urlscan.io logo urlscan.io
SecurityTrails logo

althings.ca Open in urlscan Pro
217.8.117.8  Public Scan

Go To Rescan Add Verdict Report
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7P...
Submission: On June 04 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 7 countries across 14 domains to perform 19 HTTP transactions. The main IP is 217.8.117.8, located in Russian Federation and belongs to CREXFEXPEX-RUSSIA, RU. The main domain is althings.ca.
This is the only time althings.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.8.117.8 47510 (CREXFEXPE...)
2 9 160.153.244.152 21501 (GODADDY-AMS)
1 1 146.185.44.114 47841 (OXALIDE)
1 1 146.185.44.113 47841 (OXALIDE)
1 52.218.80.73 16509 (AMAZON-02)
6 6 35.244.174.68 15169 (GOOGLE)
4 4 172.217.22.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 37.252.172.249 29990 (ASN-APPNEX)
3 35.241.8.149 15169 (GOOGLE)
2 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 2 91.216.195.18 12516 (WEBORAMA ...)
1 1 54.194.46.76 16509 (AMAZON-02)
1 52.49.181.72 16509 (AMAZON-02)
1 2 2001:41d0:301... 16276 (OVH)
1 2 18.203.208.222 16509 (AMAZON-02)
1 46.248.181.125 47544 (IQPL-AS)
19 10
1    217.8.117.8 (Russian Federation)

ASN47510 (CREXFEXPEX-RUSSIA, RU)
althings.ca
9    160.153.244.152 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-244-152.ip.secureserver.net
ima.temprikon.eu
1    146.185.44.114 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net
tracker.bdtrkone.com
1    146.185.44.113 (France)

ASN47841 (OXALIDE, FR)
PTR: not.updated.oxalide.net
act.bdtrkconv.com
1    52.218.80.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com
bdcreatives.s3.amazonaws.com
6    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ejp.rlcdn.com
4    172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net
cm.g.doubleclick.net
2    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    35.241.8.149 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 149.8.241.35.bc.googleusercontent.com
idsync.rlcdn.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    91.216.195.18 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-01-vip.weborama.fr
wam.solution.weborama.fr
1    54.194.46.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-46-76.eu-west-1.compute.amazonaws.com
crt.temprikon.eu
1    52.49.181.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-72.eu-west-1.compute.amazonaws.com
notify.adleadevent.com
2    2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)
squa.temprikon.eu
squa.squatiki.eu
2    18.203.208.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-222.eu-west-1.compute.amazonaws.com
erm.temprikon.eu
er.cloud-media.fr
1    46.248.181.125 (GdaƄsk, Poland)

ASN47544 (IQPL-AS, PL)
PTR: 46-248-181-125.rev.iq.pl
links.temprikon.eu
Domain Requested by
9 ima.temprikon.eu 2 redirects althings.ca
6 ejp.rlcdn.com 6 redirects
4 cm.g.doubleclick.net 4 redirects
3 idsync.rlcdn.com althings.ca
2 wam.solution.weborama.fr 2 redirects
2 gum.criteo.com 2 redirects
2 ib.adnxs.com 2 redirects
2 s0.2mdn.net althings.ca
1 links.temprikon.eu althings.ca
1 er.cloud-media.fr althings.ca
1 erm.temprikon.eu 1 redirects
1 squa.squatiki.eu althings.ca
1 squa.temprikon.eu 1 redirects
1 notify.adleadevent.com althings.ca
1 crt.temprikon.eu 1 redirects
1 bdcreatives.s3.amazonaws.com althings.ca
1 act.bdtrkconv.com 1 redirects
1 tracker.bdtrkone.com 1 redirects
1 althings.ca
0 flex.temprikon.eu Failed althings.ca
19 20

This site contains links to these domains. Also see Links.

Domain
links.temprikon.eu
Subject Issuer Validity Valid
ima.temprikon.eu
cPanel, Inc. Certification Authority		 2020-05-30 -
2020-08-28		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2021-03-12		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
*.adleadevent.com
Gandi Standard SSL CA 2		 2020-04-14 -
2021-04-17		 a year crt.sh
em.cybercartes.com
Let's Encrypt Authority X3		 2020-04-09 -
2020-07-08		 3 months crt.sh
*.cmrt.io
Amazon		 2019-10-11 -
2020-11-11		 a year crt.sh
links.temprikon.eu
Let's Encrypt Authority X3		 2020-05-05 -
2020-08-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Frame ID: AE79647BC93E6D89CF8FDE8DFA3EA067
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

89 %
HTTPS

18 %
IPv6

14
Domains

20
Subdomains

10
IPs

7
Countries

103 kB
Transfer

98 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://ima.temprikon.eu/ge33nUHOu0ez HTTP 301
  • https://ima.temprikon.eu/ge33nUHOu0ez/ HTTP 302
  • https://tracker.bdtrkone.com/complaints/image/qpzcdecysuhaa1au0xtkh HTTP 301
  • https://act.bdtrkconv.com/complaints/image/qpzcdecysuhaa1au0xtkh HTTP 302
  • https://bdcreatives.s3.amazonaws.com/hosting/tdf/quality_check.png
Request Chain 8
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=1 HTTP 307
  • https://ejp.rlcdn.com/1000.gif?memo=CMajKxIrCiYIBBAAGiBmM2E5MmRiZjQ3ZmFlZTk0NWM1NDU2MWZmZmE2NWEzNhCddRoNCLrg4_YFEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm=&google_tc= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_gid=CAESEH6WTwLA3o0GU-OFjaTexPE&google_cver=1
Request Chain 9
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm=&google_tc= HTTP 302
  • https://s0.2mdn.net/dot.gif?google_gid=CAESECIh-GS5uKMCmfH7axvt6Xg&google_cver=1
Request Chain 10
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=3 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5054910900685769142
Request Chain 11
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=4 HTTP 307
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=PeLnpcSEVI0UE-r3IL1Jme1_1G2CQI3I
Request Chain 12
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=5 HTTP 307
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=243761&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
  • https://idsync.rlcdn.com/401726.gif?partner_uid=btqPt/NUhPnC6ajqctxBQO
Request Chain 14
  • https://crt.temprikon.eu/adtckrtg.php?ids=2443&s=3102&hash=f3a92dbf47faee945c54561fffa65a36&hash256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6 HTTP 301
  • https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3102&hash=f3a92dbf47faee945c54561fffa65a36&hash256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
Request Chain 15
  • https://squa.temprikon.eu/collect_v2.img.php?dmp=emdmpeasy&p=1868&s=1868&m=f3a92dbf47faee945c54561fffa65a36&email_sha256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6 HTTP 302
  • https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1868&s=1868&m=f3a92dbf47faee945c54561fffa65a36&email_sha256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
Request Chain 16
  • http://erm.temprikon.eu/r/f3a92dbf47faee945c54561fffa65a36/386bafba-f185-4cee-98d4-6a32afbdfe93 HTTP 302
  • https://er.cloud-media.fr/c/f3a92dbf47faee945c54561fffa65a36/386bafba-f185-4cee-98d4-6a32afbdfe93

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 31ov4u8mvv82xzf8up6sion.dll
althings.ca/optiext/optiexten/ 		15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Server
217.8.117.8 , Russian Federation, ASN47510 (CREXFEXPEX-RUSSIA, RU),
Reverse DNS
Software
nginx /
Resource Hash
6e85b3a698b2f74ce184b08912eede591c93818ad4a66073a27a8a5e472bac08

Request headers

Host
althings.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jun 2020 13:00:10 GMT
Server
nginx
Transfer-Encoding
chunked
wDRMU0rA1WuG.png
ima.temprikon.eu/3ZvnjJZGFoC0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/wDRMU0rA1WuG.png
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
12c05d25ee6fe182b2c0a168cf41f68a85ee64df694ec8ee0f5a528ea9d2c984

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:34 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
6213
Content-Type
image/png
XiB479mvoUbe.jpg
ima.temprikon.eu/3ZvnjJZGFoC0/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/XiB479mvoUbe.jpg
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
9d663e19667f93e6de230945e137e5dd9098ec704046c8f8c45c43286dfe24ae

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:35 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
16475
Content-Type
image/jpeg
gSGoKHTuP4Md.jpg
ima.temprikon.eu/3ZvnjJZGFoC0/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/gSGoKHTuP4Md.jpg
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
76535c9f98c1d5b45b5f25e1b0c03f533f44c24cd761de3e362ea8dd7e63e1e0

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:36 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
14651
Content-Type
image/jpeg
cVEfGBHeWgc5.jpg
ima.temprikon.eu/3ZvnjJZGFoC0/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/cVEfGBHeWgc5.jpg
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
6ea2b37d75b235ca9b8f15dec8e04932c69d51f73ee16791e42b887b1c60fa5f

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:33 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
12945
Content-Type
image/jpeg
PP6NEVm1cUN0.jpg
ima.temprikon.eu/3ZvnjJZGFoC0/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/PP6NEVm1cUN0.jpg
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
6145d3e92399d3424af7d58a0d2e0831ac892817787c42f78ddcbbbd1143aced

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:34 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
10567
Content-Type
image/jpeg
QzTm0r41SPPR.jpg
ima.temprikon.eu/3ZvnjJZGFoC0/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/QzTm0r41SPPR.jpg
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
df891778cc36893d27e1311f95ba7ce9e8f676b1c5eb9ee821a979739299c401

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:35 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
18574
Content-Type
image/jpeg
VUOOH6850DxV.png
ima.temprikon.eu/3ZvnjJZGFoC0/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.temprikon.eu/3ZvnjJZGFoC0/VUOOH6850DxV.png
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
08cab444d40b4939320d039146f930e43a5053f6fe44f472fed5e7fe9de8ce70

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 30 Apr 2020 10:24:33 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
2827
Content-Type
image/png
quality_check.png
bdcreatives.s3.amazonaws.com/hosting/tdf/
Redirect Chain
  • https://ima.temprikon.eu/ge33nUHOu0ez
  • https://ima.temprikon.eu/ge33nUHOu0ez/
  • https://tracker.bdtrkone.com/complaints/image/qpzcdecysuhaa1au0xtkh
  • https://act.bdtrkconv.com/complaints/image/qpzcdecysuhaa1au0xtkh
  • https://bdcreatives.s3.amazonaws.com/hosting/tdf/quality_check.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bdcreatives.s3.amazonaws.com/hosting/tdf/quality_check.png
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.80.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cddb1cf7fa34d5de430788855023b86b1ca6e36ca97460a7ce0f675d484104fa

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:40 GMT
Last-Modified
Tue, 27 Feb 2018 15:52:34 GMT
Server
AmazonS3
x-amz-request-id
288B8EF5F685DACA
ETag
"29f9c148b5b4edf9f8d0a1d7b729eae5"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1506
x-amz-id-2
s2PF9vyxWHpIIuQzry5fsUMS98zP1c0xL5WI6+LvNuAnqQ2mf40eYd/mg/a00DR3TO8myOhXhRc=

Redirect headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Server
Apache
P3P
CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location
https://bdcreatives.s3.amazonaws.com/hosting/tdf/quality_check.png
Cache-Control
no-cache, private
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
508
dot.gif
s0.2mdn.net/
Redirect Chain
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=1
  • https://ejp.rlcdn.com/1000.gif?memo=CMajKxIrCiYIBBAAGiBmM2E5MmRiZjQ3ZmFlZTk0NWM1NDU2MWZmZmE2NWEzNhCddRoNCLrg4_YFEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm=&google_tc=
  • https://s0.2mdn.net/dot.gif?google_gid=CAESEH6WTwLA3o0GU-OFjaTexPE&google_cver=1
43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEH6WTwLA3o0GU-OFjaTexPE&google_cver=1
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 12:59:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 05 Jun 2020 12:59:38 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jun 2020 12:59:38 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s0.2mdn.net/dot.gif?google_gid=CAESEH6WTwLA3o0GU-OFjaTexPE&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/
Redirect Chain
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=2
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_cm=&google_tc=
  • https://s0.2mdn.net/dot.gif?google_gid=CAESECIh-GS5uKMCmfH7axvt6Xg&google_cver=1
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESECIh-GS5uKMCmfH7axvt6Xg&google_cver=1
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Jun 2020 12:59:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Fri, 05 Jun 2020 12:59:38 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jun 2020 12:59:38 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s0.2mdn.net/dot.gif?google_gid=CAESECIh-GS5uKMCmfH7axvt6Xg&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=3
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5054910900685769142
42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5054910900685769142
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
149.8.241.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Jun 2020 12:59:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jun 2020 12:59:40 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid
68595cb6-145b-4755-9f17-941ebe868f16
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=5054910900685769142
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
397676.gif
idsync.rlcdn.com/
Redirect Chain
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=4
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=PeLnpcSEVI0UE-r3IL1Jme1_1G2CQI3I
42 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=PeLnpcSEVI0UE-r3IL1Jme1_1G2CQI3I
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
149.8.241.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Jun 2020 12:59:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

status
302
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
date
Thu, 04 Jun 2020 12:59:38 GMT
content-length
221
location
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=PeLnpcSEVI0UE-r3IL1Jme1_1G2CQI3I
content-type
text/html; charset=utf-8
401726.gif
idsync.rlcdn.com/
Redirect Chain
  • https://ejp.rlcdn.com/709062.gif?m=f3a92dbf47faee945c54561fffa65a36&n=5
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=243761&d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
  • https://idsync.rlcdn.com/401726.gif?partner_uid=btqPt/NUhPnC6ajqctxBQO
42 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401726.gif?partner_uid=btqPt/NUhPnC6ajqctxBQO
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
149.8.241.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Jun 2020 12:59:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
200
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Thu, 04 Jun 2020 12:59:38 GMT
Last-Modified
Thu, 04 Jun 2020 12:59:38 GMT
Server
Apache
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
Location
https://idsync.rlcdn.com/401726.gif?partner_uid=btqPt/NUhPnC6ajqctxBQO
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires
Tue, 03 Jul 2001 06:00:00 GMT
pixel.php
flex.temprikon.eu/tags/ 		0
0
adtckrtg.php
notify.adleadevent.com/
Redirect Chain
  • https://crt.temprikon.eu/adtckrtg.php?ids=2443&s=3102&hash=f3a92dbf47faee945c54561fffa65a36&hash256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
  • https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3102&hash=f3a92dbf47faee945c54561fffa65a36&hash256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
43 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3102&hash=f3a92dbf47faee945c54561fffa65a36&hash256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.181.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-181-72.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Server
nginx/1.10.3
X-Powered-By
Express
ETag
W/"2b-2eaaa083"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3102&hash=f3a92dbf47faee945c54561fffa65a36&hash256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
Date
Thu, 04 Jun 2020 13:11:14 GMT
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
Content-Length
193
Content-Type
text/html
collect_v2.img.php
squa.squatiki.eu/
Redirect Chain
  • https://squa.temprikon.eu/collect_v2.img.php?dmp=emdmpeasy&p=1868&s=1868&m=f3a92dbf47faee945c54561fffa65a36&email_sha256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
  • https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1868&s=1868&m=f3a92dbf47faee945c54561fffa65a36&email_sha256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
43 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1868&s=1868&m=f3a92dbf47faee945c54561fffa65a36&email_sha256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:41d0:301:100:145:239:193:53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
Cache-Control
no-store, no-cache
Transfer-Encoding
chunked
Content-Type
image/gif
X-IPLB-Instance
25256
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"

Redirect headers

Location
https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1868&s=1868&m=f3a92dbf47faee945c54561fffa65a36&email_sha256=73c4ed5c45f4d34513abaed87a12b07933a79a0b7dc87690628cf7ad13ba73e6
Date
Thu, 04 Jun 2020 12:59:38 GMT
Content-Type
text/html
Content-Length
158
Strict-Transport-Security
max-age=31536000
X-IPLB-Instance
25256
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
386bafba-f185-4cee-98d4-6a32afbdfe93
er.cloud-media.fr/c/f3a92dbf47faee945c54561fffa65a36/
Redirect Chain
  • http://erm.temprikon.eu/r/f3a92dbf47faee945c54561fffa65a36/386bafba-f185-4cee-98d4-6a32afbdfe93
  • https://er.cloud-media.fr/c/f3a92dbf47faee945c54561fffa65a36/386bafba-f185-4cee-98d4-6a32afbdfe93
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/f3a92dbf47faee945c54561fffa65a36/386bafba-f185-4cee-98d4-6a32afbdfe93
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.208.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-208-222.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 04 Jun 2020 12:59:38 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

Date
Thu, 04 Jun 2020 12:59:38 GMT
X-Content-Type-Options
nosniff
Server
awselb/2.0
Content-Type
text/html;charset=utf-8
Location
https://er.cloud-media.fr/c/f3a92dbf47faee945c54561fffa65a36/386bafba-f185-4cee-98d4-6a32afbdfe93
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
7b242560
links.temprikon.eu/o/cpr/1bLvqNmctbj35hppV2Vbwa/na6U/F/ 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.temprikon.eu/o/cpr/1bLvqNmctbj35hppV2Vbwa/na6U/F/7b242560
Requested by
Host: althings.ca
URL: http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.248.181.125 GdaƄsk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
46-248-181-125.rev.iq.pl
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://althings.ca/optiext/optiexten/31ov4u8mvv82xzf8up6sion.dll?ID=szpkOqx7nCq_huw25a0WuhaRNgyvuWdP3XozgvXkNu0nb7PQ2Hfcd9A_ynzhdAppU9cuGQr4ydjLEAXqLsIFJRTmdJC+mB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 04 Jun 2020 12:59:38 GMT
cache-control
no-cache, max-age=0
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
flex.temprikon.eu
URL
http://flex.temprikon.eu/tags/pixel.php?h=f3a92dbf47faee945c54561fffa65a36&source=507

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.bdtrkconv.com
althings.ca
bdcreatives.s3.amazonaws.com
cm.g.doubleclick.net
crt.temprikon.eu
ejp.rlcdn.com
er.cloud-media.fr
erm.temprikon.eu
flex.temprikon.eu
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
ima.temprikon.eu
links.temprikon.eu
notify.adleadevent.com
s0.2mdn.net
squa.squatiki.eu
squa.temprikon.eu
tracker.bdtrkone.com
wam.solution.weborama.fr
flex.temprikon.eu
146.185.44.113
146.185.44.114
160.153.244.152
172.217.22.66
18.203.208.222
2001:41d0:301:100:145:239:193:53
217.8.117.8
2a00:1450:4001:801::2006
2a02:2638::1c
35.241.8.149
35.244.174.68
37.252.172.249
46.248.181.125
52.218.80.73
52.49.181.72
54.194.46.76
91.216.195.18
08cab444d40b4939320d039146f930e43a5053f6fe44f472fed5e7fe9de8ce70
12c05d25ee6fe182b2c0a168cf41f68a85ee64df694ec8ee0f5a528ea9d2c984
6145d3e92399d3424af7d58a0d2e0831ac892817787c42f78ddcbbbd1143aced
6e85b3a698b2f74ce184b08912eede591c93818ad4a66073a27a8a5e472bac08
6ea2b37d75b235ca9b8f15dec8e04932c69d51f73ee16791e42b887b1c60fa5f
76535c9f98c1d5b45b5f25e1b0c03f533f44c24cd761de3e362ea8dd7e63e1e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9d663e19667f93e6de230945e137e5dd9098ec704046c8f8c45c43286dfe24ae
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cddb1cf7fa34d5de430788855023b86b1ca6e36ca97460a7ce0f675d484104fa
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df891778cc36893d27e1311f95ba7ce9e8f676b1c5eb9ee821a979739299c401
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629