serveur-h.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.mesoffresdujour-02.fr/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6d79e87fe49e93469585605
Effective URL:
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Submission: On January 25 via manual (January 25th 2024, 10:11:47 am UTC) from FR — Scanned from FR

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is serveur-h.fun.
TLS certificate: Issued by E1 on December 1st 2023. Valid for: 3 months.

This is the only time serveur-h.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.178.55.203 51.178.55.203	16276 (OVH) (OVH)
1 3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
8	2001:41d0:301... 2001:41d0:301:3::29	16276 (OVH) (OVH)
1	3.74.12.115 3.74.12.115	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
15	5

1 51.178.55.203 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: vps-67ca07d0.vps.ovh.net

track.mesoffresdujour-02.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

serveur-h.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:41d0:301:3::29 (France)

ASN16276 (OVH, FR)

trckgamaff.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.12.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-12-115.eu-central-1.compute.amazonaws.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	trckgamaff.fr trckgamaff.fr	662 KB
3	gstatic.com fonts.gstatic.com	94 KB
3	serveur-h.fun 1 redirects serveur-h.fun	5 KB
1	tradedoubler.com impfr.tradedoubler.com — Cisco Umbrella Rank: 96225	280 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	1 KB
1	mesoffresdujour-02.fr 1 redirects track.mesoffresdujour-02.fr	148 B
15	6

	Domain	Requested by
8	trckgamaff.fr	serveur-h.fun
3	fonts.gstatic.com	fonts.googleapis.com
3	serveur-h.fun	1 redirects serveur-h.fun
1	impfr.tradedoubler.com	serveur-h.fun
1	fonts.googleapis.com	serveur-h.fun
1	track.mesoffresdujour-02.fr	1 redirects
15	6

This site contains no links.

Subject Issuer	Validity	Valid
serveur-h.fun E1	`2023-12-01` - `2024-02-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
trckgamaff.fr R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.tradedoubler.com Amazon RSA 2048 M03	`2023-09-06` - `2024-10-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Frame ID: 9DA5445BDE3085E133FEAAB38A960A59
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guide-invest

Page URL History Show full URLs

https://track.mesoffresdujour-02.fr/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6... HTTP 301
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6... HTTP 301
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

761 kB
Transfer

786 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.mesoffresdujour-02.fr/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6d79e87fe49e93469585605 HTTP 301
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6d79e87fe49e93469585605 HTTP 301
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request na32816gjpec0 Show response
serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/
Redirect Chain

https://track.mesoffresdujour-02.fr/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6d79e87fe49e93469585605
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/track-url/na32816gjpec0/efba6ae4e549d36cf6d79e87fe49e93469585605
https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0

27 KB
4 KB

114ms
114ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b3fa835f9cf1498b15913eeba3a9850fc56b2fe67b4482371c601700cc94b2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84afbbce1c566f93-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 10:11:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JucJ59nbAeoZNc74ZM6V89w69s903FANr%2F3pkvO61IrclFFRsxMb2tBZ%2FWZm3qnCFZ%2BFpnaHJrWIPIu0OZbkRXU2RKhyxP4GqyysHAvCYtO9dHpmS4Zo%2FBzFkKko7AHz%2BVwEXYCGlLxOVrSK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 84afbbcd2b326f93-CDG
content-type: text/html; charset=UTF-8
date: Thu, 25 Jan 2024 10:11:42 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 25 Jan 2024 10:11:42 GMT
location: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3nqWGP0kLSMWed1G9dobnlkPkVdOOUbxU%2FtXDZsoYdyp5sbGSRRB7nezw4q5QNF9u3dsk5eP3Mvz1ZpQrv45rWMuuYhm4cbI9j6Dmw5c6Gwq%2B9oZjV4sD65eW1B0vnmKHs633j72OFGyEiJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 93ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Requested by

Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 10:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 08:52:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jan 2024 10:11:42 GMT

GET
H2 200 header.png
trckgamaff.fr/mediamoov/janvier24/ 521 KB
521 KB 86ms
19ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/header.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 35b0310e93113ce69d041c4d0c2252b9b1a3f7e3455aff30e4ea3b45603ec2f0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:48 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 533021
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 pictos-3.png
trckgamaff.fr/mediamoov/janvier24/ 4 KB
5 KB 117ms
50ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/pictos-3.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 03262205b7cb12f1265807ce846d53bffa01c239e4e639b524cb5ab84e987ce8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:49 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 4555
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 pictos-2.png
trckgamaff.fr/mediamoov/janvier24/ 7 KB
7 KB 115ms
49ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/pictos-2.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8131792dc53e573d465b12e082aa61c96179a6288ac1db738290bb66f01a6a06

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:49 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 7442
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 pictos-1.png
trckgamaff.fr/mediamoov/janvier24/ 5 KB
5 KB 84ms
18ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/pictos-1.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 19474fb5325902abc91ce0a41845c6cebc429a0859a84752b8c68c08fbcb9797

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:49 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 4981
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 pictos-4.png
trckgamaff.fr/mediamoov/janvier24/ 3 KB
3 KB 114ms
48ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/pictos-4.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 8a61117c738c48d87d7552aae356abd135e1f4b839c819c7b65a0bc07917ecd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:48 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 3237
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 pictos-5.png
trckgamaff.fr/mediamoov/janvier24/ 9 KB
9 KB 128ms
63ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/pictos-5.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: ba1d9623486f59dfd13d71f0ae9a3ec6e1d0632360f7e077df3cf42824aa7183

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:48 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 9074
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 pictos-6.png
trckgamaff.fr/mediamoov/janvier24/ 3 KB
3 KB 76ms
76ms Image
image/png 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/pictos-6.png
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: d40b56be872964b977a9214a9b5e26fe79791f4cdb09b0dad2d8f6293ebb9f55

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:49 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 3041
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 voiture-elec.jpg
trckgamaff.fr/mediamoov/janvier24/ 107 KB
108 KB 77ms
77ms Image
image/jpeg 2001:41d0:301:3::29
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trckgamaff.fr/mediamoov/janvier24/voiture-elec.jpg
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:301:3::29 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 011d016bbd70e94ba1a007c94c8415d8069f8f715a6f09f7465b3944a0f8eeae

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
last-modified: Tue, 16 Jan 2024 15:17:49 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=900
accept-ranges: bytes
content-length: 109807
expires: Thu, 25 Jan 2024 10:26:42 GMT

GET
H2 200 imp
impfr.tradedoubler.com/ 1 B
280 B 99ms
26ms Image
text/html 3.74.12.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impfr.tradedoubler.com/imp?type(img)g(25574280)a(3216614)
Requested by: Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.12.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-12-115.eu-central-1.compute.amazonaws.com
Software: TXServerHttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 10:11:42 GMT
referrer-policy: origin
server: TXServerHttp
content-type: text/html; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, max-age=0
content-length: 1

GET
H3 200 na32816gjpec0
serveur-h.fun/index.php/campaigns/vf515hna3r9bd/track-opening/ 0
607 B 125ms
124ms Image
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/track-opening/na32816gjpec0

Requested by

Host: serveur-h.fun
URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 10:11:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 25 Jan 2024 10:11:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qR6nr2cG6XJ6NSX0fQsnkWXKe2NdIMTZ1LGRm9FCkSGvH37Lwb3KuLKeLnwOGubCHZ4gVzwKb58NvfOe94jkQ9kmldMfvpraYw%2B%2F7WfVSJcGPCXbNPDWNFujHYMTzmBA7U0%2BH0YM9H3HCTxW"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-fastcgi-cache: BYPASS
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84afbbced8c76eba-CDG
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 108ms
52ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://serveur-h.fun
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 23:39:54 GMT
x-content-type-options: nosniff
age: 124308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 23:39:54 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 123ms
67ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://serveur-h.fun
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 19:39:36 GMT
x-content-type-options: nosniff
age: 484326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 19:39:36 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 81ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://serveur-h.fun
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 03:33:17 GMT
x-content-type-options: nosniff
age: 196705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 03:33:17 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			serveur-h.fun/	1969-12-31 23:59:59	Name: mwsid Value: 9qm07hp5j8840q8kg7vons3g15
			.tradedoubler.com/	1970-01-21 02:41:53	Name: UI Value: 1z11zz15FzpQ8Jaz1VFFyQXBB

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0 Message: Mixed Content: The page at 'https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0' was loaded over HTTPS, but requested an insecure element 'http://impfr.tradedoubler.com/imp?type(img)g(25574280)a(3216614)'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0(Line 465) Message: Mixed Content: The page at 'https://serveur-h.fun/index.php/campaigns/vf515hna3r9bd/web-version/na32816gjpec0' was loaded over HTTPS, but requested an insecure element 'http://impfr.tradedoubler.com/imp?type(img)g(25574280)a(3216614)'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
impfr.tradedoubler.com
serveur-h.fun
track.mesoffresdujour-02.fr
trckgamaff.fr
2001:41d0:301:3::29
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
3.74.12.115
51.178.55.203
011d016bbd70e94ba1a007c94c8415d8069f8f715a6f09f7465b3944a0f8eeae
03262205b7cb12f1265807ce846d53bffa01c239e4e639b524cb5ab84e987ce8
19474fb5325902abc91ce0a41845c6cebc429a0859a84752b8c68c08fbcb9797
1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3
35b0310e93113ce69d041c4d0c2252b9b1a3f7e3455aff30e4ea3b45603ec2f0
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8131792dc53e573d465b12e082aa61c96179a6288ac1db738290bb66f01a6a06
89b3fa835f9cf1498b15913eeba3a9850fc56b2fe67b4482371c601700cc94b2
8a61117c738c48d87d7552aae356abd135e1f4b839c819c7b65a0bc07917ecd7
ba1d9623486f59dfd13d71f0ae9a3ec6e1d0632360f7e077df3cf42824aa7183
d40b56be872964b977a9214a9b5e26fe79791f4cdb09b0dad2d8f6293ebb9f55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

serveur-h.fun Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

761 kBTransfer

786 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

serveur-h.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

761 kB
Transfer

786 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions