26aff_sub%3DETO_999521370_CSO_SKY%26aff_sub2%3D003803T%26file_id%3D0%26source%3DTS40-999521370%26bo%3D3246%252C3247%252C3248%26campaign_id%3D3239;fpan=1;fpa=P0-1102852535-1508595304382;ns=0;ce=1;cm=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1508595304382;tzo=0;ogl=
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
HTTP/1.1
Server
95.172.94.54 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS
pixel.quantserve.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
pixel.quantserve.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2017 14:15:04 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Set-Cookie
mc=59eb5668-62492-c13f7-b94ad; expires=Wed, 21-Nov-2018 14:15:04 GMT; path=/; domain=.quantserve.com
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
close
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
nr-1026.min.js
js-agent.newrelic.com/ Frame 4613 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1026.min.js
Requested by
Host: www.filf.com
URL: http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

:path
/nr-1026.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
js-agent.newrelic.com
referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
:scheme
https
:method
GET
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date
Sat, 21 Oct 2017 14:15:05 GMT
content-encoding
gzip
x-amz-request-id
FB225AC05AD38D6C
x-cache
HIT
status
200
content-length
8844
x-amz-id-2
OWuXd3VfH/S4xMOrUL59PD+wZ58daVF6qAc6BXdblVZtlcmsV+jIqWP/ZZ74vjmGwS8ffK2p3zU=
x-served-by
cache-hhn1531-HHN
last-modified
Mon, 06 Mar 2017 21:10:03 GMT
server
AmazonS3
x-timer
S1508595306.844445,VS0,VE0
etag
"230c916aaa9194e21891a639a9c2b8eb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5957
Cookie set 87cba7f4b6
bam.nr-data.net/1/ Frame 4613 		57 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/87cba7f4b6?a=4141125&v=1026.7a27a3e&to=NVcGMkJTXUtWVhENDQwdJQVEW1xWGFYXBQk9XgUIVFtdXxlTFwsMFlcKAh5aXFVSahELFxA%3D&rst=3297&ref=http://www.filf.com/26877/&ap=292&be=100&fe=3285&dc=692&perf=%7B%22timing%22:%7B%22of%22:1508595302556,%22n%22:0,%22f%22:11,%22dn%22:-605,%22dne%22:-498,%22c%22:-498,%22ce%22:-400,%22rq%22:-400,%22rp%22:0,%22rpe%22:98,%22dl%22:12,%22di%22:692,%22ds%22:692,%22de%22:693,%22dc%22:3284,%22l%22:3284,%22le%22:3285%7D,%22navigation%22:%7B%7D%7D&at=GRARRApJThQVVEdeGR9P&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1026.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
bam.nr-data.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept
*/*
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Set-Cookie
JSESSIONID=79c6ecf723c978f4;Path=/;Domain=.nr-data.net;Secure
Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.filf.com
URL
http://www.filf.com/26877/?s2=102baaf528d4d10d9a6dccd0e3a72d&s3=ETO_999521370_CSO_SKY&s4=21&nopop=1&file_id=0&url=3

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
.filf.com/ Name: __qca
Value: P0-1102852535-1508595304382
.filf.com/ Name: _gat
Value: 1
.filf.com/ Name: _ga
Value: GA1.2.2101814253.1508595303
.filf.com/ Name: _gid
Value: GA1.2.1877378273.1508595303
www.filf.com/ Name: tracking
Value: %7B%22aff%22%3A1%2C%22subId1%22%3A%22%22%2C%22subId2%22%3A%22102baaf528d4d10d9a6dccd0e3a72d%22%2C%22subId3%22%3A%22ETO_999521370_CSO_SKY%22%2C%22subId4%22%3A%2221%22%2C%22typeInUrl%22%3A%22%22%2C%22urlParam%22%3A%223%22%2C%22tourId%22%3A26877%2C%22mirrorId%22%3Anull%7D
www.filf.com/ Name: locale
Value: en
www.filf.com/ Name: regional
Value: %5B%22Wehlheiden%22%2C%22Vollmarshausen%22%2C%22Heiligenrode%22%2C%22Kirchbauna%22%2C%22M%5Cu00f6nchehof%22%2C%22D%5Cu00f6rnhagen%22%2C%22Fuldabr%5Cu00fcck%22%2C%22Fuldatal%22%2C%22Spiekershausen%22%2C%22Bergshausen%22%5D
www.filf.com/ Name: crak
Value: %7B%227513%22%3A%7B%22aff%22%3A%221%22%2C%22track%22%3A%22%22%2C%22subid2%22%3A%22102baaf528d4d10d9a6dccd0e3a72d%22%2C%22subid3%22%3A%22ETO_999521370_CSO_SKY%22%2C%22subid4%22%3A%2221%22%2C%22typein_url%22%3A%22%22%2C%22url_id%22%3A%223%22%2C%22exp%22%3A%221509200102%22%2C%22click%22%3A%22%22%7D%7D
www.filf.com/ Name: hash
Value: 57b01ff9b45e7de0142ea3c939a6104b5164f909
.filf.com/ Name: nopop
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
ckstatic.com
js-agent.newrelic.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
static.filf.com
stats.g.doubleclick.net
t.frtyt.com
www.filf.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.filf.com
107.178.242.109
151.101.114.110
162.247.242.19
205.185.216.10
205.185.216.42
2600:9000:2002:1a00:6:44e3:f8c0:93a1
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:817::2008
2a00:1450:4001:817::200e
2a00:1450:400c:c04::9d
66.155.97.33
95.172.94.54
95.172.94.57
140e165ddfda05a70098b54d9fd6c046e8d7fd58485246c244701b1cf7d118c9
18336ad61f0752872b1dcf4f4f7df1372624a9695373e4f1387cd112e6b9cfdb
2324fa2acc1382ed8b1306e981e5c2273e57a0532efd1d6a5a0a4a0aab22d045
26e2c90b392d1986bd8e662d48385bd4de47aaf1602cbdc8da562b15b76ed7d7
27f353de45a3d453018e109f7dd041f7a7449981f36621c407b6c9d650b2a4e4
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
4cb21a0cc5256911c9b455d11dcb0164aa06c03cde58c94caa9b532749434d45
500609be0c6b4ea773c4c10087f549410014bf4e35d483d3b4dce284d6ce035d
708c80e32db1e74f256e627e8b9661786d659d52c29cb1455ae5e8400efd146b
771a72ea6ab3f88a402b53e5b3394335012683a691c415202cc4ad49381c3bc7
910470ee5903a549bc43640dcf0bfebd2ac0234741b36f1874457289a2269f62
9119ac2ee7c0053e000455d3804c7852db24b6abc5536bc715dce18a2ede3276
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2ed39d8df0a9b5a7bd5711acb2856fffc23a32e232897ac9af8049649d13744
c5d03c107a68b4cab3c95a99735fbfaaa4b0af5ab2e2ad40fc5c099732ff560e
c6b51278f1a5a919cbc532ab29d06e1b1a918ee779cd055d27fc07120fd9093e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d4121b1ac82147941976acde0f0968522f0d3a5668ca20b6ec0868cc41802314
e61c207eef2b9e0cd99ead651d6f3ea3e633f1691052356b332cbe3645edc8ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629