urlscan.io logo urlscan.io
SecurityTrails logo

irisbejaia.fr.gd Open in urlscan Pro
193.238.27.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://irisbejaia.fr.gd/
Effective URL: https://irisbejaia.fr.gd/
Submission: On January 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 12 domains to perform 23 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is irisbejaia.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.
This is the only time irisbejaia.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 193.238.27.28 15598 (IPX-AS15598)
5 178.162.223.113 28753 (LEASEWEB-...)
1 178.162.223.114 28753 (LEASEWEB-...)
1 104.21.85.103 13335 (CLOUDFLAR...)
1 2 185.5.82.77 20546 (SOPRADO-ANY)
1 88.99.189.169 24940 (HETZNER-AS)
1 176.9.183.55 24940 (HETZNER-AS)
3 216.239.34.21 15169 (GOOGLE)
3 3.75.56.58 16509 (AMAZON-02)
1 3 52.28.39.71 16509 (AMAZON-02)
1 142.250.72.104 15169 (GOOGLE)
1 2 18.184.128.152 16509 (AMAZON-02)
1 2 104.26.12.215 ()
23 14
2    193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd
irisbejaia.fr.gd
5    178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com
theme.webme.com
1    178.162.223.114 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com
img.webme.com
1    104.21.85.103 (None, )

ASN13335 (CLOUDFLARENET, US)
asrv205.com
2    185.5.82.77 (Germany)

ASN20546 (SOPRADO-ANY, DE)
PTR: xb905524d.host.myracloud.com
t.adcell.com
1    88.99.189.169 (Ahnsbeck, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s30n57.meinserver.io
feuerwehrstore.de
1    176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de
fwdtrk.com
3    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
fwd.fwdtrk.com
3    3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
visifeed.org
3    52.28.39.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
api.yieldads.net
1    142.250.72.104 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f8.1e100.net
www.googletagmanager.com
2    18.184.128.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-128-152.eu-central-1.compute.amazonaws.com
yaketar.com
2    104.26.12.215 (None, )

ASN- ()
r.linksprf.com
Apex Domain
Subdomains		 Transfer
6 webme.com
theme.webme.com
img.webme.com — Cisco Umbrella Rank: 414033
55 KB
4 fwdtrk.com
fwdtrk.com
fwd.fwdtrk.com
182 KB
3 yieldads.net
api.yieldads.net — Cisco Umbrella Rank: 120597
15 KB
3 visifeed.org
visifeed.org — Cisco Umbrella Rank: 119580
2 KB
2 linksprf.com
r.linksprf.com
1 KB
2 yaketar.com
yaketar.com — Cisco Umbrella Rank: 676414
2 KB
2 adcell.com
t.adcell.com — Cisco Umbrella Rank: 57836
628 B
2 fr.gd
irisbejaia.fr.gd
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
134 B
1 feuerwehrstore.de
feuerwehrstore.de
11 MB
1 asrv205.com
asrv205.com
1 KB
0 atu.de Failed
partner.atu.de Failed
23 12
Domain Requested by
5 theme.webme.com irisbejaia.fr.gd
3 api.yieldads.net 1 redirects visifeed.org
api.yieldads.net
3 visifeed.org fwdtrk.com
visifeed.org
3 fwd.fwdtrk.com fwdtrk.com
fwd.fwdtrk.com
2 r.linksprf.com 1 redirects yaketar.com
2 yaketar.com 1 redirects api.yieldads.net
2 t.adcell.com 1 redirects asrv205.com
2 irisbejaia.fr.gd 1 redirects
1 www.googletagmanager.com fwdtrk.com
1 fwdtrk.com asrv205.com
1 feuerwehrstore.de asrv205.com
1 asrv205.com irisbejaia.fr.gd
1 img.webme.com irisbejaia.fr.gd
0 partner.atu.de Failed r.linksprf.com
23 14

This site contains links to these domains. Also see Links.

Domain
www.google.fr
www.yahoo.fr
www.jeuxclic.com
www.teteamodeler.com
www.ma-page.fr
Subject Issuer Validity Valid
fr.gd
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
misc.webme.com
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
img.webme.com
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
asrv205.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
adcell.com
Certum Domain Validation CA SHA2		 2023-07-28 -
2024-07-27		 a year crt.sh
fwdtrk.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
fwd.fwdtrk.com
GTS CA 1D4		 2023-12-13 -
2024-03-12		 3 months crt.sh
visifeed.org
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
api.yieldads.net
Amazon RSA 2048 M01		 2023-10-04 -
2024-11-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
yaketar.com
Amazon RSA 2048 M01		 2023-09-05 -
2024-10-04		 a year crt.sh
linksprf.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://irisbejaia.fr.gd/
Frame ID: 3BCECBC47337F0094DEEDA322E7F8306
Requests: 7 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: F08E14A3B5CC6E3DE4C5BF17E57BC296
Requests: 2 HTTP requests in this frame

Frame: https://t.adcell.com/p/view?promoId=365122&slotId=105746&pv=1
Frame ID: BA2B7289293194928C3F0647EE9FF16F
Requests: 1 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ5NDI0N30%3D
Frame ID: B96E7B0C5497EDB233D8700B3E864A8F
Requests: 4 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce26b8&ci=yCax4Qv%3B&its=9F%5Bt%2ALp5e%3Db%40%7EQD%3BvfPWbV_&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: 939820A54A363ABC1FF34F8C368A929A
Requests: 2 HTTP requests in this frame

Frame: https://partner.atu.de/servlet/effi.click?id_compteur=22923285&effi_id=v03040001439117d2937c3c64495fa4fe4e1737ddf5f0
Frame ID: 60A8792D5367DFEDC14D6006A9EA7723
Requests: 6 HTTP requests in this frame

Frame: https://fwd.fwdtrk.com/_/sw_iframe.html?origin=https%3A%2F%2Ffwdtrk.com&1p=1
Frame ID: 5BD53F5B5A3FC5FA5A33D68C12A72C97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ecole les iris de Bejaia - Page d'accueil

Page URL History Show full URLs

  1. http://irisbejaia.fr.gd/ HTTP 301
    https://irisbejaia.fr.gd/ Page URL

Page Statistics

23
Requests

91 %
HTTPS

0 %
IPv6

12
Domains

14
Subdomains

14
IPs

3
Countries

11501 kB
Transfer

11806 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://irisbejaia.fr.gd/ HTTP 301
    https://irisbejaia.fr.gd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://t.adcell.com/p/image?promoId=364452&slotId=105746 HTTP 302
  • https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg
Request Chain 19
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
  • https://yaketar.com/y?t=atu.de&cid=9919c0072618e59b169c22407632951f2bf6f1e5aa263e547caf59484505abd7&identifier=e459f741d0231390 HTTP 302
  • https://yaketar.com/search/atu.de
Request Chain 20
  • https://r.linksprf.com/v1/redirect?url=https://atu.de&api_key=bfbba305ac09de6ffebd06af78a8e794&site_id=4d297fa368bf43fd929d8514ce823be2&type=url&source=https://yaketar.com/de/search/atu.de&yk_tag=9919c0072618e59b169c22407632951f2bf6f1e5aa263e547caf59484505abd7 HTTP 302
  • https://r.linksprf.com/v2/go?t=0t5pd%3A7%2F7rece.4ffi9i4tcoc.3o2%2F7e1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r1sdm9c7n3i6a4l5faefk4a1t3%2Fdsftfh&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1706494251628&cu=17d2937c3c64495fa4fe4e1737ddf5f0&ykuid=6a3b16d0539a4c90a59247f7f9105994&sc=1&cs=f5dd13ee6a3984dcb9d2f9c68157b490
Request Chain 21
  • https://track.effiliation.com/servlet/effi.click?id_compteur=22923285&effi_id=v03040001439117d2937c3c64495fa4fe4e1737ddf5f0 HTTP 302
  • https://partner.atu.de/servlet/effi.click?id_compteur=22923285&effi_id=v03040001439117d2937c3c64495fa4fe4e1737ddf5f0

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
irisbejaia.fr.gd/
Redirect Chain
  • http://irisbejaia.fr.gd/
  • https://irisbejaia.fr.gd/
27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
fr.gd
Software
nginx /
Resource Hash
65225f6a3e0129b7f05de38e604525cf201bdfff0a629c854565ebd01dc5bae5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-15
Date
Mon, 29 Jan 2024 02:10:46 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Via
1.1 varnish-v4
X-Varnish
190486526
X-wm-1
64ef455219bf45ba236b8d390f06c9ce
X-wm-VIP
193.238.27.28
X-wm-req.backend
SitesGET
X-wm-req.backend.healthy
true
X-wm-req.restarts
0

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 29 Jan 2024 02:10:45 GMT
Location
https://irisbejaia.fr.gd/
Server
Varnish
X-Varnish
194805796
head.gif
theme.webme.com/designs/butterfly/images_blau/ 		55 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/butterfly/images_blau/head.gif
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
268fef5014d6b57e85129de6c7dc9c6205bedc1d38beb57cfb51a232f59ac937

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irisbejaia.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 02:10:47 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:44 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
51960
Content-Type
image/gif
X-Varnish
45616867, 479101818 463884840
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55
Expires
Sun, 10 Mar 2024 11:44:47 GMT
img_0115.jpg
img.webme.com/pic/i/irisbejaia/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/i/irisbejaia/img_0115.jpg
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
ad531c36584cd2d11102ca1190893ed0a1743a95b86b92e2b911824ec3628f1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irisbejaia.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 02:10:47 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 21 Dec 2014 23:56:11 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
0
ETag
"54975e1b-41ce"
X-Varnish
190846022, 479268838
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16846
eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=
asrv205.com/adframe/ Frame F08E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.85.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
134a38df4ee8a8579a2739885421ce4ec48ea0cc4c929132506de67b67190e7a

Request headers

Referer
https://irisbejaia.fr.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84cdf0d35aa47b32-DEN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 02:10:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0RP7eX14M%2Bjtpl7jT73TmAsMnfAMBDK1yBmKHNBIBe5lwMaDCy5ZhWAWMzUSYU069YS32qnYBCXxbAXtCm1%2B9I5DHRUesrUV%2FTKH7EgwvytZ7ElJDI%2F3xAqNq7L4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
headline_bg.gif
theme.webme.com/designs/butterfly/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/butterfly/images/headline_bg.gif
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1c55b41959563971bf06bb948fa2ddf094f68fab24127dce3a6caae6bf8942fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irisbejaia.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 02:10:47 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:44 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
79309
Content-Type
image/gif
X-Varnish
1068908745, 479101822 448495554
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7077
Expires
Sun, 10 Mar 2024 04:08:57 GMT
navi.gif
theme.webme.com/designs/butterfly/images/ 		216 B
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/butterfly/images/navi.gif
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
21d2c4a337fb0df27376038630a9c87d292ecf4bcb10d4fc7f4151601b76afd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irisbejaia.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 02:10:47 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:44 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
58035
Content-Type
image/gif
X-Varnish
30168345, 479040118 463087694
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
216
Expires
Sun, 10 Mar 2024 10:03:31 GMT
category_bg.gif
theme.webme.com/designs/butterfly/images_blau/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/butterfly/images_blau/category_bg.gif
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
50257dfce81f54b6f761ae97bfdb57be4a3db84ac5bc7c5f2db251b35f4db660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irisbejaia.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 02:10:47 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:44 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
48889
Content-Type
image/gif
X-Varnish
48521945, 479101832 463796276
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22574
Expires
Sun, 10 Mar 2024 12:35:57 GMT
headline_bg.gif
theme.webme.com/designs/butterfly/images// 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://theme.webme.com/designs/butterfly/images//headline_bg.gif
Requested by
Host: irisbejaia.fr.gd
URL: https://irisbejaia.fr.gd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
1c55b41959563971bf06bb948fa2ddf094f68fab24127dce3a6caae6bf8942fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irisbejaia.fr.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Mon, 29 Jan 2024 02:10:47 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Tue, 20 May 2014 07:37:44 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
58035
Content-Type
image/gif
X-Varnish
30168347, 479040128 411169031
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7077
Expires
Sun, 10 Mar 2024 10:03:31 GMT
300-250-copyZO0mcZt7SwAPP.jpg
feuerwehrstore.de/media/image/41/f5/7a/ Frame F08E
Redirect Chain
  • https://t.adcell.com/p/image?promoId=364452&slotId=105746
  • https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg
11 MB
11 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Server
88.99.189.169 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30n57.meinserver.io
Software
nginx /
Resource Hash
94630d41fac805597c3df017110fe1627315e10e89d0f3f02a2023f00a7df25a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://asrv205.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 02:10:48 GMT
last-modified
Sun, 17 Dec 2023 16:03:16 GMT
server
nginx
etag
"657f1bc4-af6a2f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11495983
expires
Wed, 28 Feb 2024 02:10:48 GMT

Redirect headers

date
Mon, 29 Jan 2024 02:10:47 GMT
strict-transport-security
max-age=15768000
server
myracloud
content-type
text/html
location
https://feuerwehrstore.de/media/image/41/f5/7a/300-250-copyZO0mcZt7SwAPP.jpg
cache-control
max-age=0
content-length
0
expires
Mon, 29 Jan 2024 02:10:47 GMT
view
t.adcell.com/p/ Frame BA2B 		42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.adcell.com/p/view?promoId=365122&slotId=105746&pv=1
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.5.82.77 , Germany, ASN20546 (SOPRADO-ANY, DE),
Reverse DNS
xb905524d.host.myracloud.com
Software
myracloud /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
42
content-type
image/gif
date
Mon, 29 Jan 2024 02:10:47 GMT
expires
Sat, 11 Jan 2003 12:59:00 GMT
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
pragma
no-cache
server
myracloud
strict-transport-security
max-age=15768000
eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN...
fwdtrk.com/track/ Frame B96E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ5NDI0N30%3D
Requested by
Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.183.9.176.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer
https://asrv205.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 02:10:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
track
fwd.fwdtrk.com/ Frame B96E 		185 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwd.fwdtrk.com/track?id=
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ5NDI0N30%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Tag Manager /
Resource Hash
dc442564cf8ad4868092d28c5907311f438e0ee57074f3fe21510388fdca5fe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fwdtrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 02:10:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 29 Jan 2024 00:00:00 GMT
server
Google Tag Manager
via
1.1 google
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
x-xss-protection
0
d
visifeed.org/ Frame 9398 		405 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ5NDI0N30%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
d25bf5ea739662445b9717c0778d0696293dacea35b4ec89dadf0e74c1da8310

Request headers

Referer
https://fwdtrk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 02:10:48 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
i
visifeed.org/ Frame 9398 		410 B
735 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce26b8&ci=yCax4Qv%3B&its=9F%5Bt%2ALp5e%3Db%40%7EQD%3BvfPWbV_&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
a13a59cbdfad36a84a246664256a49445db8e3496f87fe2c5d510c7ced390815

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 02:10:48 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
js
fwd.fwdtrk.com/gtag/ Frame B96E 		270 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fwd.fwdtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Requested by
Host: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
/
Resource Hash
93a3fba362c36f98303608dafec3a34f94f5f50592548d98014d719a59244fd9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fwdtrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
application/javascript; charset=UTF-8
date
Mon, 29 Jan 2024 02:10:48 GMT
cache-control
private, max-age=900
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
expires
Mon, 29 Jan 2024 02:25:32 GMT
d
visifeed.org/ Frame 60A8 		347 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&ci=yCax4Qv%3B&its=9F%5Bt%2ALp5e%3Db%40%7EQD%3BvfPWbV_&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by
Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce26b8&ci=yCax4Qv%3B&its=9F%5Bt%2ALp5e%3Db%40%7EQD%3BvfPWbV_&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash
54da9541d6a24d3c36aa06fb6c4491176e02f37ccbbf87a5ed094c1e5f6befc6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 02:10:48 GMT
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
PHP/7.4.25
redirect
api.yieldads.net/ Frame 60A8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by
Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&ci=yCax4Qv%3B&its=9F%5Bt%2ALp5e%3Db%40%7EQD%3BvfPWbV_&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/8.2.15
Resource Hash
e127d4042a2d2f24e7f363dcb1c1508d07a577a5fb25cc1e872ba3ad7ee1296a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 02:10:49 GMT
server
nginx
x-powered-by
PHP/8.2.15
sw_iframe.html
fwd.fwdtrk.com/_/ Frame 5BD5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fwd.fwdtrk.com/_/sw_iframe.html?origin=https%3A%2F%2Ffwdtrk.com&1p=1
Requested by
Host: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/gtag/js?id=G-B6LHGYT55G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
/
Resource Hash
39819e35d9f8ad70a0cbe9e6731d8042df5f3a379d16baa7b1ac66608460624c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=900
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 02:10:49 GMT
expires
Mon, 29 Jan 2024 02:25:49 GMT
vary
Accept-Encoding
via
1.1 google
fp.min.js
api.yieldads.net/js/ Frame 60A8 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.yieldads.net/js/fp.min.js
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.39.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-39-71.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 02:10:49 GMT
content-encoding
gzip
last-modified
Wed, 24 Jan 2024 15:47:06 GMT
server
nginx
etag
W/"65b130fa-864c"
content-type
application/javascript
a
www.googletagmanager.com/ Frame B96E 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?ctid=G-B6LHGYT55G&t=s&si=785&m=0&iss=4&sid=4559635844052153&cc=1&tl=3&hc=1&cl=0&pid=162232187&bc=1
Requested by
Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MjksImNyZWF0aXZlX2lkIjozOSwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ5NDI0N30%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fwdtrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 02:10:50 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
atu.de
yaketar.com/search/ Frame 60A8
Redirect Chain
  • https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
  • https://yaketar.com/y?t=atu.de&cid=9919c0072618e59b169c22407632951f2bf6f1e5aa263e547caf59484505abd7&identifier=e459f741d0231390
  • https://yaketar.com/search/atu.de
518 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yaketar.com/search/atu.de
Requested by
Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.128.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-128-152.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
460c39041ff5c8a87b4526265fa679fb0325a0732d643bb7c0dcf8fd97370b28

Request headers

Referer
https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=7fea5788aff9a215a8f7eb25fc593e4edb6cfe1cd0338781b28acf2bedce2600&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 02:10:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 29 Jan 2024 02:10:50 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://yaketar.com/search/atu.de
pragma
no-cache
referrer-policy
no-referrer
server
nginx
x-powered-by
PHP/7.1.33
go
r.linksprf.com/v2/ Frame 60A8
Redirect Chain
  • https://r.linksprf.com/v1/redirect?url=https://atu.de&api_key=bfbba305ac09de6ffebd06af78a8e794&site_id=4d297fa368bf43fd929d8514ce823be2&type=url&source=https://yaketar.com/de/search/atu.de&yk_tag=9...
  • https://r.linksprf.com/v2/go?t=0t5pd%3A7%2F7rece.4ffi9i4tcoc.3o2%2F7e1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r1sdm9c7n3i6a4l5faefk4a1t3%2Fdsftfh&e=1&ai=27f77f5ced1d49daa...
1 KB
829 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.linksprf.com/v2/go?t=0t5pd%3A7%2F7rece.4ffi9i4tcoc.3o2%2F7e1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r1sdm9c7n3i6a4l5faefk4a1t3%2Fdsftfh&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1706494251628&cu=17d2937c3c64495fa4fe4e1737ddf5f0&ykuid=6a3b16d0539a4c90a59247f7f9105994&sc=1&cs=f5dd13ee6a3984dcb9d2f9c68157b490
Requested by
Host: yaketar.com
URL: https://yaketar.com/search/atu.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.215 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3028f853758483a86846dc88cca74632dfdd9a70857fcd909e8cd87ea3561c02

Request headers

Referer
https://yaketar.com/search/atu.de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84cdf0f14f117b2c-DEN
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 29 Jan 2024 02:10:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLoSr9HXQ%2FanCB%2FuPqS91So3w9PHdJPKQVyCvnU7aYw1vq2VSCJiwujmWV3Yqw5ojG0vNr9M7aYKBCvcRR3TbEb6gM89bQn5RHG7nUG5y%2FdmU2CNn9v9VqsmT%2Fw3SF8l"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
84cdf0ee5ac97b2c-DEN
content-length
0
date
Mon, 29 Jan 2024 02:10:51 GMT
location
/v2/go?t=0t5pd%3A7%2F7rece.4ffi9i4tcoc.3o2%2F7e1v3e1%2F0f4i3cvidk_if_eo5p2e2r22%3D9u3t8m%26cfdi%3Fic%3Dl0.0f0e0t4l9r1sdm9c7n3i6a4l5faefk4a1t3%2Fdsftfh&e=1&ai=27f77f5ced1d49daac2ee3dc8e6d06f0&sct=0&ct=1706494251628&cu=17d2937c3c64495fa4fe4e1737ddf5f0&ykuid=6a3b16d0539a4c90a59247f7f9105994&sc=1&cs=f5dd13ee6a3984dcb9d2f9c68157b490
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="CAO PSA OUR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVGbJ3La2zfkCh8E4HdPBDt6qsv9Wrh0oU5UPalGPqrAQ5%2F1e1u5x0%2BssYHERYXjf2i1rKT%2FtRW1pf2hSrsZObfnaJXCyIXDkTmTsm1ksKm3eajWQcYsDI71afhwzypn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
effi.click
partner.atu.de/servlet/ Frame 60A8
Redirect Chain
  • https://track.effiliation.com/servlet/effi.click?id_compteur=22923285&effi_id=v03040001439117d2937c3c64495fa4fe4e1737ddf5f0
  • https://partner.atu.de/servlet/effi.click?id_compteur=22923285&effi_id=v03040001439117d2937c3c64495fa4fe4e1737ddf5f0
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
partner.atu.de
URL
https://partner.atu.de/servlet/effi.click?id_compteur=22923285&effi_id=v03040001439117d2937c3c64495fa4fe4e1737ddf5f0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| dateTimeOffset function| getElementsByClassNameLocalTimeWrapper

5 Cookies

Domain/Path Name / Value
.irisbejaia.fr.gd/ Name: PHPSESSID
Value: f38de8f8de87b1dc40740b0d5b8f2363
t.adcell.com/ Name: ADCELLvpid12016
Value: 365122-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401706494247
api.yieldads.net/ Name: AWSALBTGCORS
Value: xnZu9SKFfdBDva8OQiPVpujsBxdjKHGoPxfV4X8QlGbwlSPXqWknEK4kKtOSuaMm5PuQf/6HVCldonU3D9KdxgT2dSGDp1wcyNXLt6YRwn6axNMtWpGXmeX6yzdlDVUzq2HD+VQQmQU25msWq6Cbyx9qeXFd0NeIAvjmzxroUvBmuuqb95Y=
api.yieldads.net/ Name: AWSALBCORS
Value: +VP8Mwnl1Dhc7rQpkGAu0iIE4D2cu6KwB6t+b2p0+m2MHvf9vGm2naHgkTJQG4mXn4mYCPH0mlkNFKA4y1iaBMyEM3Zl3GICDuD3pwfbL1m6EBaQO0e4nxExU2df
yaketar.com/ Name: AWSALBCORS
Value: AGsT6UJfZqizZsTtprNNvNqHJ+YMoBeIkplVw6rx7ibH0QtCO7zCVhrNXKyPqv7jTfca9NNjWmB3WUcL/7c/Su3GQX6nStshPfOsFpfq+q8koM3Wlk+ipNW7lr+s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.yieldads.net
asrv205.com
feuerwehrstore.de
fwd.fwdtrk.com
fwdtrk.com
img.webme.com
irisbejaia.fr.gd
partner.atu.de
r.linksprf.com
t.adcell.com
theme.webme.com
visifeed.org
www.googletagmanager.com
yaketar.com
partner.atu.de
104.21.85.103
104.26.12.215
142.250.72.104
176.9.183.55
178.162.223.113
178.162.223.114
18.184.128.152
185.5.82.77
193.238.27.28
216.239.34.21
3.75.56.58
52.28.39.71
88.99.189.169
134a38df4ee8a8579a2739885421ce4ec48ea0cc4c929132506de67b67190e7a
1c55b41959563971bf06bb948fa2ddf094f68fab24127dce3a6caae6bf8942fc
21d2c4a337fb0df27376038630a9c87d292ecf4bcb10d4fc7f4151601b76afd6
268fef5014d6b57e85129de6c7dc9c6205bedc1d38beb57cfb51a232f59ac937
3028f853758483a86846dc88cca74632dfdd9a70857fcd909e8cd87ea3561c02
39819e35d9f8ad70a0cbe9e6731d8042df5f3a379d16baa7b1ac66608460624c
460c39041ff5c8a87b4526265fa679fb0325a0732d643bb7c0dcf8fd97370b28
50257dfce81f54b6f761ae97bfdb57be4a3db84ac5bc7c5f2db251b35f4db660
54da9541d6a24d3c36aa06fb6c4491176e02f37ccbbf87a5ed094c1e5f6befc6
65225f6a3e0129b7f05de38e604525cf201bdfff0a629c854565ebd01dc5bae5
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
93a3fba362c36f98303608dafec3a34f94f5f50592548d98014d719a59244fd9
94630d41fac805597c3df017110fe1627315e10e89d0f3f02a2023f00a7df25a
a13a59cbdfad36a84a246664256a49445db8e3496f87fe2c5d510c7ced390815
ad531c36584cd2d11102ca1190893ed0a1743a95b86b92e2b911824ec3628f1f
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
d25bf5ea739662445b9717c0778d0696293dacea35b4ec89dadf0e74c1da8310
dc442564cf8ad4868092d28c5907311f438e0ee57074f3fe21510388fdca5fe3
e127d4042a2d2f24e7f363dcb1c1508d07a577a5fb25cc1e872ba3ad7ee1296a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855