urlscan.io logo urlscan.io
SecurityTrails logo

kvpli.galeon.com Open in urlscan Pro
149.12.64.157  Public Scan

Go To Rescan Add Verdict Report
URL: http://kvpli.galeon.com/?fpygbhmk
Submission: On June 17 via manual from MX
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 8 countries across 15 domains to perform 54 HTTP transactions. The main IP is 149.12.64.157, located in United States and belongs to COGENT-174 - Cogent Communications, US. The main domain is kvpli.galeon.com.
This is the only time kvpli.galeon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 149.12.64.157 174 (COGENT-174)
6 149.36.225.12 174 (COGENT-174)
1 2a00:1450:401... 15169 (GOOGLE)
1 206.54.163.4 35415 (WEBZILLA)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.84.74.73 16509 (AMAZON-02)
2 95.101.248.119 16625 (AKAMAI-AS)
1 62.67.193.61 26667 (RUBICONPR...)
1 62.67.193.41 26667 (RUBICONPR...)
2 208.146.36.221 30282 (AS-INAPCD...)
1 62.67.193.33 26667 (RUBICONPR...)
4 185.33.223.210 29990 (ASN-APPNEXUS)
1 178.250.0.67 44788 (ASN-CRITE...)
1 2a01:4f8:120:... 24940 (HETZNER-AS)
5 192.229.233.174 15133 (EDGECAST)
1 95.101.245.163 16625 (AKAMAI-AS)
2 46.20.32.78 24961 (MYLOC-AS)
1 205.217.176.16 3561 (CENTURYLI...)
6 95.100.248.115 20940 (AKAMAI-ASN1)
1 95.100.185.90 16625 (AKAMAI-AS)
54 21
6    149.12.64.157 (United States)

ASN174 (COGENT-174 - Cogent Communications, US)
PTR: hv3m157.hispavista.com
kvpli.galeon.com
www.galeon.com
6    149.36.225.12 (Madrid, Spain)

ASN174 (COGENT-174 - Cogent Communications, US)
PTR: hv2m12v.hispavista.com
a.hspvst.com
1    2a00:1450:401b:801::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.com
1    206.54.163.4 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)
onclickads.net
2    2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
2    52.84.74.73 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-74-73.atl52.r.cloudfront.net
cdn-tags.mmondi.com
2    95.101.248.119 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-248-119.deploy.akamaitechnologies.com
ads.rubiconproject.com
1    62.67.193.61 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com
1    62.67.193.41 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com
2    208.146.36.221 (Chesterfield, United States)

ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US)
rs.gwallet.com
1    62.67.193.33 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu2.rubiconproject.com
4    185.33.223.210 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    178.250.0.67 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a01:4f8:120:53ef::2 (Germany)

ASN24940 (HETZNER-AS, DE)
c.t4ft.de
5    192.229.233.174 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
i.r1-cdn.net
1    95.101.245.163 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-245-163.deploy.akamaitechnologies.com
sb.voicefive.com
2    46.20.32.78 (Germany)

ASN24961 (MYLOC-AS, DE)
t4ft.de
1    205.217.176.16 (Chesterfield, United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS - Savvis, US)
PTR: event.ia7.adxpose.com
a.scorecardresearch.com
6    95.100.248.115 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-100-248-115.deploy.akamaitechnologies.com
b.scorecardresearch.com
1    95.100.185.90 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-185-90.deploy.akamaitechnologies.com
secure.img-cdn.mediaplex.com
Domain Requested by
6 b.scorecardresearch.com sb.voicefive.com
kvpli.galeon.com
6 a.hspvst.com kvpli.galeon.com
a.hspvst.com
5 i.r1-cdn.net rs.gwallet.com
i.r1-cdn.net
kvpli.galeon.com
5 www.galeon.com kvpli.galeon.com
4 ib.adnxs.com kvpli.galeon.com
ib.adnxs.com
2 t4ft.de kvpli.galeon.com
c.t4ft.de
2 rs.gwallet.com kvpli.galeon.com
rs.gwallet.com
2 optimized-by.rubiconproject.com ads.rubiconproject.com
2 ads.rubiconproject.com kvpli.galeon.com
2 cdn-tags.mmondi.com a.hspvst.com
2 www.google-analytics.com kvpli.galeon.com
1 secure.img-cdn.mediaplex.com srcdoc
1 a.scorecardresearch.com sb.voicefive.com
1 sb.voicefive.com rs.gwallet.com
1 c.t4ft.de rs.gwallet.com
c.t4ft.de
1 gum.criteo.com ib.adnxs.com
1 beacon-eu2.rubiconproject.com kvpli.galeon.com
1 onclickads.net a.hspvst.com
1 www.google.com kvpli.galeon.com
www.google.com
1 kvpli.galeon.com
0 img.mediaplex.com Failed secure.img-cdn.mediaplex.com
0 tap-secure.rubiconproject.com Failed kvpli.galeon.com
0 acdn.adnxs.com Failed kvpli.galeon.com
54 23
Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G2		 2017-06-07 -
2017-08-30		 3 months crt.sh
*.criteo.com
Symantec Class 3 Secure Server CA - G4		 2015-10-13 -
2018-01-26		 2 years crt.sh
c.t4ft.de
Let's Encrypt Authority X3		 2017-05-10 -
2017-08-08		 3 months crt.sh
*.voicefive.com
COMODO RSA Organization Validation Secure Server CA		 2016-12-20 -
2017-12-20		 a year crt.sh
secure.img-cdn.mediaplex.com
Symantec Class 3 Secure Server CA - G4		 2016-07-22 -
2017-07-22		 a year crt.sh

This page contains 10 frames:

Primary Page: http://kvpli.galeon.com/?fpygbhmk
Frame ID: 5422.1
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?q=kvpli%20&r=m&fexp=21404%2C7000107&client=pub-9398897302597545&channel=6287501732&hl=es&type=0&oe=UTF-8&ie=UTF-8&jsei=3&format=w3&ad=w3&nocache=3471497662683432&num=0&output=uds_ads_only&v=3&adlh=on&bsl=10&u_his=2&u_tz=0&dt=1497662683433&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=774&frm=0&uio=uv3cs1sl0sr0lHaf3ff2st16sd14sv12da0-&jsv=10388&rurl=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Frame ID: 5422.2
Requests: 1 HTTP requests in this frame

Frame: http://a.hspvst.com/delivery/afr.php?zoneid=24&source=hv_galeon_redirigir&e=999&cb=4757354665
Frame ID: 5422.3
Requests: 1 HTTP requests in this frame

Frame: http://cdn-tags.mmondi.com/26182
Frame ID: 5422.4
Requests: 9 HTTP requests in this frame

Frame: http://cdn-tags.mmondi.com/26181
Frame ID: 5422.5
Requests: 23 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5422.6
Requests: 1 HTTP requests in this frame

Frame: https://tap-secure.rubiconproject.com/partner/scripts/rubicon/emily.html?pc=13258/76706&geo=eu&co=de
Frame ID: 5422.7
Requests: 1 HTTP requests in this frame

Frame: http://c.t4ft.de/s/xbf.html
Frame ID: 5422.8
Requests: 1 HTTP requests in this frame

Frame: https://secure.img-cdn.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250.js?mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D101701524%26mpcrset%3Dexclude-hb-niedersachsen%26mpr%3D68773460&mpt=1497662684124&pt=1117382&mpqs=mpt%3D1497662684124%26pt%3D1117382&mpssl=1&mpvc=http://rs.gwallet.com/r1/adclick/c599591T1117382B83224F90868R5S6b48489203d/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?
Frame ID: 5422.9
Requests: 1 HTTP requests in this frame

Frame: https://img.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250/index.html?mpt=1497662684124&pt=1117382&mpssl=1&mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D101701524%26mpcrset%3Dexclude-hb-niedersachsen%26mpr%3D68773460&mpvc=http%3A%2F%2Frs.gwallet.com%2Fr1%2Fadclick%2Fc599591T1117382B83224F90868R5S6b48489203d%2F_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c%3F
Frame ID: 5422.10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

54
Requests

11 %
HTTPS

15 %
IPv6

15
Domains

23
Subdomains

21
IPs

8
Countries

249 kB
Transfer

567 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 25
  • http://ib.adnxs.com/ttj?id=4553319&cb=3721092907635612&referrer=galeon.com&pubclickenc=
  • http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D4553319%26cb%3D3721092907635612%26referrer%3Dgaleon.com%26pubclickenc%3D
Request 39
  • http://b.scorecardresearch.com/p?ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns...
  • http://b.scorecardresearch.com/p2?ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&n...
Request 48
  • https://adfarm.mediaplex.com/ad/js/27729-235459-37737-7?mpu_token=AAAFujgHuQsxqwAFCY46AAAAAAA&mpt=1497662684124&pt=1117382&mpvc=http://rs.gwallet.com/r1/adclick/c599591T1117382B83224F90868R5S6b4848...
  • https://secure.img-cdn.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250.js?mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D10170152...

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kvpli.galeon.com/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.12.64.157 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv3m157.hispavista.com
Software
Apache / PHP/4.4.4-8+etch6
Resource Hash
44e7e133d02e3fbfd1f7e07bca9574dfc8eabbdb0438661fa0546d736cc8589d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:17 GMT
Server
Apache
Connection
Keep-Alive
X-Powered-By
PHP/4.4.4-8+etch6
Transfer-Encoding
chunked
Keep-Alive
timeout=5, max=49
Content-Type
text/html; charset=iso-8859-1
pagerror.css
www.galeon.com/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.galeon.com/pagerror.css
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.12.64.157 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv3m157.hispavista.com
Software
Apache /
Resource Hash
bec6c76a52f530a5b0d6b0348f2febab34a5ec8f649a09daa82553b7fb317951

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:18 GMT
Last-Modified
Thu, 18 Aug 2016 09:56:42 GMT
Server
Apache
ETag
"61773-1738-57b5865a"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Content-Length
5944
logo_galeon.png
www.galeon.com/img/pie/gratuitas/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.galeon.com/img/pie/gratuitas/logo_galeon.png
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.12.64.157 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv3m157.hispavista.com
Software
Apache /
Resource Hash
670a2a25ef3c85490b3dff8f493bcc58f9afe1d7ea0fb131a4d24e0ada6da5f5

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:18 GMT
Last-Modified
Mon, 13 May 2013 07:07:59 GMT
Server
Apache
ETag
"e366d-1be9-5190914f"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=50
Content-Length
7145
logofin.gif
www.galeon.com/img/pie_nuevo/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.galeon.com/img/pie_nuevo/logofin.gif
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.12.64.157 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv3m157.hispavista.com
Software
Apache /
Resource Hash
6677fe066a5ccb2638eeffd0a6732856d37ee73eda52b4d965329883390bcd9c

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:18 GMT
Last-Modified
Wed, 20 Aug 2008 12:25:36 GMT
Server
Apache
ETag
"e367e-570-48ac0d40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
1392
asyncjs.php
a.hspvst.com/delivery/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://a.hspvst.com/delivery/asyncjs.php
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.36.225.12 Madrid, Spain, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv2m12v.hispavista.com
Software
Apache /
Resource Hash
f544eb24ba39a8a51ed71b8cf805478e59b8e213954df1e064c85de51af8bf01

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:43 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
private, max-age=3600
Connection
Keep-Alive
Expire
Sat, 17 Jun 2017 02:24:43 GMT
Keep-Alive
timeout=3, max=1000
async-ads.js
www.google.com/adsense/search/ 		236 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.google.com/adsense/search/async-ads.js
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
2a00:1450:401b:801::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
fe4c7609eb24f6d18382bc24e1615a68dd1ee01bcb9a593fde99930d2f0959cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"10388264078803690196"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Sat, 17 Jun 2017 01:24:43 GMT
separador.png
www.galeon.com/img/pie/gratuitas/ 		171 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.galeon.com/img/pie/gratuitas/separador.png
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.12.64.157 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv3m157.hispavista.com
Software
Apache /
Resource Hash
8ec08d3e5d41adb51b3c72eac43d2d2d695f2695565cd62e8695da7c774cf746

Request headers

Referer
http://www.galeon.com/pagerror.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:18 GMT
Last-Modified
Fri, 10 May 2013 10:26:21 GMT
Server
Apache
ETag
"e3670-ab-518ccb4d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=49
Content-Length
171
galeonpro.jpg
www.galeon.com/img/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.galeon.com/img/galeonpro.jpg
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.12.64.157 , United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv3m157.hispavista.com
Software
Apache /
Resource Hash
8a61cb5549034da1fde808d694e68faaca15a7a5c2592b5db9148e5e153d1976

Request headers

Referer
http://www.galeon.com/pagerror.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:18 GMT
Last-Modified
Wed, 17 Aug 2016 10:45:40 GMT
Server
Apache
ETag
"62a54-632a-57b44054"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=48
Content-Length
25386
ajs.php
a.hspvst.com/delivery/ 		569 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a.hspvst.com/delivery/ajs.php?zoneid=69&source=hv_galeon_redirigir&e=999&cb=31708673539
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
149.36.225.12 Madrid, Spain, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv2m12v.hispavista.com
Software
Apache /
Resource Hash
70a27203193e88176fadf433dbd36fd8edeab2d0b7a477315c969e86ff405dad

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:29 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://a.hspvst.com/w3c/policy.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Connection
Keep-Alive
Content-Type
text/javascript; charset=UTF-8
Keep-Alive
timeout=3, max=1000
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
www.google.com/afs/ Frame 5422 		0
0
apu.php
onclickads.net/ 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onclickads.net/apu.php?zoneid=11341
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/ajs.php?zoneid=69&source=hv_galeon_redirigir&e=999&cb=31708673539
Protocol
HTTP/1.1
Server
206.54.163.4 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
QRATOR /
Resource Hash
5a3db99b95fd5dc869567b1c7ee595bbe7826dc05ae297c2ba946dfca1539368

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:43 GMT
Content-Encoding
gzip
Server
QRATOR
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
a.hspvst.com/delivery/ 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.hspvst.com/delivery/lg.php?bannerid=1461&campaignid=751&zoneid=69&source=hv_galeon_redirigir&OASCCAP=1&loc=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&cb=f5a28b3430
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/ajs.php?zoneid=69&source=hv_galeon_redirigir&e=999&cb=31708673539
Protocol
HTTP/1.1
Server
149.36.225.12 Madrid, Spain, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv2m12v.hispavista.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:29 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://a.hspvst.com/w3c/policy.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=3, max=999
Expires
Mon, 26 Jul 1997 05:00:00 GMT
afr.php
a.hspvst.com/delivery/ Frame 5422 		0
0
analytics.js
www.google-analytics.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2017 00:25:39 GMT
server
Golfe2
age
810
date
Sat, 17 Jun 2017 01:11:13 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="38,37,36,35"
content-length
12343
expires
Sat, 17 Jun 2017 03:11:13 GMT
asyncspc.php
a.hspvst.com/delivery/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://a.hspvst.com/delivery/asyncspc.php?zones=1%7C31&prefix=revive-0-&source=hv_galeon_redirigir&e=999&loc=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
149.36.225.12 Madrid, Spain, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv2m12v.hispavista.com
Software
Apache /
Resource Hash
de974bc9b01f85e2a382085de9aa502fe43d3c02cea9cf2d94e95b04877e602e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36
Referer
http://kvpli.galeon.com/?fpygbhmk
Origin
http://kvpli.galeon.com

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:43 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://a.hspvst.com/w3c/policy.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://kvpli.galeon.com
Cache-Control
private, max-age=0, no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=3, max=999
Expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j56&a=1852462249&t=pageview&_s=1&dl=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&ul=en-us&de=windows-1252&dt=P%C3%A1gina%20No%20encontrada%20-%20Gale%C3%B3n%20%3A%20Tu%20p%C3%A1gina%20web%20gratis&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAMABI~&jid=1527107147&gjid=287508173&cid=118444592.1497662684&tid=UA-181100-9&_gid=1118233339.1497662684&_r=1&z=1418056329
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Jun 2017 01:24:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="38,37,36,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
26182
cdn-tags.mmondi.com/ Frame 5422 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn-tags.mmondi.com/26182
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
52.84.74.73 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-74-73.atl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3aaf7e63e926194a01aecf2d060863ef2ef82d7108cc4cda8bc3662193ff081

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Fri, 23 Sep 2016 16:00:44 GMT
Content-Encoding
utf-8
Last-Modified
Tue, 31 May 2016 12:31:02 GMT
Server
AmazonS3
Age
186
ETag
"51dde943a50b3e4ff6dfa7061a6abf74"
X-Cache
Hit from cloudfront
Content-Type
text/html
Via
1.1 d8e2175fcc8f75911462cb6cccc9c435.cloudfront.net (CloudFront)
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8835
X-Amz-Cf-Id
9QS6OB2kyI5AKqVXQvit3YvuslzMxOyOX6ZEwkzQy83n0qYZ8_B6Lg==
lg.php
a.hspvst.com/delivery/ Frame 5422 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.hspvst.com/delivery/lg.php?bannerid=2761&campaignid=1271&zoneid=1&source=hv_galeon_redirigir&loc=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&cb=0c1b654b6b
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
149.36.225.12 Madrid, Spain, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv2m12v.hispavista.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:30 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://a.hspvst.com/w3c/policy.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=3, max=997
Expires
Mon, 26 Jul 1997 05:00:00 GMT
26181
cdn-tags.mmondi.com/ Frame 5422 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn-tags.mmondi.com/26181
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
52.84.74.73 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-74-73.atl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b267cf7bcfcee336666a675c4269ebaf29cae52f55d0e976137f22905f969f5f

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Fri, 18 Nov 2016 18:26:12 GMT
Content-Encoding
utf-8
Last-Modified
Tue, 31 May 2016 12:30:35 GMT
Server
AmazonS3
Age
559
ETag
"497825c2c086a91a61d53b215706cbea"
X-Cache
Hit from cloudfront
Content-Type
text/html
Via
1.1 fcf0d94b636f4a7413a7e4453e44a7ec.cloudfront.net (CloudFront)
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8843
X-Amz-Cf-Id
2nHidyeHRb4bSXK3MOJ97kMwyhhhS4MnzcFdmbQu2t9DGPm0TLEsRQ==
lg.php
a.hspvst.com/delivery/ Frame 5422 		43 B
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a.hspvst.com/delivery/lg.php?bannerid=2763&campaignid=1272&zoneid=31&source=hv_galeon_redirigir&loc=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&cb=afbc6304b0
Requested by
Host: a.hspvst.com
URL: http://a.hspvst.com/delivery/asyncjs.php
Protocol
HTTP/1.1
Server
149.36.225.12 Madrid, Spain, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
hv2m12v.hispavista.com
Software
Apache /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:30 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://a.hspvst.com/w3c/policy.xml", CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0, no-cache
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=3, max=1000
Expires
Mon, 26 Jul 1997 05:00:00 GMT
13258.js
ads.rubiconproject.com/ad/ Frame 5422 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.rubiconproject.com/ad/13258.js
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.101.248.119 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-248-119.deploy.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
28782d31c7ae5d60a7d407a6dfc1022693fbe392b6663b36d962846f88a9eb6c

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
nnCoection
close
Cache-Control
max-age=5510
Connection
keep-alive
Content-Length
7072
Expires
Sat, 17 Jun 2017 02:56:34 GMT
ads.jsonp
optimized-by.rubiconproject.com/a/api/ Frame 5422 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://optimized-by.rubiconproject.com/a/api/ads.jsonp?enc=url&account_id=13258&site_id=76706&zone_id=458744&size_id=15&cb=0.08398179151304519&tk_st=1&rf=http%3A//kvpli.galeon.com/%3Ffpygbhmk&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=76706_15
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/ad/13258.js
Protocol
HTTP/1.1
Server
62.67.193.61 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
787d35c16ecb5ac038f55e4bbc85b493a6b2a622ea4b87b03035a5d805669f4f

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=90
Content-Length
1438
Expires
Wed, 17 Sep 1975 21:32:10 GMT
13258.js
ads.rubiconproject.com/ad/ Frame 5422 		25 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.rubiconproject.com/ad/13258.js
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.101.248.119 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-248-119.deploy.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
28782d31c7ae5d60a7d407a6dfc1022693fbe392b6663b36d962846f88a9eb6c

Request headers

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
nnCoection
close
Cache-Control
max-age=5510
Connection
keep-alive
Content-Length
7072
Expires
Sat, 17 Jun 2017 02:56:34 GMT
ads.jsonp
optimized-by.rubiconproject.com/a/api/ Frame 5422 		309 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
http://optimized-by.rubiconproject.com/a/api/ads.jsonp?enc=url&account_id=13258&site_id=76706&zone_id=458746&size_id=2&cb=0.7364231621252553&tk_st=1&rf=http%3A//kvpli.galeon.com/%3Ffpygbhmk&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=76706_2
Requested by
Host: ads.rubiconproject.com
URL: http://ads.rubiconproject.com/ad/13258.js
Protocol
HTTP/1.1
Server
62.67.193.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
852cda9da8c359fbea4e2c1acc3559899cf8c8279f91c438900d9f9ae91ba830

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=96
Content-Length
309
Expires
Wed, 17 Sep 1975 21:32:10 GMT
_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzht...
rs.gwallet.com/r1/ad/c599591T1117382B83224F90868R5t2/ Frame 5422 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rs.gwallet.com/r1/ad/c599591T1117382B83224F90868R5t2/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?win_price=B24601328964A92D
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
208.146.36.221 Chesterfield, United States, ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US),
Reverse DNS
Software
radiumone/1.4.2 /
Resource Hash
6b57deb888ccdcec05ec12363f48260cee95d58f6c05c5a0d9219c56b4baf5a2

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Server
radiumone/1.4.2
transfer-encoding
chunked
P3p
CP="PSAo PSDo OUR BUS DSP NON COR"
Cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-type
text/javascript; charset=UTF-8
Expires
Tue, 29 Oct 2002 19:50:44 GMT
30a727a6-71c7-44cf-a7c5-a34d0b8c68af
beacon-eu2.rubiconproject.com/beacon/d/ Frame 5422 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://beacon-eu2.rubiconproject.com/beacon/d/30a727a6-71c7-44cf-a7c5-a34d0b8c68af?accountId=13258&siteId=76706&zoneId=458744&e=6A1E40E384DA563B08C88A541080EE31279924918A870915AC6060F18F5768621AA07D27CD0B17D823AE745C1052206E2B1664A4958F4D910E88CC8A9EB9EF4D5BB473BB3B925B8026243F27CA6595B6AD0F2B285EDBD72AA5A1F38F535CAB55B05D2CD78864BC6BFAA930B4954B0A1FECBD37152632E038DE753DFEC496C97139C67A6FE34D9E8B21E7CE112C88E79D54267F605AE293E32D819451565A3CA904938F9B5ED8F9E1
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
62.67.193.33 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:43 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/gif
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
bounce
ib.adnxs.com/ Frame 5422
Redirect Chain
  • http://ib.adnxs.com/ttj?id=4553319&cb=3721092907635612&referrer=galeon.com&pubclickenc=
  • http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D4553319%26cb%3D3721092907635612%26referrer%3Dgaleon.com%26pubclickenc%3D
 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D4553319%26cb%3D3721092907635612%26referrer%3Dgaleon.com%26pubclickenc%3D
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
e3831c0d9ca557daa9a9c39b41610caf7c362f8ecad937ca074b136658664c0c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:46 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.133:80
AN-X-Request-Uuid
73ad1686-bd5b-481a-a0ec-859495867981
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
7390
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:46 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.206:80
AN-X-Request-Uuid
cc87c88f-8944-4b04-9023-e67976e5e50d
Server
nginx/1.11.5
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D4553319%26cb%3D3721092907635612%26referrer%3Dgaleon.com%26pubclickenc%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame 5422 		51 B
51 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: ib.adnxs.com
URL: http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D4553319%26cb%3D3721092907635612%26referrer%3Dgaleon.com%26pubclickenc%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
178.250.0.67 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Cache-Control
private
Expires
Sat, 17 Jun 2017 02:24:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
51
Content-Type
text/javascript; charset=utf-8
ttj
ib.adnxs.com/ Frame 5422 		824 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ttj?ttjb=1&bdc=1497662686&bdh=LsT-YZIW3KhkzC7-Cdc_c9HXtr8.&&bdref=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk,http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&&id=4553319&cb=3721092907635612&referrer=galeon.com&pubclickenc=
Requested by
Host: ib.adnxs.com
URL: http://ib.adnxs.com/bounce?%2Fttj%3Fid%3D4553319%26cb%3D3721092907635612%26referrer%3Dgaleon.com%26pubclickenc%3D
Protocol
HTTP/1.1
Server
185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
96415672f1f6453e510c31343a1c8c160f6d91a716c7d002b9974d79cc58665d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:46 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.212:80
AN-X-Request-Uuid
4c1dda5e-ae32-4cf2-9ba9-b2d836728725
X-Creative-ID
41873061
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
824
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame 5422 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ttj?id=6589257&psa=0&cb=1591352652&loc=,&pubclick=http://ams1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAOCjcN0_AAAAAAAAAAAAAAAAAAAAAFq17LPWpBNaiRim9Vx6BWHehERZAAAAAGd6RQC8AwAA5QAAAAIAAACl7n4CZWgCAAAAAAAAAAAARVVSANgCWgDV1QAAAAAAAgEAAQAAAIIAGhfy_AAAAAA./bn=0/referrer=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk/clickenc=
Requested by
Host: ib.adnxs.com
URL: http://ib.adnxs.com/ttj?ttjb=1&bdc=1497662686&bdh=LsT-YZIW3KhkzC7-Cdc_c9HXtr8.&&bdref=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk,http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&&id=4553319&cb=3721092907635612&referrer=galeon.com&pubclickenc=
Protocol
HTTP/1.1
Server
185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
03cf99445c667db30ace1ba5c37d5d5378ab99108d263a472aa4d72d96a0a4d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:46 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.243:80
AN-X-Request-Uuid
67b4583d-b181-4936-bc59-7d8dd259b9c3
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
3457
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ttj
ib.adnxs.com/ Frame 5422 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ttj?ttjb=1&bdc=1497662686&bdh=LsT-YZIW3KhkzC7-Cdc_c9HXtr8.&bdref=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk,http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&&id=6589257&psa=0&cb=1591352652&loc=,&pubclick=http://ams1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAOCjcN0_AAAAAAAAAAAAAAAAAAAAAFq17LPWpBNaiRim9Vx6BWHehERZAAAAAGd6RQC8AwAA5QAAAAIAAACl7n4CZWgCAAAAAAAAAAAARVVSANgCWgDV1QAAAAAAAgEAAQAAAIIAGhfy_AAAAAA./bn=0/referrer=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk/clickenc=
Requested by
Host: ib.adnxs.com
URL: http://ib.adnxs.com/ttj?id=6589257&psa=0&cb=1591352652&loc=,&pubclick=http://ams1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAOCjcN0_AAAAAAAAAAAAAAAAAAAAAFq17LPWpBNaiRim9Vx6BWHehERZAAAAAGd6RQC8AwAA5QAAAAIAAACl7n4CZWgCAAAAAAAAAAAARVVSANgCWgDV1QAAAAAAAgEAAQAAAIIAGhfy_AAAAAA./bn=0/referrer=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk/clickenc=
Protocol
HTTP/1.1
Server
185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:46 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.238:80
AN-X-Request-Uuid
4ee16da6-0225-4c94-a035-dc0ffc760f75
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5422 		0
0
ftg_t_v_bk.min.js
c.t4ft.de/c/ Frame 5422 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.t4ft.de/c/ftg_t_v_bk.min.js
Requested by
Host: rs.gwallet.com
URL: http://rs.gwallet.com/r1/ad/c599591T1117382B83224F90868R5t2/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?win_price=B24601328964A92D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:120:53ef::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.6.2, static-1201 /
Resource Hash
8fe7f522910bea0387674ed9854c7fde2a11c422d1d74b5411561969dfe8e3c0

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Mar 2017 10:30:28 GMT
Server
nginx/1.6.2, static-1201
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 17 Jun 2017 02:24:44 GMT
obac.js
i.r1-cdn.net/static/js/ Frame 5422 		2 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
http://i.r1-cdn.net/static/js/obac.js
Requested by
Host: rs.gwallet.com
URL: http://rs.gwallet.com/r1/ad/c599591T1117382B83224F90868R5t2/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?win_price=B24601328964A92D
Protocol
HTTP/1.1
Server
192.229.233.174 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4198) /
Resource Hash
e805922525be72d8cb6871f7af032b03fce78bc447e7e18078369f3c8b60ab79

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jun 2017 06:14:26 GMT
Server
ECS (fcn/4198)
Etag
W/"5938eb42-902"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
889
Expires
Sat, 17 Jun 2017 03:24:44 GMT
rs.js
sb.voicefive.com/c2/15284045/ Frame 5422 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.voicefive.com/c2/15284045/rs.js
Requested by
Host: rs.gwallet.com
URL: http://rs.gwallet.com/r1/ad/c599591T1117382B83224F90868R5t2/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?win_price=B24601328964A92D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.163 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-163.deploy.akamaitechnologies.com
Software
/
Resource Hash
02e807ab04ea34d1401108e6eef8ff47e9a1edbe4f712fb190e3e73a338af669

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 13:55:44 GMT
ETag
"95ff5dc91eaf1e5f7e26b68d7ac4de9f:1492782944"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
2988
Expires
Tue, 20 Jun 2017 01:24:44 GMT
_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzht...
rs.gwallet.com/r1/adimpr/c599591T1117382B83224F90868R5t2/ Frame 5422 		43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rs.gwallet.com/r1/adimpr/c599591T1117382B83224F90868R5t2/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?win_price=B24601328964A92D&ref=%3Fpjktx_sytoef_wer%26%2Bnkasqurp
Requested by
Host: rs.gwallet.com
URL: http://rs.gwallet.com/r1/ad/c599591T1117382B83224F90868R5t2/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?win_price=B24601328964A92D
Protocol
HTTP/1.1
Server
208.146.36.221 Chesterfield, United States, ASN30282 (AS-INAPCDN-OCY - Internap Network Services Corporation, US),
Reverse DNS
Software
radiumone/1.4.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
content-encoding
gzip
Server
radiumone/1.4.2
transfer-encoding
chunked
P3p
CP="PSAo PSDo OUR BUS DSP NON COR"
Cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-type
image/gif
Expires
Tue, 29 Oct 2002 19:50:44 GMT
/
t4ft.de/ckgif/ Frame 5422 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://t4ft.de/ckgif/
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
46.20.32.78 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software
nginx/1.6.2, ws-0404 /
Resource Hash
07483f8ea391031b60ccea134cf2b97dc8ce25f3f4c8045a5d9ace1922bf7aff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36
Referer
http://kvpli.galeon.com/?fpygbhmk
Origin
http://kvpli.galeon.com

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Last-Modified
Thu, 28 May 2015 11:45:49 GMT
Server
nginx/1.6.2, ws-0404
ETag
"404170617032400157"
Vary
Origin
P3P
policyref="http://t4ft.de/p3p.xml", CP="NOI DSP PSAa PSDa IVAa IVDa OUR NOR UNI COM NAV INT CNT"
Access-Control-Allow-Origin
http://kvpli.galeon.com
Cache-Control
max-age=31556926, private, proxy-revalidate
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Content-Length
88
Expires
Sun, 17 Jun 2018 01:24:44 GMT
r1oba.min.css
i.r1-cdn.net/static/css/ Frame 5422 		2 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://i.r1-cdn.net/static/css/r1oba.min.css
Requested by
Host: i.r1-cdn.net
URL: http://i.r1-cdn.net/static/js/obac.js
Protocol
HTTP/1.1
Server
192.229.233.174 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/9F9A) /
Resource Hash
668c8a6e0df450b4fd257c0dc2a4ddabcd2dc5b71418376eb71a489316d802b8

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jun 2017 06:14:26 GMT
Server
ECS (fcn/9F9A)
Etag
"5938eb42-624"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
513
Expires
Sat, 17 Jun 2017 03:24:44 GMT
rpc.flow
a.scorecardresearch.com/ Frame 5422 		105 B
105 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a.scorecardresearch.com/rpc.flow?uid=uid1497662684337&ns_mod_ns=mvce&ns__p=1497662684337&ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_sv=5.1608.18&ns_ce_mod=vce_st&ns_ad_event=load&c8=&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Requested by
Host: sb.voicefive.com
URL: https://sb.voicefive.com/c2/15284045/rs.js
Protocol
HTTP/1.1
Server
205.217.176.16 Chesterfield, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS - Savvis, US),
Reverse DNS
event.ia7.adxpose.com
Software
nginx /
Resource Hash
011d3460efcd8aa2bb0c34d9887f82ad23656cc4156859957aa56b32ff4bc7c1

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Server
nginx
Content-Type
text/javascript;charset=UTF-8
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
105
Expires
Thu, 01 Jan 1970 00:00:00 GMT
vce_st.js
b.scorecardresearch.com/rs/ Frame 5422 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://b.scorecardresearch.com/rs/vce_st.js
Requested by
Host: sb.voicefive.com
URL: https://sb.voicefive.com/c2/15284045/rs.js
Protocol
HTTP/1.1
Server
95.100.248.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-115.deploy.akamaitechnologies.com
Software
/
Resource Hash
59a62619b0fd24d857d293297035caac512cbbbf0c049a12b783116e453bd923

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
27205
Expires
Thu, 22 Jun 2017 20:56:43 GMT
p2
b.scorecardresearch.com/ Frame 5422
Redirect Chain
  • http://b.scorecardresearch.com/p?ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns...
  • http://b.scorecardresearch.com/p2?ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&n...
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p2?ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_sv=5.1608.18&ns_ce_mod=vce_st&ns_ad_event=load&c8=&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.100.248.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-115.deploy.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://b.scorecardresearch.com/p2?ns__t=1497662684337&ns__c=windows-1252&c1=3&c3=57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_sv=5.1608.18&ns_ce_mod=vce_st&ns_ad_event=load&c8=&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
emily.html
tap-secure.rubiconproject.com/partner/scripts/rubicon/ Frame 5422 		0
0
/
t4ft.de/bk/ Frame 5422 		104 B
104 B 		Script
General
Check archive.org
Download Go to
Full URL
http://t4ft.de/bk/?t=1497662684&ftgid=8rybymhWCfpBmZZK&ls[]=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&ls[]=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&x=aid%3D1400%26fcui%3Dmp-27729%26fcai%3D235459%26ffli%3D37737%26fpli%3D27729-235459-37737-7%26element%3D-ftg-auto%26scriptsframe%3D300x250&cb=ftgu_207956094
Requested by
Host: c.t4ft.de
URL: https://c.t4ft.de/c/ftg_t_v_bk.min.js
Protocol
HTTP/1.1
Server
46.20.32.78 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software
nginx/1.6.2, ws-0401 /
Resource Hash
56579541d85d16b28e835d06cb638f20b7b31a2b0940529d0d39a7917f61394e

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Cache-Control
no-store, must-revalidate
Server
nginx/1.6.2, ws-0401
Content-Length
104
Content-Type
text/javascript;charset=UTF-8
xbf.html
c.t4ft.de/s/ Frame 5422 		0
0
ach-bg-clr.png
i.r1-cdn.net/static/img/ Frame 5422 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.r1-cdn.net/static/img/ach-bg-clr.png
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
192.229.233.174 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D0) /
Resource Hash
fd13318cb9e45f3465f60e255a9c5a0378f2ffd2e46ec0f5e7ac905b7aab197e

Request headers

Referer
http://i.r1-cdn.net/static/css/r1oba.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Last-Modified
Thu, 08 Jun 2017 06:14:26 GMT
Server
ECS (fcn/41D0)
Etag
"5938eb42-4e3"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
1251
Expires
Sat, 17 Jun 2017 03:24:44 GMT
ach-lang-en.png
i.r1-cdn.net/static/img/ Frame 5422 		361 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.r1-cdn.net/static/img/ach-lang-en.png
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
192.229.233.174 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4058) /
Resource Hash
baa74d43570ffed830eb1b5e73557eaa52693c7ebb3b1b2a7b3a0d1809b2cb34

Request headers

Referer
http://i.r1-cdn.net/static/css/r1oba.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Last-Modified
Thu, 08 Jun 2017 06:14:26 GMT
Server
ECS (fcn/4058)
Etag
"5938eb42-169"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
361
Expires
Sat, 17 Jun 2017 03:24:44 GMT
ach-ico-small.png
i.r1-cdn.net/static/img/ Frame 5422 		270 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i.r1-cdn.net/static/img/ach-ico-small.png
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
192.229.233.174 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4190) /
Resource Hash
0135f2d7a7bf708615ec7f549dbaf39a3abcc4dd28863f1dc307ac73fcaa4596

Request headers

Referer
http://i.r1-cdn.net/static/css/r1oba.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Date
Sat, 17 Jun 2017 01:24:44 GMT
Last-Modified
Thu, 08 Jun 2017 06:14:26 GMT
Server
ECS (fcn/4190)
Etag
"5938eb42-10e"
X-Cache
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200, public
Accept-Ranges
bytes
Content-Length
270
Expires
Sat, 17 Jun 2017 03:24:44 GMT
p
b.scorecardresearch.com/ Frame 5422 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p?ns__t=1497662684396&ns__c=windows-1252&ns__p=1497662684337&c1=3&c3=_e0_57871&c4=599591&c5=1117382&c6=&c10=1&c11=143307&c13=&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_sv=5.1608.18&ns_ce_mod=vce_st&ns_ad_event=boot&ns_ad_boot=59&ns_ad_fpv=0&c8=&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.100.248.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-115.deploy.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT
p
b.scorecardresearch.com/ Frame 5422 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p?ns__t=1497662684408&ns__c=windows-1252&uid=8rybymhWCfpBmZZK-bsf&c1=3&c3=_e0_57871&c4=599591&c5=1117382&c10=1&c11=143307&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_mod=vce_st&ns__p=1497662684337&ax_cid=15284045&ns_ad_event=found&ns_ad_id=8rybymhWCfpBmZZK-bsf&ns_ad_sz=300x250&ns_ad_po=0x0&ns_ad_vsd=1600x1200&ns_ad_sd=1600x1200&ns_ad_vad=300x250&ns_ad_vap=425x467&ns_ad_vvd=1600x1200&ns_ad_vvp=0x85&ns_ad_vi=100&ns_type=hidden&ns_ad_pid=1497662684394&ax_mid=6991297462684394&ns_ad_vw=300x250&ns_ad_sc=0x0&ns_ad_sv=5.1608.18&ns_ad_tn=IFRAME&ns_ad_db=Chrome/59.0.3071|0|Linux%20x86_64|0|2|0|en-US|0|0|0|Google%20Inc.|0x0|0x0|-2|-1|50|-1|0|-1|10100000000010100000&ns_ad_ec=1&ns_ad_tb=85&ns_ad_ple=17,0,0,0,0,0&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c8=
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.100.248.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-115.deploy.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT
NewMoney_frs_300x250.js
secure.img-cdn.mediaplex.com/content/0/27729/235459/ Frame 5422
Redirect Chain
  • https://adfarm.mediaplex.com/ad/js/27729-235459-37737-7?mpu_token=AAAFujgHuQsxqwAFCY46AAAAAAA&mpt=1497662684124&pt=1117382&mpvc=http://rs.gwallet.com/r1/adclick/c599591T1117382B83224F90868R5S6b4848...
  • https://secure.img-cdn.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250.js?mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D10170152...
 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.img-cdn.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250.js?mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D101701524%26mpcrset%3Dexclude-hb-niedersachsen%26mpr%3D68773460&mpt=1497662684124&pt=1117382&mpqs=mpt%3D1497662684124%26pt%3D1117382&mpssl=1&mpvc=http://rs.gwallet.com/r1/adclick/c599591T1117382B83224F90868R5S6b48489203d/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.90 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-90.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
0af0af913f1987d05926bbae819e30ff20521f148f0dc35bbe271afb53cc0867

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2017 20:55:21 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1582
Expires
Sat, 17 Jun 2017 01:24:44 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:44 GMT
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV"
Location
https://secure.img-cdn.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250.js?mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D101701524%26mpcrset%3Dexclude-hb-niedersachsen%26mpr%3D68773460&mpt=1497662684124&pt=1117382&mpqs=mpt%3D1497662684124%26pt%3D1117382&mpssl=1&mpvc=http://rs.gwallet.com/r1/adclick/c599591T1117382B83224F90868R5S6b48489203d/_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c?
Cache-Control
no-store
Content-Length
0
Expires
0
index.html
img.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250/ Frame 5422 		0
0
p
b.scorecardresearch.com/ Frame 5422 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p?ns__t=1497662685403&ns__c=windows-1252&ns_ad_brt=25&c1=3&c3=_e1_57871&c4=599591&c5=1117382&c10=1&c11=143307&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_mod=vce_st&ns__p=1497662684337&ax_cid=15284045&ax_bl=0&ax_blt=204&ns_ad_id=8rybymhWCfpBmZZK-bsf&ns_ad_sz=300x250&ns_ad_po=0x0&ns_ad_vsd=1600x1200&ns_ad_sd=1600x1200&ns_ad_vad=300x250&ns_ad_vap=425x467&ns_ad_vvd=1600x1200&ns_ad_vvp=0x85&ns_ad_vi=100&ns_ad_event=qp1&ns_type=hidden&ns_ad_pid=1497662684394&ax_mid=6991297462684394&ns_ad_vw=300x250&ns_ad_sc=0x0&ns_ad_sv=5.1608.18&ns_ad_tn=IFRAME&ns_ad_db=Chrome/59.0.3071|0|Linux%20x86_64|0|2|0|en-US|0|0|0|Google%20Inc.|0x0|0x0|-2|-1|50|-1|0|-1|10100000000010100000&ns_ad_ec=2&ns_ad_tb=85&ax_vt=995&ns_ad_avt=995&ns_ad_ple=1011,0,0,0,0,995&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c8=
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.100.248.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-115.deploy.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:45 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT
p
b.scorecardresearch.com/ Frame 5422 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p?ns__t=1497662689407&ns__c=windows-1252&c1=3&c3=_e5_57871&c4=599591&c5=1117382&c10=1&c11=143307&c16=gen&ax_bid=AAABXLOm-6dBa5yeG5o7FA&c2=15284045&ax_iframe=1&ns_ce_mod=vce_st&ns__p=1497662684337&ax_cid=15284045&ax_bl=0&ax_blt=204&ns_ad_id=8rybymhWCfpBmZZK-bsf&ns_ad_sz=300x250&ns_ad_po=0x0&ns_ad_vsd=1600x1200&ns_ad_sd=1600x1200&ns_ad_vad=300x250&ns_ad_vap=425x467&ns_ad_vvd=1600x1200&ns_ad_vvp=0x85&ns_ad_vi=100&ns_ad_event=qp5&ns_type=hidden&ns_ad_pid=1497662684394&ax_mid=6991297462684394&ns_ad_vw=300x250&ns_ad_sc=0x0&ns_ad_sv=5.1608.18&ns_ad_tn=IFRAME&ns_ad_db=Chrome/59.0.3071|0|Linux%20x86_64|0|2|0|en-US|0|0|0|Google%20Inc.|0x0|0x0|-2|-1|50|-1|0|-1|10100000000010100000&ns_ad_ec=3&ns_ad_tb=85&ax_vt=4004&ns_ad_avt=4999&ns_ad_ple=5015,0,0,0,0,4003&c7=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c9=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk&c8=
Requested by
Host: kvpli.galeon.com
URL: http://kvpli.galeon.com/?fpygbhmk
Protocol
HTTP/1.1
Server
95.100.248.115 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a95-100-248-115.deploy.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://kvpli.galeon.com/?fpygbhmk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 17 Jun 2017 01:24:49 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/afs/ads?q=kvpli%20&r=m&fexp=21404%2C7000107&client=pub-9398897302597545&channel=6287501732&hl=es&type=0&oe=UTF-8&ie=UTF-8&jsei=3&format=w3&ad=w3&nocache=3471497662683432&num=0&output=uds_ads_only&v=3&adlh=on&bsl=10&u_his=2&u_tz=0&dt=1497662683433&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=774&frm=0&uio=uv3cs1sl0sr0lHaf3ff2st16sd14sv12da0-&jsv=10388&rurl=http%3A%2F%2Fkvpli.galeon.com%2F%3Ffpygbhmk
Domain
a.hspvst.com
URL
http://a.hspvst.com/delivery/afr.php?zoneid=24&source=hv_galeon_redirigir&e=999&cb=4757354665
Domain
acdn.adnxs.com
URL
http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Domain
tap-secure.rubiconproject.com
URL
https://tap-secure.rubiconproject.com/partner/scripts/rubicon/emily.html?pc=13258/76706&geo=eu&co=de
Domain
c.t4ft.de
URL
http://c.t4ft.de/s/xbf.html
Domain
img.mediaplex.com
URL
https://img.mediaplex.com/content/0/27729/235459/NewMoney_frs_300x250/index.html?mpt=1497662684124&pt=1117382&mpssl=1&mpck=adfarm.mediaplex.com%2Fad%2Fck%2F27729-235459-37737-7%3Fmpt%3D1497662684124%26pt%3D1117382%26mpcr%3D101701524%26mpcrset%3Dexclude-hb-niedersachsen%26mpr%3D68773460&mpvc=http%3A%2F%2Frs.gwallet.com%2Fr1%2Fadclick%2Fc599591T1117382B83224F90868R5S6b48489203d%2F_3auzbjhtd48e7ispekugy5y9rghobs69xody1we51kmppjqa6pic1m97c9cy5r91fdicipid718aio1joj6dj3n4mfc6mhyba7xgxkdui6nhkz3gp7ehzwg9u6s59e51495thzjbccd4wingue3ye3srfgkjjynn5igdda7ok9gqjd9wxr83ghubny4cf9ttqzhtxmdydwrh8u1bwfow1w6rtyxoe4i6b8iy81wztwae6os8r7umf4gb1p64u34r85o6ce7oq35d5bkgx3q4nebahrardtz1uunpune78p794je947m6t9pcb134sf6e9g3t7gz9bqe3c%3F

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Domain/Path Name / Value
.mediaplex.com/ Name: rts
Value: 1497662684523
.mediaplex.com/ Name: svid
Value: 412703921678266795
.t4ft.de/ Name: ftgnetid
Value: NDAxMTcwNjE3MDMyNDAwMTg0
.rubiconproject.com/ Name: csc2
Value:
.rubiconproject.com/ Name: ses15
Value: 76706^1
.rubiconproject.com/ Name: vis2
Value: 76706^1
a.hspvst.com/ Name: OASCCAP
Value: 751.1
.galeon.com/ Name: _gat
Value: 1
.rubiconproject.com/ Name: csi2
Value:
.adnxs.com/ Name: uuid2
Value: 6991128536239446153
a.hspvst.com/ Name: OACBLOCK
Value: 751.1497662669
.rubiconproject.com/ Name: khaos
Value: J40LOZEU-P-H7DY
.rubiconproject.com/ Name: rdk2
Value: 0
.rubiconproject.com/ Name: rdk
Value: 13258/76706
.adnxs.com/ Name: anj
Value: dTM7k!M4/8DYRWSF']wIg2GTyswgL[!]tbPB*SQLOsH`E.g3VsM2fIf
.galeon.com/ Name: _gid
Value: GA1.2.1118233339.1497662684
.kvpli.galeon.com/ Name: __PPU_BACKCLCK_11341
Value: true
kvpli.galeon.com/ Name:
Value: __test
.adnxs.com/ Name: sess
Value: 1
.rubiconproject.com/ Name: vis15
Value: 76706^1
.rubiconproject.com/ Name: rsid
Value: DsuWSiL5uMdJFeznfENNwaZbP5mY0DNvptDUA3ThqHQWXoehOHP+SZpge+E4msdf09hVox97znvIHIgvGLlpPLtY/4M8JyTAZsaZtvq+AO1fNYBh4l+EWjJIwylno2WtTOLlOMkADcEbtAjk5G24
.rubiconproject.com/ Name: csi15
Value:
.mediaplex.com/ Name: mojo3
Value: 27729:37737
.rubiconproject.com/ Name: csc15
Value:
.adnxs.com/ Name: icu
Value: ChIIiP8HEAoYASABKAEw3omSygUQ3omSygUYAA..
.galeon.com/ Name: _ga
Value: GA1.2.118444592.1497662684
.rubiconproject.com/ Name: ses2
Value:
.rubiconproject.com/ Name: rdk15
Value: 0
a.hspvst.com/ Name: OAID
Value: 5a43decfd1865534580b9a84aa1a908c
.rubiconproject.com/ Name: ruid
Value: 566e90b0594484dc94fb2daa12082a^1^1497662684^3162227865

3 Console Messages

Source Level URL
Text
console-api log (Line 34)
Message:
OK
console-api log (Line 34)
Message:
OK
console-api log (Line 46)
Message:
NO-R-AD

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.hspvst.com
a.scorecardresearch.com
acdn.adnxs.com
ads.rubiconproject.com
b.scorecardresearch.com
beacon-eu2.rubiconproject.com
c.t4ft.de
cdn-tags.mmondi.com
gum.criteo.com
i.r1-cdn.net
ib.adnxs.com
img.mediaplex.com
kvpli.galeon.com
onclickads.net
optimized-by.rubiconproject.com
rs.gwallet.com
sb.voicefive.com
secure.img-cdn.mediaplex.com
t4ft.de
tap-secure.rubiconproject.com
www.galeon.com
www.google-analytics.com
www.google.com
a.hspvst.com
acdn.adnxs.com
c.t4ft.de
img.mediaplex.com
tap-secure.rubiconproject.com
www.google.com
149.12.64.157
149.36.225.12
178.250.0.67
185.33.223.210
192.229.233.174
205.217.176.16
206.54.163.4
208.146.36.221
2a00:1450:4001:819::200e
2a00:1450:401b:801::2004
2a01:4f8:120:53ef::2
46.20.32.78
52.84.74.73
62.67.193.33
62.67.193.41
62.67.193.61
95.100.185.90
95.100.248.115
95.101.245.163
95.101.248.119
011d3460efcd8aa2bb0c34d9887f82ad23656cc4156859957aa56b32ff4bc7c1
0135f2d7a7bf708615ec7f549dbaf39a3abcc4dd28863f1dc307ac73fcaa4596
02e807ab04ea34d1401108e6eef8ff47e9a1edbe4f712fb190e3e73a338af669
03cf99445c667db30ace1ba5c37d5d5378ab99108d263a472aa4d72d96a0a4d9
07483f8ea391031b60ccea134cf2b97dc8ce25f3f4c8045a5d9ace1922bf7aff
0af0af913f1987d05926bbae819e30ff20521f148f0dc35bbe271afb53cc0867
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28782d31c7ae5d60a7d407a6dfc1022693fbe392b6663b36d962846f88a9eb6c
44e7e133d02e3fbfd1f7e07bca9574dfc8eabbdb0438661fa0546d736cc8589d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56579541d85d16b28e835d06cb638f20b7b31a2b0940529d0d39a7917f61394e
59a62619b0fd24d857d293297035caac512cbbbf0c049a12b783116e453bd923
5a3db99b95fd5dc869567b1c7ee595bbe7826dc05ae297c2ba946dfca1539368
6677fe066a5ccb2638eeffd0a6732856d37ee73eda52b4d965329883390bcd9c
668c8a6e0df450b4fd257c0dc2a4ddabcd2dc5b71418376eb71a489316d802b8
670a2a25ef3c85490b3dff8f493bcc58f9afe1d7ea0fb131a4d24e0ada6da5f5
6b57deb888ccdcec05ec12363f48260cee95d58f6c05c5a0d9219c56b4baf5a2
70a27203193e88176fadf433dbd36fd8edeab2d0b7a477315c969e86ff405dad
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
787d35c16ecb5ac038f55e4bbc85b493a6b2a622ea4b87b03035a5d805669f4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852cda9da8c359fbea4e2c1acc3559899cf8c8279f91c438900d9f9ae91ba830
8a61cb5549034da1fde808d694e68faaca15a7a5c2592b5db9148e5e153d1976
8ec08d3e5d41adb51b3c72eac43d2d2d695f2695565cd62e8695da7c774cf746
8fe7f522910bea0387674ed9854c7fde2a11c422d1d74b5411561969dfe8e3c0
96415672f1f6453e510c31343a1c8c160f6d91a716c7d002b9974d79cc58665d
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b267cf7bcfcee336666a675c4269ebaf29cae52f55d0e976137f22905f969f5f
baa74d43570ffed830eb1b5e73557eaa52693c7ebb3b1b2a7b3a0d1809b2cb34
bec6c76a52f530a5b0d6b0348f2febab34a5ec8f649a09daa82553b7fb317951
d3aaf7e63e926194a01aecf2d060863ef2ef82d7108cc4cda8bc3662193ff081
de974bc9b01f85e2a382085de9aa502fe43d3c02cea9cf2d94e95b04877e602e
e3831c0d9ca557daa9a9c39b41610caf7c362f8ecad937ca074b136658664c0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e805922525be72d8cb6871f7af032b03fce78bc447e7e18078369f3c8b60ab79
f544eb24ba39a8a51ed71b8cf805478e59b8e213954df1e064c85de51af8bf01
fd13318cb9e45f3465f60e255a9c5a0378f2ffd2e46ec0f5e7ac905b7aab197e
fe4c7609eb24f6d18382bc24e1615a68dd1ee01bcb9a593fde99930d2f0959cc