urlscan.io logo urlscan.io
SecurityTrails logo

fake-reader.fr Open in urlscan Pro
188.165.53.185  Public Scan

Go To Rescan Add Verdict Report
URL: http://fake-reader.fr/
Submission: On November 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 188.165.53.185, located in France and belongs to OVH, FR. The main domain is fake-reader.fr.
This is the only time fake-reader.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 188.165.53.185 16276 (OVH)
3 208.93.230.18 29893 (CHATANGO)
5 212.83.152.79 12876 (Online SAS)
1 2a03:2880:f11... 32934 (FACEBOOK)
24 4
Domain Requested by
15 fake-reader.fr fake-reader.fr
5 ekladata.com fake-reader.fr
3 st.chatango.com fake-reader.fr
st.chatango.com
1 www.facebook.com fake-reader.fr
24 4

This site contains links to these domains. Also see Links.

Domain
www.fake-fansub.org
twitter.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://fake-reader.fr/
Frame ID: F66F7A0F2E3B709670C240271485AE47
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false
Frame ID: EC520C14740C24AFE0FAD7643213AA0F
Requests: 1 HTTP requests in this frame

Frame: http://st.chatango.com/h5/gz/r0915191710/id.html
Frame ID: 2626999F6337D720F1D027B85C2C3232
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

4 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

797 kB
Transfer

965 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
fake-reader.fr/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache / PHP/5.6
Resource Hash
1c76f37b1dcf55ce019f6cdf2cf608d02e66ff758f78cb974d8c0f44a5fb0e8a

Request headers

Host
fake-reader.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Server
Apache
X-Powered-By
PHP/5.6
Set-Cookie
ci_session=H831or0x1F8Hkarn2jYVvyTNYSec%2FPBAEcmNjPjxs%2BCDToaIq%2FGXx5Yr47nslBom0dcj8wqMTydDcbQteoqQ9jSgmlkxvQt7M82ohGtAtUhZX9Mb%2B1vRGNZLXk62r%2Fdxw1to%2FO3J4BsDHrqw9C4C0NmTPSl8xdtossh2yKNNTZUmWdWUTn8nLW7b10dzhyWDrBNooCOrIy9PqFS420jgteZcE19sCHpWVBjEuUyqV3QxHLNGpnOU7gJow6cHlA0lkt3lIIrb91mW2sA9Pqa5%2BPGaf61l4pNEvS%2B3Il3akCcIL8Y%2F%2Fo8SWHAJjyxuLysdgcm4b5hO9l6I7%2ByVumNNcyQYztbWl3m5kKAA3yip%2FpZSFxhy%2FUgC2U5v5xT5UUO%2Bphzz5Imx8Ang%2BwqkdZ2xbJfYnRaCZGtTDjdYe928kdI%3D; expires=Sun, 24-Nov-2019 07:10:29 GMT; Max-Age=7200; path=/ ci_session=9sBSwjdxLULPekcuIWwkdNseLD230GfJjEwbGdHIypdwUb4Ik8LBh5gamChuQqK5PtbdRgVAalQDBPDAkF8ExPFC2BabKPlJ%2FKfUd5wbNi7HP5jPuPbm5Q3pAtdmzPgXaksVl1vUDrvJ0aVL%2B5AbciBTl%2FhLg%2FNyRElN0vzHHQR9ZabduoX4r2YmtnY8bSp0IAFFRF3BVmPTLUA1Ow0%2FIsFtEtoHKvXNT7eNNC3NEcc0uPlMSh249aywSBkCniqaVW0HDSI9Ttv7ooaiI1Vo1daewBtlix%2FlepVIclWQidn7Oa4YmK%2FfP5cH0sNOdf5dbC2YsS%2BuEJV1MdMa%2FTWJB%2B8raZhkAOyF5Qhtx7ZQ0iMq8%2F4m9OZ7zRkptkDHz6LCPdc54jQPU3gw%2BLFbLYF0f7%2Fz2VfWdtRo2aWUiqfswss%3D; expires=Sun, 24-Nov-2019 07:10:29 GMT; Max-Age=7200; path=/ SERVERID17573=2120187|XdoQy|XdoQy; path=/
Expires
Sat, 01 Jan 2000 00:00:01 GMT
Cache-Control
post-check=0, pre-check=0, max-age=0
Last-Modified
Sun, 24 Nov 2019 05:10:29 GMT
Pragma
no-cache
Content-Encoding
gzip
Vary
Accept-Encoding
X-IPLB-Instance
18183
style.css
fake-reader.fr/content/themes/default/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/content/themes/default/style.css?v=0.8.19
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
0fb34b0af7b243ae6b2d80e45fdf83c9bd885214e44d21f953180143965c20d8

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Mar 2017 11:19:12 GMT
Server
Apache
X-IPLB-Instance
18183
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
3338
Expires
Sun, 24 Nov 2019 05:25:29 GMT
style.css
fake-reader.fr/content/themes/fakesub/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/content/themes/fakesub/style.css?v=0.8.19
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
b2adcd739400f9e0133c2caad8adc3712458b24525eebb9cc3add14abbc9dfa7

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2017 09:38:34 GMT
Server
Apache
X-IPLB-Instance
17180
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
3350
Expires
Sun, 24 Nov 2019 05:25:30 GMT
jquery.js
fake-reader.fr/assets/js/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/assets/js/jquery.js?v=0.8.19
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
daa9a7565d6e53d5c8bb9c5117760da97bf488259401444aac11f71abbfa63a6

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Mar 2017 11:05:30 GMT
Server
Apache
X-IPLB-Instance
18183
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
32058
Expires
Sun, 24 Nov 2019 05:25:30 GMT
jquery.plugins.js
fake-reader.fr/assets/js/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/assets/js/jquery.plugins.js?v=0.8.19
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
28b359946f288336f7010c24a9817c1942cd2b9bb664bb8985bb2dca90c50bee

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Mar 2017 11:05:33 GMT
Server
Apache
X-IPLB-Instance
10301
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
9622
Expires
Sun, 24 Nov 2019 05:25:30 GMT
emb.js
st.chatango.com/js/gz/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://st.chatango.com/js/gz/emb.js
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
208.93.230.18 , United States, ASN29893 (CHATANGO - Chatango LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
443478b3f1d5cb94210bfc03b4d1508856d87de44b0f7f6faaef5307ea9f7054

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Sep 2019 00:14:07 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24621
Expires
Sun, 24 Nov 2019 05:10:30 GMT
feed-icon-28x28.png
fake-reader.fr/content/themes/default/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/content/themes/default/images/feed-icon-28x28.png
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Last-Modified
Mon, 27 Mar 2017 11:19:23 GMT
Server
Apache
X-IPLB-Instance
17180
Content-Type
image/png
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
1737
Expires
Sun, 24 Nov 2019 05:25:30 GMT
bird_16_blue.png
fake-reader.fr/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/assets/images/bird_16_blue.png
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
760e6a18b32bdc792c07a47795d7c5589241f0b90bd53a0f6b33f5b62c93c43a

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Last-Modified
Mon, 27 Mar 2017 11:05:16 GMT
Server
Apache
X-IPLB-Instance
17180
Content-Type
image/png
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
1592
Expires
Sun, 24 Nov 2019 05:25:30 GMT
nivo-slider.css
fake-reader.fr/assets/js/ 		1 KB
952 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/assets/js/nivo-slider.css
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
adced8a5f51ccf282204eb668705faf99302738739c88f894d836f680f9545f3

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Mar 2017 11:05:34 GMT
Server
Apache
X-IPLB-Instance
10301
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
628
Expires
Sun, 24 Nov 2019 05:25:30 GMT
default.css
fake-reader.fr/assets/js/nivoThemes/default/ 		1 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/assets/js/nivoThemes/default/default.css
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
607f7f2ef6af93268b92008ac0e56c028833845b4920b2886f5fb21e2b5f0f7d

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Mar 2017 11:14:17 GMT
Server
Apache
X-IPLB-Instance
10301
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
619
Expires
Sun, 24 Nov 2019 05:25:30 GMT
jquery.nivo.slider.pack.js
fake-reader.fr/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fake-reader.fr/assets/js/jquery.nivo.slider.pack.js
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
2bc715b86c77b54108af299fcafbddd5ca24eb71aa3c769b5623938d2d5cb2ae

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Mar 2017 11:05:32 GMT
Server
Apache
X-IPLB-Instance
17180
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
3377
Expires
Sun, 24 Nov 2019 05:25:30 GMT
30.jpg
ekladata.com/SgBmrBHqY3ZYt5jno1Ksm8jheyo/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekladata.com/SgBmrBHqY3ZYt5jno1Ksm8jheyo/30.jpg
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
212.83.152.79 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
eklablog.com
Software
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact) /
Resource Hash
697214839535b7d638aebbf67e4358ed07c9ac3c32b4811238f64adb6c8d1087

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Via
1.1 varnish-v4
Age
0
Transfer-Encoding
chunked
Connection
close
X-Riak-Vclock
a85hYGBgzGDKBVIcKTw+z8Ii2N9mMCUy5rEyJGeHXOLLAgA=
Last-Modified
Sat, 01 Apr 2017 18:20:19 GMT
Server
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact)
ETag
W/"Wgpnx3YPwJ2cpSmo8x0kg"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
28969919
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Type
image/jpeg
Link
</buckets/eklablog>; rel="up"
01.jpg
ekladata.com/aWTEEVznJRsxUdq_UYvyUyZkUpE/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekladata.com/aWTEEVznJRsxUdq_UYvyUyZkUpE/01.jpg
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
212.83.152.79 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
eklablog.com
Software
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact) /
Resource Hash
7a5aeb744bc1844f432af1c92863f7e5591d803c3e58a77b3632fd4e47d6a794

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Via
1.1 varnish-v4
Age
0
Transfer-Encoding
chunked
Connection
close
X-Riak-Vclock
a85hYGBgzGDKBVIcKTw+z8L2nXmcwZTImMfK8DvU/xJfFgA=
Last-Modified
Tue, 28 Mar 2017 21:47:39 GMT
Server
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact)
ETag
W/"gWRFeCklPkFvNINojWdgC"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
34114583
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Type
image/jpeg
Link
</buckets/eklablog>; rel="up"
wide-855px-lelv1.jpg
ekladata.com/YGjasRD_IZWks8Lj5FCbAIP0STw/ 		270 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekladata.com/YGjasRD_IZWks8Lj5FCbAIP0STw/wide-855px-lelv1.jpg
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
212.83.152.79 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
eklablog.com
Software
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact) /
Resource Hash
97bec3d54fe51147ada11987118f74f9e04ffafc8194bd6cfcb0c384ea1acda3

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Via
1.1 varnish-v4
Age
0
Transfer-Encoding
chunked
Connection
close
X-Riak-Vclock
a85hYGBgzGDKBVIcRhF7Vodtmn8kgymRMY+VQePho0t8WQA=
Last-Modified
Tue, 18 Jul 2017 19:44:40 GMT
Server
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact)
ETag
W/"68chQ9J4MCesjDBc8TDcKV"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
30085998
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Type
image/jpeg
Link
</buckets/eklablog>; rel="up"
51lel.jpg
ekladata.com/uOei4xOp44TzSWWU853BBFFKhqE/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekladata.com/uOei4xOp44TzSWWU853BBFFKhqE/51lel.jpg
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
212.83.152.79 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
eklablog.com
Software
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact) /
Resource Hash
880e2b4fb33a3797e1a129fcdcb7dcaae6415ebc78cdba8ff95544b84a788d85

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Via
1.1 varnish-v4
Age
0
Transfer-Encoding
chunked
Connection
close
X-Riak-Vclock
a85hYGBgzGDKBVIc/AfPZoXtqM3OYEpkzGNlsH786BJfFgA=
Last-Modified
Tue, 18 Jul 2017 19:53:31 GMT
Server
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact)
ETag
W/"7Hn1g9RNJ6Z18Ekb105bjo"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
27531878
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Type
image/jpeg
Link
</buckets/eklablog>; rel="up"
dark_stripes.png
fake-reader.fr/content/themes/fakesub/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/content/themes/fakesub/images/dark_stripes.png
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/assets/js/jquery.js?v=0.8.19
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
39bce84c9661317b7c01e1a9e3dda2d95c9d3ca54c7a4cfc5c3d7dfe94deefd0

Request headers

Referer
http://fake-reader.fr/content/themes/fakesub/style.css?v=0.8.19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Last-Modified
Mon, 27 Mar 2017 13:25:33 GMT
Server
Apache
X-IPLB-Instance
18183
Content-Type
image/png
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
1249
Expires
Sun, 24 Nov 2019 05:25:30 GMT
likebox.php
www.facebook.com/plugins/ Frame EC52
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false
  • https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://fake-reader.fr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://fake-reader.fr/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
6fFJ7XX9X3tq0V0PyBPplf6VVLf5GclBauKftNXwBxGH9KkRCOXSY9rVJw+7Wk0HUY9aFa2Q+KxsiyLrohvQwA==
date
Sun, 24 Nov 2019 05:10:30 GMT
alt-svc
h3-23=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FFakeSub%2F&width=290&colorscheme=light&show_faces=false&stream=false&header=false
Non-Authoritative-Reason
HSTS
background_noise_light.png
fake-reader.fr/content/themes/fakesub/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/content/themes/fakesub/images/background_noise_light.png
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
52bba0bd7738ab631dce62a32a6edbaaa0cbf48626663e2502109df3aac5ac3c

Request headers

Referer
http://fake-reader.fr/content/themes/fakesub/style.css?v=0.8.19
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Last-Modified
Mon, 27 Mar 2017 13:25:31 GMT
Server
Apache
X-IPLB-Instance
18183
Content-Type
image/png
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
13972
Expires
Sun, 24 Nov 2019 05:25:30 GMT
loading.gif
fake-reader.fr/assets/js/nivoThemes/default/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/assets/js/nivoThemes/default/loading.gif
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

Request headers

Referer
http://fake-reader.fr/assets/js/nivoThemes/default/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Last-Modified
Mon, 27 Mar 2017 11:14:17 GMT
Server
Apache
X-IPLB-Instance
18183
Content-Type
image/gif
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
1737
Expires
Sun, 24 Nov 2019 05:25:30 GMT
id.html
st.chatango.com/h5/gz/r0915191710/ Frame 2626 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://st.chatango.com/h5/gz/r0915191710/id.html
Requested by
Host: st.chatango.com
URL: http://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Server
208.93.230.18 , United States, ASN29893 (CHATANGO - Chatango LLC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
st.chatango.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://fake-reader.fr/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://fake-reader.fr/

Response headers

Server
nginx
Date
Sun, 24 Nov 2019 05:10:30 GMT
Content-Type
text/html
Content-Length
222063
Last-Modified
Mon, 16 Sep 2019 00:14:07 GMT
Connection
keep-alive
Expires
Mon, 23 Nov 2020 05:10:30 GMT
Cache-Control
max-age=31536000
Content-Encoding
gzip
P3P
CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges
bytes
r.json
st.chatango.com/cfg/nc/ 		20 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://st.chatango.com/cfg/nc/r.json?6504350020000179952314187
Requested by
Host: st.chatango.com
URL: http://st.chatango.com/js/gz/emb.js
Protocol
HTTP/1.1
Server
208.93.230.18 , United States, ASN29893 (CHATANGO - Chatango LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ed6cd152bed8e4282d4f39416d9542beb608c3755c476dc82fbca8db08ffe064

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
http://fake-reader.fr/
Origin
http://fake-reader.fr

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Last-Modified
Mon, 16 Sep 2019 00:14:07 GMT
Server
nginx
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
arrows.png
fake-reader.fr/assets/js/nivoThemes/default/ 		824 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/assets/js/nivoThemes/default/arrows.png
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/assets/js/jquery.js?v=0.8.19
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Request headers

Referer
http://fake-reader.fr/assets/js/nivoThemes/default/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:31 GMT
Last-Modified
Mon, 27 Mar 2017 11:14:16 GMT
Server
Apache
X-IPLB-Instance
18183
Content-Type
image/png
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
824
Expires
Sun, 24 Nov 2019 05:25:31 GMT
bullets.png
fake-reader.fr/assets/js/nivoThemes/default/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fake-reader.fr/assets/js/nivoThemes/default/bullets.png
Protocol
HTTP/1.1
Server
188.165.53.185 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6

Request headers

Referer
http://fake-reader.fr/assets/js/nivoThemes/default/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:31 GMT
Last-Modified
Mon, 27 Mar 2017 11:14:16 GMT
Server
Apache
X-IPLB-Instance
10301
Content-Type
image/png
Cache-Control
max-age=900
Accept-Ranges
bytes
Content-Length
1281
Expires
Sun, 24 Nov 2019 05:25:31 GMT
01.jpg
ekladata.com/aWTEEVznJRsxUdq_UYvyUyZkUpE/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ekladata.com/aWTEEVznJRsxUdq_UYvyUyZkUpE/01.jpg
Requested by
Host: fake-reader.fr
URL: http://fake-reader.fr/assets/js/jquery.js?v=0.8.19
Protocol
HTTP/1.1
Server
212.83.152.79 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
eklablog.com
Software
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact) /
Resource Hash
7a5aeb744bc1844f432af1c92863f7e5591d803c3e58a77b3632fd4e47d6a794

Request headers

Referer
http://fake-reader.fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date
Sun, 24 Nov 2019 05:10:30 GMT
Via
1.1 varnish-v4
Age
7
Transfer-Encoding
chunked
Connection
close
X-Riak-Vclock
a85hYGBgzGDKBVIcKTw+z8L2nXmcwZTImMfK8DvU/xJfFgA=
Last-Modified
Tue, 28 Mar 2017 21:47:39 GMT
Server
MochiWeb/1.1 WebMachine/1.10.0 (never breaks eye contact)
ETag
W/"gWRFeCklPkFvNINojWdgC"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
31918939 34114584
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Type
image/jpeg
Link
</buckets/eklablog>; rel="up"

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| createCookie object| messages function| create_message function| delete_message boolean| __twitterIntentHandler object| jQuery16203433350378373199 object| closure_lm_729710

4 Cookies

Domain/Path Name / Value
.chatango.com/ Name: _gid
Value: GA1.2.1965849981.1574572231
fake-reader.fr/ Name: SERVERID17573
Value: 2120187|XdoQy|XdoQy
.chatango.com/ Name: _ga
Value: GA1.2.995289856.1574572231
fake-reader.fr/ Name: ci_session
Value: 9sBSwjdxLULPekcuIWwkdNseLD230GfJjEwbGdHIypdwUb4Ik8LBh5gamChuQqK5PtbdRgVAalQDBPDAkF8ExPFC2BabKPlJ%2FKfUd5wbNi7HP5jPuPbm5Q3pAtdmzPgXaksVl1vUDrvJ0aVL%2B5AbciBTl%2FhLg%2FNyRElN0vzHHQR9ZabduoX4r2YmtnY8bSp0IAFFRF3BVmPTLUA1Ow0%2FIsFtEtoHKvXNT7eNNC3NEcc0uPlMSh249aywSBkCniqaVW0HDSI9Ttv7ooaiI1Vo1daewBtlix%2FlepVIclWQidn7Oa4YmK%2FfP5cH0sNOdf5dbC2YsS%2BuEJV1MdMa%2FTWJB%2B8raZhkAOyF5Qhtx7ZQ0iMq8%2F4m9OZ7zRkptkDHz6LCPdc54jQPU3gw%2BLFbLYF0f7%2Fz2VfWdtRo2aWUiqfswss%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekladata.com
fake-reader.fr
st.chatango.com
www.facebook.com
188.165.53.185
208.93.230.18
212.83.152.79
2a03:2880:f11c:8183:face:b00c:0:25de
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
0fb34b0af7b243ae6b2d80e45fdf83c9bd885214e44d21f953180143965c20d8
1c76f37b1dcf55ce019f6cdf2cf608d02e66ff758f78cb974d8c0f44a5fb0e8a
28b359946f288336f7010c24a9817c1942cd2b9bb664bb8985bb2dca90c50bee
2bc715b86c77b54108af299fcafbddd5ca24eb71aa3c769b5623938d2d5cb2ae
39bce84c9661317b7c01e1a9e3dda2d95c9d3ca54c7a4cfc5c3d7dfe94deefd0
443478b3f1d5cb94210bfc03b4d1508856d87de44b0f7f6faaef5307ea9f7054
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5
52bba0bd7738ab631dce62a32a6edbaaa0cbf48626663e2502109df3aac5ac3c
607f7f2ef6af93268b92008ac0e56c028833845b4920b2886f5fb21e2b5f0f7d
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
697214839535b7d638aebbf67e4358ed07c9ac3c32b4811238f64adb6c8d1087
760e6a18b32bdc792c07a47795d7c5589241f0b90bd53a0f6b33f5b62c93c43a
7a5aeb744bc1844f432af1c92863f7e5591d803c3e58a77b3632fd4e47d6a794
880e2b4fb33a3797e1a129fcdcb7dcaae6415ebc78cdba8ff95544b84a788d85
97bec3d54fe51147ada11987118f74f9e04ffafc8194bd6cfcb0c384ea1acda3
97f65015a491719ae9dbf1afc7948f8e57f946a6822c6a924fb5826265e89af6
adced8a5f51ccf282204eb668705faf99302738739c88f894d836f680f9545f3
b2adcd739400f9e0133c2caad8adc3712458b24525eebb9cc3add14abbc9dfa7
daa9a7565d6e53d5c8bb9c5117760da97bf488259401444aac11f71abbfa63a6
ed6cd152bed8e4282d4f39416d9542beb608c3755c476dc82fbca8db08ffe064