urlscan.io logo urlscan.io
SecurityTrails logo

1.writerance.com Open in urlscan Pro
2606:4700:30::681f:553c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://11fileupload-1.xyz/
Effective URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe1...
Submission: On February 01 via manual from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 11 domains to perform 14 HTTP transactions. The main IP is 2606:4700:30::681f:553c, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 1.writerance.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 11th 2019. Valid for: a year.
This is the only time 1.writerance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 88.85.69.166 35415 (WEBZILLA)
2 116.203.1.134 24940 (HETZNER-AS)
1 78.140.165.10 35415 (WEBZILLA)
1 1 88.208.46.61 39572 (ADVANCEDH...)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
2 88.208.46.150 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 104.18.39.156 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 88.208.62.3 39572 (ADVANCEDH...)
14 8
1    88.85.69.166 (Netherlands)

ASN35415 (WEBZILLA, NL)
11fileupload-1.xyz
2    116.203.1.134 (Bangalore, India)

ASN24940 (HETZNER-AS, DE)
PTR: static.134.1.203.116.clients.your-server.de
static.134.1.203.116.clients.your-server.de
1    78.140.165.10 (Netherlands)

ASN35415 (WEBZILLA, NL)
mob1ledev1ces.com
1    88.208.46.61 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
geruniversal.com
3    2606:4700:30::681f:553c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
1.writerance.com
2    88.208.46.150 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
advstat.net
1    2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    104.18.39.156 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
guattepush.com
2    2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    88.208.62.3 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
actpx.com
actiflex.org
Domain Requested by
4 guattepush.com 2 redirects 1.writerance.com
guattepush.com
3 1.writerance.com mob1ledev1ces.com
1.writerance.com
2 fonts.gstatic.com 1.writerance.com
2 advstat.net 1.writerance.com
advstat.net
2 static.134.1.203.116.clients.your-server.de static.134.1.203.116.clients.your-server.de
1 actiflex.org guattepush.com
1 actpx.com 1 redirects
1 fonts.googleapis.com 1.writerance.com
1 geruniversal.com 1 redirects
1 mob1ledev1ces.com static.134.1.203.116.clients.your-server.de
1 11fileupload-1.xyz 1 redirects
14 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-01-11 -
2020-01-11		 a year crt.sh
advstat.net
Let's Encrypt Authority X3		 2018-12-06 -
2019-03-06		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
actiflex.org
Let's Encrypt Authority X3		 2019-01-23 -
2019-04-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Frame ID: 19521461E26D481C4E5369EC556FF77D
Requests: 13 HTTP requests in this frame

Frame: https://actiflex.org/pf?p=341&uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1
Frame ID: 1EF9ABA46E2849D6F23CE320F72F6AC4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://11fileupload-1.xyz/ HTTP 302
    http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612eb... Page URL
  2. http://mob1ledev1ces.com/r/?token=46c39ff921af794d2d188355b9c31ca73b8c4b17&q=File270262. Page URL
  3. http://geruniversal.com/7-1ogn-i1b-h3uz-faq?deeplink=https://mob1ledev1ces.com/b?&subid_2=11738&subi... HTTP 302
    https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANq... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

14
Requests

79 %
HTTPS

30 %
IPv6

11
Domains

11
Subdomains

8
IPs

4
Countries

132 kB
Transfer

169 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://11fileupload-1.xyz/ HTTP 302
    http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default Page URL
  2. http://mob1ledev1ces.com/r/?token=46c39ff921af794d2d188355b9c31ca73b8c4b17&q=File270262. Page URL
  3. http://geruniversal.com/7-1ogn-i1b-h3uz-faq?deeplink=https://mob1ledev1ces.com/b?&subid_2=11738&subid_1=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A HTTP 302
    https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://11fileupload-1.xyz/ HTTP 302
  • http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
Request Chain 12
  • https://guattepush.com/js/sync?visitor_id=b4c716ea-a2a2-4809-9baf-465fabcf5a4d HTTP 302
  • https://actpx.com/sync?callback=%2F%2Fguattepush.com%2Fjs%2Fsyncback%3Fvisitor_id%3Db4c716ea-a2a2-4809-9baf-465fabcf5a4d HTTP 302
  • https://guattepush.com/js/syncback?uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1&visitor_id=b4c716ea-a2a2-4809-9baf-465fabcf5a4d HTTP 302
  • https://actiflex.org/pf?p=341&uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set file
static.134.1.203.116.clients.your-server.de/
Redirect Chain
  • http://11fileupload-1.xyz/
  • http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c0...
1 KB
910 B 		Document
General
Check archive.org
Download Go to
Full URL
http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
Protocol
HTTP/1.1
Server
116.203.1.134 Bangalore, India, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.1.203.116.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b440cc5ce808ec3ee797995e1f3c5fc40a662d946d18da1ca59cb7691aa9c7c6

Request headers

Host
static.134.1.203.116.clients.your-server.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 01 Feb 2019 11:30:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
ic_niq=yes; expires=Sat, 02-Feb-2019 11:30:47 GMT; Max-Age=86400; path=/; domain=static.134.1.203.116.clients.your-server.de
Content-Encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Fri, 01 Feb 2019 11:30:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
jquery.min.js
static.134.1.203.116.clients.your-server.de/assets/4881532a/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.134.1.203.116.clients.your-server.de/assets/4881532a/jquery.min.js
Requested by
Host: static.134.1.203.116.clients.your-server.de
URL: http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
Protocol
HTTP/1.1
Server
116.203.1.134 Bangalore, India, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.134.1.203.116.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
static.134.1.203.116.clients.your-server.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
Cookie
ic_niq=yes
Connection
keep-alive
Cache-Control
no-cache
Referer
http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:30:47 GMT
Last-Modified
Tue, 26 Jun 2018 11:29:02 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5b32237e-16dc4"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93636
Cookie set /
mob1ledev1ces.com/r/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://mob1ledev1ces.com/r/?token=46c39ff921af794d2d188355b9c31ca73b8c4b17&q=File270262.
Requested by
Host: static.134.1.203.116.clients.your-server.de
URL: http://static.134.1.203.116.clients.your-server.de/file?f=99667dc864a5ff2c3772f6ad3d6fc3b91d9367276953860af7c113fb03b4c6dd612ebd05cb859f4ac548e71d872f3cfcf99037c3aaa2e4a0b058642b25d588fa3e6242441c06a5c7945f100178c852d58f9d950961b2982f5528c3e378b5696041c6172dc091a7165917352cdee008ca0b1ef75e938b7dbbb0f7eca005c18d59beaa691f3a41d186fba94588dfddb9ee624e3d1b1df7661616bf3a6095952775b35badee7d54a1891043ba3cb6b3330d0b82e47fb4cc341d112f4d399c6e2402c9f40092a8752c968a44bb6a18ebcc23914713b08cbad5a9f48ecf8fad30fa1a90f34516063f24b334ac25&utm_source=datacash&utm_medium=default&utm_campaign=default
Protocol
HTTP/1.1
Server
78.140.165.10 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash

Request headers

Host
mob1ledev1ces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.14.0
Date
Fri, 01 Feb 2019 11:30:48 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bd_context=l0M1ORzELtYuqAWg2LH6wFGowJABCm9z7gcKe+omedDD8hujkaqLeaFzCFWIUslwUqhEmZuKX/4OVDolCL0wnbZUPIljKyyBDCrWqeIMOGiEBvfnAmZ4okMlcJUKllFmrkP1cNCYpdHMHGVqjUtsHWuuiukFBNpeY7Ot+pRF+YK8m9GErG0NeiOfG/02Z64QT7en6VmNqgychEltxeyHFPGzEzna9XkLaPPy43LlHQ0pvJKtHnHOluc+gtR/O6l4e3zmh4aR3n3Ih6OjnibPYyYbBqCEsSXctIzOGS2q18+2IuohJkQ7OWRI6GN1uCxwu4CQ9BbsuFjOcvjlBYOSq1I=; Expires=Sat, 01 Feb 2020 11:30:48 GMT
Primary Request c1
1.writerance.com/index/
Redirect Chain
  • http://geruniversal.com/7-1ogn-i1b-h3uz-faq?deeplink=https://mob1ledev1ces.com/b?&subid_2=11738&subid_1=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A
  • https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Requested by
Host: mob1ledev1ces.com
URL: http://mob1ledev1ces.com/r/?token=46c39ff921af794d2d188355b9c31ca73b8c4b17&q=File270262.
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:553c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac45adad2bce74b2f3ff64c59c777aca59f066dd561d3dc29b3a2161fa9fd6f

Request headers

:method
GET
:authority
1.writerance.com
:scheme
https
:path
/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://mob1ledev1ces.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://mob1ledev1ces.com/

Response headers

status
200
date
Fri, 01 Feb 2019 11:30:48 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da794156f368413681ce21c502b8ba4e01549020648; expires=Sat, 01-Feb-20 11:30:48 GMT; path=/; domain=.writerance.com; HttpOnly
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4a24168b8c4397ec-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Fri, 01 Feb 2019 11:30:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
visitId=1gwqe19rsvmxoy98; expires=Sun, 03-Feb-2019 11:30:48 GMT; Max-Age=172800; path=/
location
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
style.css
1.writerance.com/check_browser_light/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1.writerance.com/check_browser_light/css/style.css
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:553c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c213ad1aa749a5a20375b03e2c89695022935fade3097fd19bf2e67c7abcb83

Request headers

:path
/check_browser_light/css/style.css
pragma
no-cache
cookie
__cfduid=da794156f368413681ce21c502b8ba4e01549020648
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
1.writerance.com
referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
:scheme
https
:method
GET
Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:30:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Dec 2018 14:31:14 GMT
server
cloudflare
etag
W/"5c278532-30d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4a24168bfcd397ec-FRA
expires
Fri, 01 Feb 2019 15:30:48 GMT
script.js
1.writerance.com/check_browser_light/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1.writerance.com/check_browser_light/js/script.js
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:553c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee821637eb41980d1687a2894c076c3fa94bb9f2f467ad3659a4f715adc598ae

Request headers

:path
/check_browser_light/js/script.js
pragma
no-cache
cookie
__cfduid=da794156f368413681ce21c502b8ba4e01549020648
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
1.writerance.com
referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
:scheme
https
:method
GET
Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 11:30:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Dec 2018 11:38:51 GMT
server
cloudflare
etag
W/"5c24b9cb-b9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4a24168bfcd797ec-FRA
expires
Fri, 01 Feb 2019 15:30:48 GMT
tag.js
advstat.net/js/ 		835 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advstat.net/js/tag.js
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.150 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bcc62ecf29cff5bccc293e1dc1566da4c329d9779803611e117ed30b53cb3c9c

Request headers

Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:30:48 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
css
fonts.googleapis.com/ 		7 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
5ca8a5e5ae6789b9db755efa0deea60a8db01bf8be4a447666eda7a5eb96e8fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 01 Feb 2019 11:30:48 GMT
server
ESF
access-control-allow-origin
*
date
Fri, 01 Feb 2019 11:30:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Fri, 01 Feb 2019 11:30:48 GMT
86425.js
guattepush.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guattepush.com/86425.js
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.39.156 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d66ef101ee2047df40e52a142ef10febe285057be96e14426967b6cb18c115f

Request headers

Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:30:48 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, must-revalidate
cf-ray
4a24168c7db46427-FRA
expires
0
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Origin
https://1.writerance.com

Response headers

date
Tue, 22 Jan 2019 18:18:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:50 GMT
server
sffe
age
839543
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6728
x-xss-protection
1; mode=block
expires
Wed, 22 Jan 2020 18:18:25 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: 1.writerance.com
URL: https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700,400i&subset=cyrillic
Origin
https://1.writerance.com

Response headers

date
Thu, 31 Jan 2019 14:16:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
76487
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10748
x-xss-protection
1; mode=block
expires
Fri, 31 Jan 2020 14:16:01 GMT
scripts
advstat.net/api/ 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://advstat.net/api/scripts?visitid=1gwqe19rsvmxoy98
Requested by
Host: advstat.net
URL: https://advstat.net/js/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.150 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 01 Feb 2019 11:30:48 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
37428
guattepush.com/ 		6 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guattepush.com/37428
Requested by
Host: guattepush.com
URL: https://guattepush.com/86425.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.39.156 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f2c1ff16c905bf0289e20feaa53992d601c6ca3c6562a4ebf906ac0455f0d3

Request headers

Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Origin
https://1.writerance.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Feb 2019 11:30:48 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json
access-control-allow-origin
https://1.writerance.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
4a24168cadcb6427-FRA
expires
0
Cookie set pf
actiflex.org/ Frame 1EF9
Redirect Chain
  • https://guattepush.com/js/sync?visitor_id=b4c716ea-a2a2-4809-9baf-465fabcf5a4d
  • https://actpx.com/sync?callback=%2F%2Fguattepush.com%2Fjs%2Fsyncback%3Fvisitor_id%3Db4c716ea-a2a2-4809-9baf-465fabcf5a4d
  • https://guattepush.com/js/syncback?uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1&visitor_id=b4c716ea-a2a2-4809-9baf-465fabcf5a4d
  • https://actiflex.org/pf?p=341&uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://actiflex.org/pf?p=341&uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1
Requested by
Host: guattepush.com
URL: https://guattepush.com/86425.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.62.3 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host
actiflex.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://1.writerance.com/index/c1?diff=10&source=og&campaign=5003&content=AOgtVFzaLQAAEM4BAERFMwASANqJBa8A&clickid=1gwqe19rsvmxoy98&aurl=https%3A%2F%2Fmob1ledev1ces.com%2Fb%3F

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Fri, 01 Feb 2019 11:30:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
_ssp_uid=rnw8hdEfQt6xfxsCI9sjSw; path=/; Expires=Wed, 31-Jan-2024 11:30:48 GMT
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

status
302
date
Fri, 01 Feb 2019 11:30:48 GMT
content-type
text/html; charset=UTF-8
location
//actiflex.org/pf?p=341&uid=rnw8hdEfQt6xfxsCI9sjSw&dmpNewUser=1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4a24168e4f756427-FRA

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| popup function| showLayout function| browserDetect function| dnl function| undnl string| jsPhrase object| wpnConfig function| startFromVisit function| _typeof function| _slicedToArray

1 Cookies

Domain/Path Name / Value
.writerance.com/ Name: __cfduid
Value: da794156f368413681ce21c502b8ba4e01549020648