urlscan.io logo urlscan.io
SecurityTrails logo

ezsearcher.com Open in urlscan Pro
158.69.125.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ww3.capitalonwe360.com/
Effective URL: https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Submission: On August 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 11 domains to perform 17 HTTP transactions. The main IP is 158.69.125.9, located in Montreal, Canada and belongs to OVH, FR. The main domain is ezsearcher.com.
TLS certificate: Issued by R3 on July 17th 2021. Valid for: 3 months.
This is the only time ezsearcher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.91 60781 (LEASEWEB-...)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 1 2a05:d014:286... 16509 (AMAZON-02)
1 5 52.30.3.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.193.209.105 16509 (AMAZON-02)
2 158.69.125.9 16276 (OVH)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:3::444 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
17 7
2    212.32.237.91 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ww3.capitalonwe360.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p185689.mybetterdl.com
1    2a05:d014:286:3502:280f:5c03:88aa:6d81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cvp1a.bemobtrk.com
5    52.30.3.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-3-103.eu-west-1.compute.amazonaws.com
topscore.info
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3035::6815:9a4 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.lookbox.net
1    18.193.209.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
searchada.com
2    158.69.125.9 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns521759.ip-158-69-125.net
ezsearcher.com
6    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
2    2a04:4e42:3::444 (United States)

ASN54113 (FASTLY, US)
production-cmp.isgprivacy.cbsi.com
1    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
Domain Requested by
6 cdn.cookielaw.org ezsearcher.com
cdn.cookielaw.org
5 topscore.info 1 redirects ww3.capitalonwe360.com
topscore.info
2 production-cmp.isgprivacy.cbsi.com ezsearcher.com
production-cmp.isgprivacy.cbsi.com
2 ezsearcher.com ezsearcher.com
2 ww3.capitalonwe360.com 1 redirects
1 geolocation.onetrust.com cdn.cookielaw.org
1 searchada.com 1 redirects
1 feed.lookbox.net 1 redirects
1 ajax.googleapis.com topscore.info
1 cvp1a.bemobtrk.com 1 redirects
1 p185689.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
17 12
Subject Issuer Validity Valid
topscore.info
Amazon		 2021-06-02 -
2022-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
ezsearcher.com
R3		 2021-07-17 -
2021-10-15		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.isgprivacy.cbsi.com
DigiCert SHA2 High Assurance Server CA		 2019-10-07 -
2021-10-14		 2 years crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Frame ID: D6BC506029711753BD0E6400DC265B88
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ezsearcher | Tous les résultats dont vous avez besoin! Tout en un!Back ButtonFilter Button

Page URL History Show full URLs

  1. http://ww3.capitalonwe360.com/ Page URL
  2. http://ww3.capitalonwe360.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMDI... HTTP 302
    https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGuSRnWLnEbbV48uDhK_8R6jFgBGZRtr_F9137SliQBO_i9wp3zLH... HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkNKId4yj9-6uC1-SEJ7nq1qMB9IRL_0u3... HTTP 302
    https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.0015&subid=86928112467&source=... HTTP 302
    https://topscore.info/s240.php?ts=sa&in=bank&ln=DE HTTP 302
    https://topscore.info/ Page URL
  3. https://feed.lookbox.net/s240/?q=bank HTTP 302
    https://searchada.com/e22452b8-a9a4-4484-a352-42a7e1866e6e?chname=mw_DE_2569&q=bank HTTP 302
    https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

94 %
HTTPS

55 %
IPv6

11
Domains

12
Subdomains

7
IPs

5
Countries

556 kB
Transfer

1279 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ww3.capitalonwe360.com/ Page URL
  2. http://ww3.capitalonwe360.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMDI5NzI5MywiaWF0IjoxNjMwMjkwMDkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWZ2OGN2NG0yaXFlb2xmcnMwYnNsbzgiLCJuYmYiOjE2MzAyOTAwOTMsInRzIjoxNjMwMjkwMDkzODQ4NjE5fQ.0BOTqKrc4Gihin90JEbQQRqKXtPyczGVHX3coEGdpPY&sid=fea5cc8c-0938-11ec-a4ea-0fffa4f79f9e HTTP 302
    https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGuSRnWLnEbbV48uDhK_8R6jFgBGZRtr_F9137SliQBO_i9wp3zLHG-QT77-fedzUaupbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlwlZyu13F1lkz9idYhbCxjOkzswGSpeeM7AtnQ_vwjMT0Srv5YRcejTnV9X_4BI9XZev2YTh8ZzQoCdXWwpnyxLktciVtCii9W7WFD8Lv8FowiiYJuLIi_OuvB-vFDNIDSTPkvX8Xr1oV6uFTaO9xrA_3-LqYoPgrrTWksMtVf5KRxw5-OlHbFwpt4VAEb0Jw5emUieBpA4Yko2mr5FEfpQZcr1kHLlZU0sGmqaH5T2lojCADBTSHQHB4L6mNmK8rMxIE__zOTRw6rZhinaNLAVaOsN35mxFCW_9tFNANmYDsIIw77mkf7NceDysNOEoaLZOAWcIuwz4Dwhxp0WlLCaP6qdGUGtoKSy5f4iC97tu3f5HtL8CxVnlH265Xj7dT52XiRbcJ_VohVYdMXVUK5uAY9i5S3ZygyGM2BUMhqKH7nrsMkiTzGjgkvBJTtj3RSQrPOb784G-UEZuLfdG2Jq2Z6S2krp7DamwtnWAoS7yRO4TPO9iX5ndw4ehBmqtY0nNt0zMUckmIxuwgC1j5LWbFPLIKTR2MpmleSUIwL5DzedfOvd5PgLoDCi1JTaD4M2zEVaqugSHARTch5GAv3Z6SZMy0wCdR0Qh6aAkig6AvY-q0U0OU36b-1M0WdJ_AzplkdXQIx0tdZ2r09scyE7TPFgKG4fX2DywRt-aaI2Xry1pnEys26CBgJvME5S689FmS-ROi6DJ_I5F6iVIE_Rwv5OhuYFeV2cLhiKBNNxT305nFpuG3jRkFVxvSZh22a27BQlqNmV9pQj6BDyO4meEHNWPtB-uqf3xGM46HgVl77Se59BHxG2Pyx1ECqzbNcmfO-BtzqwYYBbCyM3ivcWXZlsTVVAXyZaFqrOhLWvDqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL6Y67z-BLKjg9GDKnlp02ecbUuoTlwHUgpyzD4EzHFbWx8DdLBprAVUh6s0pPikYO6m9jz3k3JaI15j8meyi4Gvss5LeeC9SYiPM9YV_o4drZUBGVM3uuEoOCQefsEKlXXDmApL_E0jfTs-ylLhx7khGz3q-Dq26s7F54JeKebuaylpqcAKMB5XXCJErnCubpItlfNlN19HQenBFNFQY1zhDZ92k24ldDkP5B8gI5mYZszaX3cCYhPtingtw_af89mITefK3eay0W7gCMO8dl0XhctAWZ8xTGx5JFUSkOU1jJe1dYm1naKuw8cpXI2mmU297hI7M3pZTmHvhTyyqHlZcfx0th3Q4ka6wB-D-_0rZg2NPUhiFMKPXD3jc2M_4kQCa13IOrgMvSnorgnOaXCcIjrS6pb9RJoETAFOZHDR0p_-7hOFiCZ3QXNX8cPibr8jWuZJDAyPM_GxzBACU18p6Se1gT8gCoWKeC3D9p_z2_jEPImVJRuGF31FfBGgbOMHWiUSVNSNZgZaLPTypAJqdTCPjgqjZbKkWpz4StF2PhCcIiriXVPnmhMG-gyZw9N0Azp-j8QGh HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkNKId4yj9-6uC1-SEJ7nq1qMB9IRL_0u3HW2jeeXDWaXou5kiqP6-Z4kapEgRI5DzYQ9s97gqrhy0BqITYnXK5rkZJI3XSw2-4XtoBvh6spcW4HYoIrnriOfwAZuUDUDVs9LCz5E8ciHT2L9NFyVXF5iywX2g3O_fvfybbl3tJOabM7TR-A6o2JCz4YFVcjwPnIEHKcLUgypq0GqzgwerNU3ZpGUKqgW1NcPeNzYz_iRhRbDqj_b79p_qCYvh_QGQ0Do3zwFJBydWMA4EVux_LWYmDeCfFxDISZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYh6z1Tqt2T-cEnKkUZaXfZxrgl-x4DLl9FZZJCxAdeOqU&ui=u6geJV4sLGuSRnWLnEbbV_bWwvziNp_1xLgNeF8Zj-g5X7FYAku9AJBDaW7UQVacJXbs93-ih1_OoNAN1SYVcMA9cBTx3yBaSR_bHAYWgto8_JrXHSBHdA&si=1&oref=deaff081e039a8ff34ae0d9700a0283d&optunit=o3PohfWRZSSCSxrmI099HNsQi3LD6Kuu&rb=E_wIT8ExFlY&rr=4&abtg=0 HTTP 302
    https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.0015&subid=86928112467&source=431617637&campaignkeyword=bank&keyword=capitalone+RO+checking+account+Finance+commercial+bank+ebanking+RO+checking+account+Finance+commercial+bank+ebanking&geo=FR&campaignname=FRANCIA+SENZA+RELATED&device=Desktop&os=Windows+10&browser=Chrome+92&carrier=UNKNOWN HTTP 302
    https://topscore.info/s240.php?ts=sa&in=bank&ln=DE HTTP 302
    https://topscore.info/ Page URL
  3. https://feed.lookbox.net/s240/?q=bank HTTP 302
    https://searchada.com/e22452b8-a9a4-4484-a352-42a7e1866e6e?chname=mw_DE_2569&q=bank HTTP 302
    https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ww3.capitalonwe360.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMDI5NzI5MywiaWF0IjoxNjMwMjkwMDkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWZ2OGN2NG0yaXFlb2xmcnMwYnNsbzgiLCJuYmYiOjE2MzAyOTAwOTMsInRzIjoxNjMwMjkwMDkzODQ4NjE5fQ.0BOTqKrc4Gihin90JEbQQRqKXtPyczGVHX3coEGdpPY&sid=fea5cc8c-0938-11ec-a4ea-0fffa4f79f9e HTTP 302
  • https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGuSRnWLnEbbV48uDhK_8R6jFgBGZRtr_F9137SliQBO_i9wp3zLHG-QT77-fedzUaupbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlwlZyu13F1lkz9idYhbCxjOkzswGSpeeM7AtnQ_vwjMT0Srv5YRcejTnV9X_4BI9XZev2YTh8ZzQoCdXWwpnyxLktciVtCii9W7WFD8Lv8FowiiYJuLIi_OuvB-vFDNIDSTPkvX8Xr1oV6uFTaO9xrA_3-LqYoPgrrTWksMtVf5KRxw5-OlHbFwpt4VAEb0Jw5emUieBpA4Yko2mr5FEfpQZcr1kHLlZU0sGmqaH5T2lojCADBTSHQHB4L6mNmK8rMxIE__zOTRw6rZhinaNLAVaOsN35mxFCW_9tFNANmYDsIIw77mkf7NceDysNOEoaLZOAWcIuwz4Dwhxp0WlLCaP6qdGUGtoKSy5f4iC97tu3f5HtL8CxVnlH265Xj7dT52XiRbcJ_VohVYdMXVUK5uAY9i5S3ZygyGM2BUMhqKH7nrsMkiTzGjgkvBJTtj3RSQrPOb784G-UEZuLfdG2Jq2Z6S2krp7DamwtnWAoS7yRO4TPO9iX5ndw4ehBmqtY0nNt0zMUckmIxuwgC1j5LWbFPLIKTR2MpmleSUIwL5DzedfOvd5PgLoDCi1JTaD4M2zEVaqugSHARTch5GAv3Z6SZMy0wCdR0Qh6aAkig6AvY-q0U0OU36b-1M0WdJ_AzplkdXQIx0tdZ2r09scyE7TPFgKG4fX2DywRt-aaI2Xry1pnEys26CBgJvME5S689FmS-ROi6DJ_I5F6iVIE_Rwv5OhuYFeV2cLhiKBNNxT305nFpuG3jRkFVxvSZh22a27BQlqNmV9pQj6BDyO4meEHNWPtB-uqf3xGM46HgVl77Se59BHxG2Pyx1ECqzbNcmfO-BtzqwYYBbCyM3ivcWXZlsTVVAXyZaFqrOhLWvDqgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL6Y67z-BLKjg9GDKnlp02ecbUuoTlwHUgpyzD4EzHFbWx8DdLBprAVUh6s0pPikYO6m9jz3k3JaI15j8meyi4Gvss5LeeC9SYiPM9YV_o4drZUBGVM3uuEoOCQefsEKlXXDmApL_E0jfTs-ylLhx7khGz3q-Dq26s7F54JeKebuaylpqcAKMB5XXCJErnCubpItlfNlN19HQenBFNFQY1zhDZ92k24ldDkP5B8gI5mYZszaX3cCYhPtingtw_af89mITefK3eay0W7gCMO8dl0XhctAWZ8xTGx5JFUSkOU1jJe1dYm1naKuw8cpXI2mmU297hI7M3pZTmHvhTyyqHlZcfx0th3Q4ka6wB-D-_0rZg2NPUhiFMKPXD3jc2M_4kQCa13IOrgMvSnorgnOaXCcIjrS6pb9RJoETAFOZHDR0p_-7hOFiCZ3QXNX8cPibr8jWuZJDAyPM_GxzBACU18p6Se1gT8gCoWKeC3D9p_z2_jEPImVJRuGF31FfBGgbOMHWiUSVNSNZgZaLPTypAJqdTCPjgqjZbKkWpz4StF2PhCcIiriXVPnmhMG-gyZw9N0Azp-j8QGh HTTP 302
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkNKId4yj9-6uC1-SEJ7nq1qMB9IRL_0u3HW2jeeXDWaXou5kiqP6-Z4kapEgRI5DzYQ9s97gqrhy0BqITYnXK5rkZJI3XSw2-4XtoBvh6spcW4HYoIrnriOfwAZuUDUDVs9LCz5E8ciHT2L9NFyVXF5iywX2g3O_fvfybbl3tJOabM7TR-A6o2JCz4YFVcjwPnIEHKcLUgypq0GqzgwerNU3ZpGUKqgW1NcPeNzYz_iRhRbDqj_b79p_qCYvh_QGQ0Do3zwFJBydWMA4EVux_LWYmDeCfFxDISZggkaL9NJRZN_F-zUlvRWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxH-1_GqjSgzASAlEMfER0v1BbsozkC8-D-BybpyqSvYh6z1Tqt2T-cEnKkUZaXfZxrgl-x4DLl9FZZJCxAdeOqU&ui=u6geJV4sLGuSRnWLnEbbV_bWwvziNp_1xLgNeF8Zj-g5X7FYAku9AJBDaW7UQVacJXbs93-ih1_OoNAN1SYVcMA9cBTx3yBaSR_bHAYWgto8_JrXHSBHdA&si=1&oref=deaff081e039a8ff34ae0d9700a0283d&optunit=o3PohfWRZSSCSxrmI099HNsQi3LD6Kuu&rb=E_wIT8ExFlY&rr=4&abtg=0 HTTP 302
  • https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.0015&subid=86928112467&source=431617637&campaignkeyword=bank&keyword=capitalone+RO+checking+account+Finance+commercial+bank+ebanking+RO+checking+account+Finance+commercial+bank+ebanking&geo=FR&campaignname=FRANCIA+SENZA+RELATED&device=Desktop&os=Windows+10&browser=Chrome+92&carrier=UNKNOWN HTTP 302
  • https://topscore.info/s240.php?ts=sa&in=bank&ln=DE HTTP 302
  • https://topscore.info/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ww3.capitalonwe360.com/ 		478 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ww3.capitalonwe360.com/
Protocol
HTTP/1.1
Server
212.32.237.91 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
2db7c9b8e2b2fa5c3fa8efd675d2e16d2efa4c9426f2a0e9c6ddfa96291259c1

Request headers

Host
ww3.capitalonwe360.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
478
content-type
text/html; charset=utf-8
date
Mon, 30 Aug 2021 02:21:33 GMT
server
nginx
set-cookie
sid=fea5cc8c-0938-11ec-a4ea-0fffa4f79f9e; path=/; domain=.capitalonwe360.com; expires=Sat, 17 Sep 2089 05:35:40 GMT; max-age=2147483647; HttpOnly
/
topscore.info/
Redirect Chain
  • http://ww3.capitalonwe360.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzMDI5NzI5MywiaWF0IjoxNjMwMjkwMDkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWZ2OGN2NG0yaXFlb2xmcn...
  • https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGuSRnWLnEbbV48uDhK_8R6jFgBGZRtr_F9137SliQBO_i9wp3zLHG-QT77-fedzUaupbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V...
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkNKId4yj9-6uC1-SEJ7nq1qMB9IRL_0u3HW2jeeXDWaXou5kiqP6-Z4kapEgRI5DzYQ9s97gqrhy0BqITYnXK5rkZJI3XSw2-4XtoBvh6spcW4HYoIrnriOfwAZ...
  • https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.0015&subid=86928112467&source=431617637&campaignkeyword=bank&keyword=capitalone+RO+checking+account+Finance+commercial+bank+...
  • https://topscore.info/s240.php?ts=sa&in=bank&ln=DE
  • https://topscore.info/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://topscore.info/
Requested by
Host: ww3.capitalonwe360.com
URL: http://ww3.capitalonwe360.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-3-103.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d45e1b3bcd5a995f016d96f2c102a79ef61a919c02c038aa5f1b8763c67e5054

Request headers

:method
GET
:authority
topscore.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://ww3.capitalonwe360.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=z+Do3m1SwI1yj7wYsM9QxzVW0S7ofx3mI6Ko5s4/aAahwN6UvLlvCdu8RuWr8ap2PrmQJXLLlrHUfgfKhnFRlzP/5pky7+gXKacaZZqZp6o/NpdvZQLXJ9dthycI; AWSALBCORS=z+Do3m1SwI1yj7wYsM9QxzVW0S7ofx3mI6Ko5s4/aAahwN6UvLlvCdu8RuWr8ap2PrmQJXLLlrHUfgfKhnFRlzP/5pky7+gXKacaZZqZp6o/NpdvZQLXJ9dthycI; PHPSESSID=d3821qguk9bttmugqtuk9bhecj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://ww3.capitalonwe360.com/

Response headers

date
Mon, 30 Aug 2021 02:21:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/ AWSALBCORS=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/; SameSite=None; Secure
server
nginx/1.20.0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache

Redirect headers

date
Mon, 30 Aug 2021 02:21:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=z+Do3m1SwI1yj7wYsM9QxzVW0S7ofx3mI6Ko5s4/aAahwN6UvLlvCdu8RuWr8ap2PrmQJXLLlrHUfgfKhnFRlzP/5pky7+gXKacaZZqZp6o/NpdvZQLXJ9dthycI; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/ AWSALBCORS=z+Do3m1SwI1yj7wYsM9QxzVW0S7ofx3mI6Ko5s4/aAahwN6UvLlvCdu8RuWr8ap2PrmQJXLLlrHUfgfKhnFRlzP/5pky7+gXKacaZZqZp6o/NpdvZQLXJ9dthycI; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/; SameSite=None; Secure PHPSESSID=d3821qguk9bttmugqtuk9bhecj; path=/
server
nginx/1.20.0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
/
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Aug 2022 13:24:01 GMT
topscore.png
topscore.info/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topscore.info/topscore.png
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-3-103.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

:path
/topscore.png
pragma
no-cache
cookie
PHPSESSID=d3821qguk9bttmugqtuk9bhecj; AWSALB=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp; AWSALBCORS=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
topscore.info
referer
https://topscore.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:36 GMT
last-modified
Thu, 24 Jun 2021 11:03:44 GMT
server
nginx/1.20.0
etag
"60d46690-6fb4"
content-type
image/png
set-cookie
AWSALB=kG4Hl7gRcvHFlZnwjQzDbMwuzjtwCEFbEnMrJjoEe77X26kE/mmGymLz8UpPdANRYfy3v+cBqeUkQ6m5at2VZJI9SXI6+wFeRlK7eM2zOo3XrD1xKylNzpwFqlfN; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/ AWSALBCORS=kG4Hl7gRcvHFlZnwjQzDbMwuzjtwCEFbEnMrJjoEe77X26kE/mmGymLz8UpPdANRYfy3v+cBqeUkQ6m5at2VZJI9SXI6+wFeRlK7eM2zOo3XrD1xKylNzpwFqlfN; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
28596
feel.jpg
topscore.info/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topscore.info/feel.jpg
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-3-103.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

:path
/feel.jpg
pragma
no-cache
cookie
PHPSESSID=d3821qguk9bttmugqtuk9bhecj; AWSALB=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp; AWSALBCORS=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
topscore.info
referer
https://topscore.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:36 GMT
last-modified
Thu, 24 Jun 2021 11:03:42 GMT
server
nginx/1.20.0
etag
"60d4668e-32dab"
content-type
image/jpeg
set-cookie
AWSALB=0H0U0fmACq8b3uvpGUoXqwLGnQO4fZ3vp4B2wn5htxcNep8SwhsSfVueFrHEYFwbDbigqvhp92RQ+4cuUJajINL2tARIMfL/DzYWfpsrehvK4E9v98xjupqxBSvP; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/ AWSALBCORS=0H0U0fmACq8b3uvpGUoXqwLGnQO4fZ3vp4B2wn5htxcNep8SwhsSfVueFrHEYFwbDbigqvhp92RQ+4cuUJajINL2tARIMfL/DzYWfpsrehvK4E9v98xjupqxBSvP; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
208299
banner.jpg
topscore.info/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topscore.info/banner.jpg
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.3.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-3-103.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

:path
/banner.jpg
pragma
no-cache
cookie
PHPSESSID=d3821qguk9bttmugqtuk9bhecj; AWSALB=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp; AWSALBCORS=D+Z/Ja6p25KB2uNCV7MPc3LAjZbhkKJVtfj1uKJO7Le2jWCmEclVz23lBoMZedOZ2+tHe9rJ7FWFKUPRBrJsYUoHuSTfvRz910OWohgq+hsOZ30FKPS/XU5daiIp
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
topscore.info
referer
https://topscore.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:36 GMT
last-modified
Thu, 24 Jun 2021 11:03:42 GMT
server
nginx/1.20.0
etag
"60d4668e-8544"
content-type
image/jpeg
set-cookie
AWSALB=NJ74MmG9x1e1HjJdtytoHIM7KhiExqc2SMtldkKah/VbqX73UcPO9dcbmqFXcLubAoTs5R+txSmCog669EeWFzEU7DuKA81Ph8W5QASYnCiipFadQ/3BhlUFhE48; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/ AWSALBCORS=NJ74MmG9x1e1HjJdtytoHIM7KhiExqc2SMtldkKah/VbqX73UcPO9dcbmqFXcLubAoTs5R+txSmCog669EeWFzEU7DuKA81Ph8W5QASYnCiipFadQ/3BhlUFhE48; Expires=Mon, 06 Sep 2021 02:21:36 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
34116
Primary Request seek
ezsearcher.com/fr/
Redirect Chain
  • https://feed.lookbox.net/s240/?q=bank
  • https://searchada.com/e22452b8-a9a4-4484-a352-42a7e1866e6e?chname=mw_DE_2569&q=bank
  • https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.69.125.9 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns521759.ip-158-69-125.net
Software
nginx/1.14.0 (Ubuntu) / PHP/7.4.21
Resource Hash
bbb30e099e44c0dc796d3414e1fda40bc1016cdb92e832a81f4241d5bbef7211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ezsearcher.com
:scheme
https
:path
/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://topscore.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://topscore.info/

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Mon, 30 Aug 2021 02:21:37 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.21
set-cookie
PHPSESSID=cec0d13a57aadbe430589464186f8697; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
processedon
s18
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 30 Aug 2021 02:21:36 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Pragma
no-cache
Set-Cookie
e22452b8-a9a4-4484-a352-42a7e1866e6e-v4=JniaYKUSTGM1unOh-7Gvom812cVStfB4bp909fPSBsM; Max-Age=86400; Expires=Tue, 31-Aug-2021 02:21:36 GMT; Domain=searchada.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=0EI6xfww7v4eHwC2vlzYijX6GHppz9WN7rKJDXINglJ%2FBBISAs7tN6Ni6tht%2FQhtRr9SLfcyNyL2EwEZhK6qOCOR2ca5YgmXa1zpixwW3EpegusmXFyB1AYRpVAFU78oCwILCfuYZSYdEEfib%2BWV0w%3D%3D; Max-Age=31536000; Expires=Tue, 30-Aug-2022 02:21:36 GMT; Domain=searchada.com; Path=/; Secure; HttpOnly;SameSite=None
DefaultLayout.css
ezsearcher.com/v2common/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ezsearcher.com/v2common/css/DefaultLayout.css
Requested by
Host: ezsearcher.com
URL: https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.69.125.9 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns521759.ip-158-69-125.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
51ef6ec8fcc981bf8a47e6d7dcee8b654f8d5536379084a60bdd75dc9df7e229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/v2common/css/DefaultLayout.css
pragma
no-cache
cookie
PHPSESSID=cec0d13a57aadbe430589464186f8697
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ezsearcher.com
referer
https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Jul 2021 11:11:08 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60e58bcc-5b11"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
23313
x-xss-protection
1; mode=block
expires
Mon, 30 Aug 2021 03:21:37 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: ezsearcher.com
URL: https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Aug 2021 02:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BC5xsXKGgJbQbCzkLNvwBQ==
age
1927847
vary
Accept-Encoding
content-length
6328
x-ms-lease-status
unlocked
last-modified
Wed, 04 Aug 2021 01:49:58 GMT
server
cloudflare
etag
0x8D956EA2A6E73F4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
686a8bf69b9842db-FRA
optanon-v1.1.0.js
production-cmp.isgprivacy.cbsi.com/dist/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js
Requested by
Host: ezsearcher.com
URL: https://ezsearcher.com/fr/seek?src=39&q=bank&qsrc=0&clickid=wfdbq4983nhria4a2773mbbs&campname=05af389dc8&rangeBlockId=39
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1291d14a49e29d75ec6a0185fb35ac27a1eedd7e29765f5aa98999258b610e88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
via
1.1 varnish
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:1c942017-c2f5-4c9f-b058-aaa117e73d2e
x-cache
HIT
x-cache-hits
7
vary
Accept-Encoding
content-length
10495
x-xss-protection
1; mode=block
x-served-by
cache-fra19127-FRA
last-modified
Thu, 01 Jul 2021 12:50:37 GMT
x-timer
S1630290098.733627,VS0,VE0
x-frame-options
SAMEORIGIN
etag
"8389bf4c7b231f335fbc6c78e895012b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
accept-ranges
bytes
x-amz-id-2
WhgT5Rz8GuAnucSrRFYPvvC9rXjNsgiyjBwoKpyj8zCz9SQuVhq4gFGLBGt3ZgVHdPQEszgyVSE=
c12f76f6-d9fc-428d-9bc4-511fec9e2f05.json
cdn.cookielaw.org/consent/c12f76f6-d9fc-428d-9bc4-511fec9e2f05/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c12f76f6-d9fc-428d-9bc4-511fec9e2f05/c12f76f6-d9fc-428d-9bc4-511fec9e2f05.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d96636a041fafef046f5ac11b2c8a1101adeb0274de6302663ffe1e5e902a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
mPtYNceDWE4kUnAoOBIxJg==
age
912
vary
Accept-Encoding
content-length
1409
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jul 2021 18:08:27 GMT
server
cloudflare
etag
0x8D946F26125873B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4e406578-101e-0049-3288-98eb86000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
686a8bf9082c05d8-FRA
shamanNotifier.js
production-cmp.isgprivacy.cbsi.com/cps/ 		338 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js
Requested by
Host: production-cmp.isgprivacy.cbsi.com
URL: https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::444 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8a0cf84208d7d722fcbb1cade2a395e4226a962163b7f2c10d105d36d36e61b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2728
via
1.1 varnish
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:e89d47e1-3e60-4205-b8a6-b58f0b1ee25c
x-cache
HIT
x-cache-hits
23
vary
Accept-Encoding
content-length
96774
x-xss-protection
1; mode=block
x-served-by
cache-fra19127-FRA
last-modified
Tue, 03 Aug 2021 18:07:35 GMT
x-timer
S1630290098.210696,VS0,VE0
x-frame-options
SAMEORIGIN
etag
"1ac36c3d0ce4546346412c3e74879e0d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
accept-ranges
bytes
x-amz-id-2
wTl7gws8ShqRpc3QjNb0mNfOWjlN88QA7yIfPkm/U6+6iIHuRoCfPYB7imJMDiIGoUzAi5/skms=
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		164 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
686a8bf9db2697b4-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.20.0/ 		376 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jOOTzA5W9ewbfwCUPpt/mw==
age
5500241
vary
Accept-Encoding
content-length
86053
x-ms-lease-status
unlocked
last-modified
Thu, 24 Jun 2021 12:22:20 GMT
server
cloudflare
etag
0x8D9370AB6896F5E
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1e85a95a-b01e-0126-433f-6b0507000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
686a8bfa182e42db-FRA
expires
Tue, 07 Sep 2021 02:21:38 GMT
en.json
cdn.cookielaw.org/consent/c12f76f6-d9fc-428d-9bc4-511fec9e2f05/a2260264-ee77-4cd3-8a97-ced093ac8b87/ 		34 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c12f76f6-d9fc-428d-9bc4-511fec9e2f05/a2260264-ee77-4cd3-8a97-ced093ac8b87/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ddca434667393cfce98aad4b51288c4f5b89947edfc6e99550f941bf9a3650c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
gL293IkItbDoPUO6FehcXA==
age
1927747
vary
Accept-Encoding
content-length
10745
x-ms-lease-status
unlocked
last-modified
Wed, 14 Jul 2021 18:08:26 GMT
server
cloudflare
etag
0x8D946F260645D12
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
388a5271-f01e-0180-20bd-8b3d19000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
686a8bfa497b05d8-FRA
otFloatingRoundedCorner.json
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFloatingRoundedCorner.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ytYfXLj/blTgicHOgaRl9Q==
age
4001559
vary
Accept-Encoding
content-length
2568
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jul 2021 06:41:44 GMT
server
cloudflare
etag
0x8D94112492A8AA8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2afade1b-b01e-0126-3be0-780507000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
686a8bfa79c605d8-FRA
expires
Tue, 07 Sep 2021 02:21:38 GMT
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 		58 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9be5a755991a236551c0c23a4eb0d1be0a9c1a5cfec150b7a86e29d6c93c381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ezsearcher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 30 Aug 2021 02:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
x7VFfjnh1WeKvHofgMWwEA==
age
4001559
vary
Accept-Encoding
content-length
14385
x-ms-lease-status
unlocked
last-modified
Wed, 07 Jul 2021 06:41:43 GMT
server
cloudflare
etag
0x8D9411248F3B943
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b1e53e1b-101e-0120-6ee0-78f27f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
686a8bfa79c805d8-FRA
expires
Tue, 07 Sep 2021 02:21:38 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| clickManager function| jsIsRetard1 function| onClickBinder1 object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| cbsoptanon string| _cbsotstate function| jsonFeed object| ShamanNotifier object| otStubData object| Optanon object| OneTrust object| adsbygoogle

1 Cookies

Domain/Path Name / Value
ezsearcher.com/ Name: PHPSESSID
Value: cec0d13a57aadbe430589464186f8697

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.cookielaw.org
cvp1a.bemobtrk.com
ezsearcher.com
feed.lookbox.net
geolocation.onetrust.com
mybetterdl.com
p185689.mybetterdl.com
production-cmp.isgprivacy.cbsi.com
searchada.com
topscore.info
ww3.capitalonwe360.com
158.69.125.9
173.192.101.24
18.193.209.105
212.32.237.91
2606:4700:10::6814:b844
2606:4700:3035::6815:9a4
2606:4700::6810:9440
2a00:1450:4001:82a::200a
2a04:4e42:3::444
2a05:d014:286:3502:280f:5c03:88aa:6d81
52.30.3.103
09d96636a041fafef046f5ac11b2c8a1101adeb0274de6302663ffe1e5e902a7
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
1291d14a49e29d75ec6a0185fb35ac27a1eedd7e29765f5aa98999258b610e88
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
2db7c9b8e2b2fa5c3fa8efd675d2e16d2efa4c9426f2a0e9c6ddfa96291259c1
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
4ddca434667393cfce98aad4b51288c4f5b89947edfc6e99550f941bf9a3650c
51ef6ec8fcc981bf8a47e6d7dcee8b654f8d5536379084a60bdd75dc9df7e229
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
a8a0cf84208d7d722fcbb1cade2a395e4226a962163b7f2c10d105d36d36e61b
bbb30e099e44c0dc796d3414e1fda40bc1016cdb92e832a81f4241d5bbef7211
d45e1b3bcd5a995f016d96f2c102a79ef61a919c02c038aa5f1b8763c67e5054
e9be5a755991a236551c0c23a4eb0d1be0a9c1a5cfec150b7a86e29d6c93c381