urlscan.io logo urlscan.io
SecurityTrails logo

butthurt.co Open in urlscan Pro
2400:cb00:2048:1::6812:2af2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/2tmGFNX
Effective URL: http://butthurt.co/saf.php
Submission: On July 13 via manual from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 31 HTTP transactions. The main IP is 2400:cb00:2048:1::6812:2af2, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is butthurt.co.
This is the only time butthurt.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.185.16.146 ()
1 2a00:1450:400... 15169 (GOOGLE)
1 67.202.94.93 32748 (STEADFAST)
1 69.4.231.30 36351 (SOFTLAYER)
1 104.16.87.26 13335 (CLOUDFLAR...)
1 208.100.17.187 32748 (STEADFAST)
1 208.100.17.184 32748 (STEADFAST)
1 52.50.52.103 16509 (AMAZON-02)
1 35.156.121.57 16509 (AMAZON-02)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
8 2400:cb00:204... 13335 (CLOUDFLAR...)
2 168.63.33.206 8075 (MICROSOFT...)
3 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
31 19
1    2400:cb00:2048:1::6812:2af2 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
butthurt.co
1    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
1    146.185.16.146 (United Kingdom)

ASN- ()
PTR: 92b91092.rdns.100tb.com
widgets.amung.us
1    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
1    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us
whos.amung.us
1    69.4.231.30 (Providence, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: no-rdns.ord02.hostingservicesinc.net
t.dtscout.com
1    104.16.87.26 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cdn.tynt.com
1    208.100.17.187 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip187.208-100-17.static.steadfastdns.net
ic.tynt.com
1    208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip184.208-100-17.static.steadfastdns.net
de.tynt.com
1    52.50.52.103 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-52-103.eu-west-1.compute.amazonaws.com
s.cpx.to
1    35.156.121.57 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-121-57.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2400:cb00:2048:1::6819:d56a (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cs.forbrugerpost.dk
8    2400:cb00:2048:1::6813:c266 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cdnjs.cloudflare.com
2    168.63.33.206 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
campaignsys.blob.core.windows.net
3    2400:cb00:2048:1::681f:5b7e (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
randomuser.me
1    2400:cb00:2048:1::6813:c366 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
cdnjs.cloudflare.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
9 cdnjs.cloudflare.com cs.forbrugerpost.dk
3 randomuser.me cs.forbrugerpost.dk
2 campaignsys.blob.core.windows.net cs.forbrugerpost.dk
1 www.facebook.com butthurt.co
1 connect.facebook.net cs.forbrugerpost.dk
1 cs.forbrugerpost.dk
1 ps.eyeota.net
1 s.cpx.to
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com butthurt.co
1 cdn.tynt.com widgets.amung.us
1 t.dtscout.com widgets.amung.us
t.dtscout.com
1 whos.amung.us widgets.amung.us
1 fonts.gstatic.com butthurt.co
1 widgets.amung.us butthurt.co
1 fonts.googleapis.com butthurt.co
1 butthurt.co
0 tags.bluekai.com Failed
31 18

This site contains no links.

Subject Issuer Validity Valid
ssl373140.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-04-27 -
2017-11-03		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-05-27 -
2017-12-03		 6 months crt.sh
*.blob.core.windows.net
Microsoft IT SSL SHA2		 2016-07-02 -
2018-05-07		 2 years crt.sh
sni39465.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-05-23 -
2017-11-29		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh

This page contains 4 frames:

Frame: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Frame ID: 7169.1
Requests: 13 HTTP requests in this frame

Frame: http://t.dtscout.com/idg/
Frame ID: 7169.2
Requests: 1 HTTP requests in this frame

Frame: http://tags.bluekai.com/site/27519?dt=0&r=1929413135&sig=878419092&bkca=KJpnEnaNpQlN2z7J04wt24HJvQXreDy6e7B1PpPt9uvNG+xutT0ulO0NGLuXkwhzV61Eu6+nR01n1p1nu6L9qcXuTQ==
Frame ID: 7169.3
Requests: 1 HTTP requests in this frame

Frame: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Frame ID: 7221.1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

31
Requests

55 %
HTTPS

50 %
IPv6

15
Domains

18
Subdomains

19
IPs

4
Countries

490 kB
Transfer

841 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 10
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4681334710566479474
Request 11
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc=
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEATX7ntq63M-e_pPTkZaA50&google_cver=1
Request 12
  • http://tags.bluekai.com/site/27519?id=CmUMLllnKMILbwSuQa3VAg%3D%3D&ret=html&random=1499932866899
  • http://tags.bluekai.com/site/27519?dt=0&r=1929413135&sig=878419092&bkca=KJpnEnaNpQlN2z7J04wt24HJvQXreDy6e7B1PpPt9uvNG+xutT0ulO0NGLuXkwhzV61Eu6+nR01n1p1nu6L9qcXuTQ==
Request 13
  • https://jellyclick.com/r/lb/59?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
  • https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request saf.php
butthurt.co/
Redirect Chain
  • http://bit.ly/2tmGFNX
  • http://butthurt.co/saf.php
 		1 KB
790 B 		Document
General
Check archive.org
Download Go to
Full URL
http://butthurt.co/saf.php
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6812:2af2 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / PHP/5.6.30
Resource Hash
33b7354ac890e2966224040bb6ff8528c75ed881da802df526c58ff29b9e1266

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Content-Encoding
gzip
Server
cloudflare-nginx
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
37dab65d228b6349-FRA

Redirect headers

Location
http://butthurt.co/saf.php
Date
Thu, 13 Jul 2017 08:01:06 GMT
Cache-Control
private, max-age=90
Server
nginx
Connection
keep-alive
Content-Length
113
Content-Type
text/html; charset=utf-8
css
fonts.googleapis.com/ 		255 B
231 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Fira+Sans:300&subset=latin,cyrillic-ext
Requested by
Host: butthurt.co
URL: http://butthurt.co/saf.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
cc8ea8bcb70f48754fe8d7633e897e108d4b006bf2bdc75fc45d11c7a1035a0f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Content-Encoding
gzip
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400
Transfer-Encoding
chunked
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
Expires
Thu, 13 Jul 2017 08:01:06 GMT
classic.js
widgets.amung.us/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://widgets.amung.us/classic.js
Requested by
Host: butthurt.co
URL: http://butthurt.co/saf.php
Protocol
HTTP/1.1
Server
146.185.16.146 , United Kingdom, ASN (),
Reverse DNS
92b91092.rdns.100tb.com
Software
nginx/1.9.6 /
Resource Hash
7b89adef34d829fc509b8962a84f2359b2956b886efbf65c7f103ade816a77c5

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2017 16:37:25 GMT
Server
nginx/1.9.6
ETag
W/"593acec5-2496"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=60
Connection
keep-alive
Expires
Thu, 13 Jul 2017 08:02:06 GMT
VTBnrK42EiOBncVyQXZ7j2eP1y_Bkidl4ESyB_O2G_c.ttf
fonts.gstatic.com/s/firasans/v7/ 		101 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/firasans/v7/VTBnrK42EiOBncVyQXZ7j2eP1y_Bkidl4ESyB_O2G_c.ttf
Requested by
Host: butthurt.co
URL: http://butthurt.co/saf.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
f0e6fa165472584189d2dad2b3b3da269dc3763be89cf5b8b820abfbba9cbc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Fira+Sans:300&subset=latin,cyrillic-ext
Origin
http://butthurt.co

Response headers

Date
Thu, 13 Jul 2017 07:55:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 10 Jan 2017 21:02:52 GMT
Server
sffe
Age
322
Vary
Accept-Encoding
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
49349
X-XSS-Protection
1; mode=block
Expires
Fri, 13 Jul 2018 07:55:44 GMT
/
whos.amung.us/pingjs/ 		30 B
61 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=chx1fuc7r9op&t=Loading...&c=c&y=&a=0&d=0.32&v=22&r=8615
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol
HTTP/1.1
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
amung.us
Software
/
Resource Hash
77e267a30f46cd58becb5ffb613b0dad0c66b2ab36124e9107593586a4bf1564

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
/
t.dtscout.com/i/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://t.dtscout.com/i/?l=http%3A%2F%2Fbutthurt.co%2Fsaf.php&j=
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol
HTTP/1.1
Server
69.4.231.30 Providence, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
no-rdns.ord02.hostingservicesinc.net
Software
/
Resource Hash
d3f4b9d67365687a2124cd0c394013fb3486074913f704a34d6024451a9ac3e8

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Cache-Control
no-cache
Connection
close
Content-Type
application/javascript
X-Z
I
Transfer-Encoding
chunked
Expires
Thu, 13 Jul 2017 08:01:05 GMT
/
t.dtscout.com/idg/ Frame 7169 		0
0
tc.js
cdn.tynt.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/classic.js
Protocol
HTTP/1.1
Server
104.16.87.26 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f6ce04ba4ad492afccfe8bf8a1d6ad29e1b6fbb6be29e4173a6d10f00fd9cf16

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 07 Jul 2017 15:38:14 GMT
Server
cloudflare-nginx
ETag
W/"595faae6-3f15"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
37dab65f76570f4b-FRA
Expires
Sun, 16 Jul 2017 08:01:06 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
p
ic.tynt.com/b/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ic.tynt.com/b/p?id=w!chx1fuc7r9op&lm=0&ts=1499932866488&dn=TC&iso=0&img=http%3A%2F%2Fudostepnij.co%2Fwp-content%2Fuploads%2F2017%2F03%2Fwar-widow-posts-heartbreaking-10000-reward-for-missing-phone-on-craigslist1.jpg&ct=Iphone&t=Loading...
Requested by
Host: butthurt.co
URL: http://butthurt.co/saf.php
Protocol
HTTP/1.1
Server
208.100.17.187 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
nginx/1.10.3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Last-Modified
Fri, 16 Apr 2010 15:38:20 GMT
Server
nginx/1.10.3
ETag
"4bc8846c-23"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Cache-Control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
35
Expires
"Sat, 26 Jul 1997 05:00:00 GMT"
v2
de.tynt.com/deb/ 		704 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
http://de.tynt.com/deb/v2?id=w!chx1fuc7r9op&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/tc.js
Protocol
HTTP/1.1
Server
208.100.17.184 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
ce270434edfaf91acf8d0b64cffa3097e2c316d451bd0f5ccf3cf12c189dc5df

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:06 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
Content-Type
application/javascript
Connection
close
P3P
CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA
Content-Length
704
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%253A%252F%252Fs.cpx.to%252Fca.png%253Fref%253D%2526pid%253D11254%2526adnxs_uid%253D%2524UID
  • http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4681334710566479474
 		95 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4681334710566479474
Protocol
HTTP/1.1
Server
52.50.52.103 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-50-52-103.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Jul 2017 08:01:07 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Thu, 13 Jul 2017 08:01:07 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jul 2017 08:01:08 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.198:80
AN-X-Request-Uuid
75d23686-0589-4ffb-a66d-62a7a30d7713
Server
nginx/1.11.5
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://s.cpx.to/ca.png?ref=&pid=11254&adnxs_uid=4681334710566479474
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&bid=gdo9o51&newuser=1&google_tc=
  • http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEATX7ntq63M-e_pPTkZaA50&google_cver=1
 		70 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEATX7ntq63M-e_pPTkZaA50&google_cver=1
Protocol
HTTP/1.1
Server
35.156.121.57 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-156-121-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 13 Jul 2017 08:01:07 GMT
Content-Length
70
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 13 Jul 2017 08:01:07 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://ps.eyeota.net/match?bid=gdo9o51&newuser=1&google_gid=CAESEATX7ntq63M-e_pPTkZaA50&google_cver=1
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
310
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
27519
tags.bluekai.com/site/ Frame 7169
Redirect Chain
  • http://tags.bluekai.com/site/27519?id=CmUMLllnKMILbwSuQa3VAg%3D%3D&ret=html&random=1499932866899
  • http://tags.bluekai.com/site/27519?dt=0&r=1929413135&sig=878419092&bkca=KJpnEnaNpQlN2z7J04wt24HJvQXreDy6e7B1PpPt9uvNG+xutT0ulO0NGLuXkwhzV61Eu6+nR01n1p1nu6L9qcXuTQ==
 		0
0
57122
cs.forbrugerpost.dk/
Redirect Chain
  • https://jellyclick.com/r/lb/59?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
  • https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
 		0
0
57122
cs.forbrugerpost.dk/ Frame 7221 		28 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:d56a , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / ASP.NET
Resource Hash
bb66ec8e251a1f3ad0ee77b6a31042e22730d1f82e9bad59359250f24a68e6f4

Request headers

Upgrade-Insecure-Requests
1
Referer
http://butthurt.co/saf.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
server
cloudflare-nginx
x-aspnet-version
4.0.30319
status
200
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
cf-ray
37dab668c90b15ad-FRA
content-length
10053
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ Frame 7221 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Jul 2016 07:16:39 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b682714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 7221 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 24 Oct 2016 16:32:19 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b692714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 7221 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 20:02:02 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b6a2714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ Frame 7221 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2016 23:01:58 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b6b2714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/ Frame 7221 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Jul 2016 07:16:39 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b6c2714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
validator.js
cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/ Frame 7221 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/1000hz-bootstrap-validator/0.11.9/validator.js
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
522a88aa0357c11f0284531a0fc56b634b4150897fb28a9bee6b1a6ae2566557

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 06 Jan 2017 02:32:49 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b6d2714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
jquery.matchHeight-min.js
cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/ Frame 7221 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 19 Feb 2017 18:48:00 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b6e2714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
jquery.fittext.min.js
cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/ Frame 7221 		567 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/FitText.js/1.2.0/jquery.fittext.min.js
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c266 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2016 20:01:28 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
37dab66b8b6f2714-FRA
expires
Tue, 03 Jul 2018 08:01:08 GMT
giftcard_smarket_mobile_fi.jpg
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/3568/ Frame 7221 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/3568/giftcard_smarket_mobile_fi.jpg
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.63.33.206 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6f6256cff1855f09adc340691df91387213a26b620e499149aadcd695bdd5681

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 13 Jul 2017 08:01:07 GMT
Content-Encoding
image/jpeg
x-ms-meta-layoutid
3568
Last-Modified
Thu, 23 Feb 2017 07:42:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
7J0+XLxgKaeUI4To+cayyw==
ETag
0x8D45BBF82305597
Access-Control-Allow-Origin
*
x-ms-request-id
a5956d46-0001-0009-2fae-fb609b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
126447
giftcard_smarket_desktop_fi.jpg
campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/3568/ Frame 7221 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaignsys.blob.core.windows.net/newcampaignsystem/campaigngraphics/3568/giftcard_smarket_desktop_fi.jpg
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
168.63.33.206 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fd77057a7fa6bedaec7bf9e1c7fb633bb7a7f3b40caea9f17f8bdf3aec8732d6

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 13 Jul 2017 08:01:08 GMT
Content-Encoding
image/jpeg
x-ms-meta-layoutid
3568
Last-Modified
Thu, 23 Feb 2017 07:42:22 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
csbPzhMQtj6MX+SL33Dljw==
ETag
0x8D45BBF810F4FFF
Access-Control-Allow-Origin
*
x-ms-request-id
4c42d632-0001-003b-77ae-fb384b000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-layoutid,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
130090
42.jpg
randomuser.me/api/portraits/men/ Frame 7221 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/men/42.jpg
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5b7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
01c208e6282402b7f90751660368cef4632e2ec6bc6e906015702244b097d571

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2016 02:26:17 GMT
server
cloudflare-nginx
etag
"570716c9-138c"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
37dab66bfbd02738-FRA
content-length
5004
expires
Sat, 12 Aug 2017 08:01:08 GMT
1.jpg
randomuser.me/api/portraits/women/ Frame 7221 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/women/1.jpg
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5b7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7c408d5bb79392ba04b0b8a6294b4eee47a16ec377d3dae0c3108e918864bfad

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2016 02:26:17 GMT
server
cloudflare-nginx
etag
"570716c9-d84"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
37dab66bfbd22738-FRA
content-length
3460
expires
Sat, 12 Aug 2017 08:01:08 GMT
85.jpg
randomuser.me/api/portraits/women/ Frame 7221 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/women/85.jpg
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::681f:5b7e , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
aac75b47a57888f89ccce45eacdb050afb2863ceae6ed5da14217f23c7e5347b

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2016 02:26:17 GMT
server
cloudflare-nginx
etag
"570716c9-f48"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
37dab66bfbd32738-FRA
content-length
3912
expires
Sat, 12 Aug 2017 08:01:08 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 7221 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c366 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://cs.forbrugerpost.dk

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Oct 2016 16:31:35 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
37dab66c0d700899-FRA
content-length
77160
expires
Tue, 03 Jul 2018 08:01:08 GMT
fbds.js
connect.facebook.net/en_US/ Frame 7221 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: cs.forbrugerpost.dk
URL: https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6e77aa5bf9bebb032485b9d5b76a10dfa236758515216e7a48ee197df9dc053b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DyPJKOzQTfSCx2CRlGL4Bw==
status
200
content-length
2186
x-xss-protection
0
x-fb-debug
ZcRoexqNTg0lc01UPzsN1lTjDYseZP+J4we+O1ZmYaI0skBnKVExEPpZAdI8rFp+6LzexOg55eYrSJGmPCjl0g==
x-fb-content-md5
10ae68454420660c1b0a013d923db432
x-frame-options
DENY
date
Thu, 13 Jul 2017 08:01:08 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5a595c5f7eaac1243f1719a7c8e0b1b5"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
timing-allow-origin
*
expires
Wed, 12 Jul 2017 21:49:57 GMT
/
www.facebook.com/tr/ Frame 7221 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=748379285256387&ev=PixelInitialized&dl=https%3A%2F%2Fcs.forbrugerpost.dk%2F57122%3Fref%3Dadv_kab_cslb_59%26ref_id%3D1526463399%26sid%3D5684%23&rl=http%3A%2F%2Fbutthurt.co%2Fsaf.php&if=false&ts=1499932868530
Requested by
Host: butthurt.co
URL: http://butthurt.co/saf.php
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 13 Jul 2017 08:01:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 13 Jul 2017 08:01:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.dtscout.com
URL
http://t.dtscout.com/idg/
Domain
tags.bluekai.com
URL
http://tags.bluekai.com/site/27519?dt=0&r=1929413135&sig=878419092&bkca=KJpnEnaNpQlN2z7J04wt24HJvQXreDy6e7B1PpPt9uvNG+xutT0ulO0NGLuXkwhzV61Eu6+nR01n1p1nu6L9qcXuTQ==
Domain
cs.forbrugerpost.dk
URL
https://cs.forbrugerpost.dk/57122?ref=adv_kab_cslb_59&ref_id=1526463399&sid=5684

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.cs.forbrugerpost.dk/ Name: ARRAffinity
Value: 2fdd4c49adc14e102cf07244ab815643d42e33f2c69958f384204ead868a23e2
cs.forbrugerpost.dk/ Name: ASP.NET_SessionId
Value: yuxcwwoocc3nary4ujlhxdo4
.forbrugerpost.dk/ Name: __cfduid
Value: d3d8c2de356082f5adcfe61081f10dca61499932867

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

butthurt.co
campaignsys.blob.core.windows.net
cdn.tynt.com
cdnjs.cloudflare.com
connect.facebook.net
cs.forbrugerpost.dk
de.tynt.com
fonts.googleapis.com
fonts.gstatic.com
ic.tynt.com
ps.eyeota.net
randomuser.me
s.cpx.to
t.dtscout.com
tags.bluekai.com
whos.amung.us
widgets.amung.us
www.facebook.com
cs.forbrugerpost.dk
t.dtscout.com
tags.bluekai.com
104.16.87.26
146.185.16.146
168.63.33.206
208.100.17.184
208.100.17.187
2400:cb00:2048:1::6812:2af2
2400:cb00:2048:1::6813:c266
2400:cb00:2048:1::6813:c366
2400:cb00:2048:1::6819:d56a
2400:cb00:2048:1::681f:5b7e
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.156.121.57
52.50.52.103
67.202.94.93
69.4.231.30
01c208e6282402b7f90751660368cef4632e2ec6bc6e906015702244b097d571
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1df1fce4f60f0fb5cfc4ddcc9a9a465e7c6c2d952b96ed1d37f2a7e07ec30381
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
33b7354ac890e2966224040bb6ff8528c75ed881da802df526c58ff29b9e1266
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
522a88aa0357c11f0284531a0fc56b634b4150897fb28a9bee6b1a6ae2566557
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6e77aa5bf9bebb032485b9d5b76a10dfa236758515216e7a48ee197df9dc053b
6f6256cff1855f09adc340691df91387213a26b620e499149aadcd695bdd5681
77e267a30f46cd58becb5ffb613b0dad0c66b2ab36124e9107593586a4bf1564
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b89adef34d829fc509b8962a84f2359b2956b886efbf65c7f103ade816a77c5
7c408d5bb79392ba04b0b8a6294b4eee47a16ec377d3dae0c3108e918864bfad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
aac75b47a57888f89ccce45eacdb050afb2863ceae6ed5da14217f23c7e5347b
bb66ec8e251a1f3ad0ee77b6a31042e22730d1f82e9bad59359250f24a68e6f4
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
cc8ea8bcb70f48754fe8d7633e897e108d4b006bf2bdc75fc45d11c7a1035a0f
ce270434edfaf91acf8d0b64cffa3097e2c316d451bd0f5ccf3cf12c189dc5df
d3f4b9d67365687a2124cd0c394013fb3486074913f704a34d6024451a9ac3e8
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
f0e6fa165472584189d2dad2b3b3da269dc3763be89cf5b8b820abfbba9cbc87
f6ce04ba4ad492afccfe8bf8a1d6ad29e1b6fbb6be29e4173a6d10f00fd9cf16
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fd77057a7fa6bedaec7bf9e1c7fb633bb7a7f3b40caea9f17f8bdf3aec8732d6