mhamed-ffre.tk Open in urlscan Pro
80.211.160.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Submission: On May 29 via api (May 29th 2018, 3:35:14 am UTC) from CA

Summary HTTP 74 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 19 domains to perform 74 HTTP transactions. The main IP is 80.211.160.221, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is mhamed-ffre.tk.

This is the only time mhamed-ffre.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	80.211.160.221 80.211.160.221	31034 (ARUBA-ASN) (ARUBA-ASN)
2	172.217.22.10 172.217.22.10	15169 (GOOGLE) (GOOGLE - Google LLC)
5	213.209.0.9 213.209.0.9	8660 (MATRIX-AS) (MATRIX-AS)
1	216.58.207.74 216.58.207.74	15169 (GOOGLE) (GOOGLE - Google LLC)
4	213.209.17.230 213.209.17.230	8660 (MATRIX-AS) (MATRIX-AS)
1	13.32.217.63 13.32.217.63	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.217.22.4 172.217.22.4	15169 (GOOGLE) (GOOGLE - Google LLC)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 4	52.212.83.185 52.212.83.185	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.2.100 178.250.2.100	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	213.209.16.13 213.209.16.13	8660 (MATRIX-AS) (MATRIX-AS)
4	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.23.131 172.217.23.131	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.32.222.144 13.32.222.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.32.222.101 13.32.222.101	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
4	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.23.129 172.217.23.129	15169 (GOOGLE) (GOOGLE - Google LLC)
1	213.209.16.12 213.209.16.12	8660 (MATRIX-AS) (MATRIX-AS)
2 4	138.108.96.100 138.108.96.100	16477 (ACNIELSEN-AS) (ACNIELSEN-AS - ACNIELSEN)
1 2	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
4	69.172.216.55 69.172.216.55	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
3	69.172.216.58 69.172.216.58	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
8	69.172.216.111 69.172.216.111	7415 (ADSAFE-1) (ADSAFE-1 - Integral Ad Science)
3	157.240.20.38 157.240.20.38	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	54.171.249.90 54.171.249.90	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	13.32.222.142 13.32.222.142	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.48.217.7 52.48.217.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
74	30

3 80.211.160.221 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host221-160-211-80.serverdedicati.aruba.it

mhamed-ffre.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.209.0.9 (Italy)

ASN8660 (MATRIX-AS, IT)

login.libero.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.209.17.230 (Italy)

ASN8660 (MATRIX-AS, IT)

ssl-i.plug.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.217.63 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-217-63.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.4 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.83.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-83-185.eu-west-1.compute.amazonaws.com

secure-it.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.100 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: rtax.criteo.com

rtax.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.209.16.13 (Italy)

ASN8660 (MATRIX-AS, IT)

geoisp.libero.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.131 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.222.144 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-144.fra56.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.222.101 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-101.fra56.r.cloudfront.net

i.plug.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f162.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.129 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.209.16.12 (Italy)

ASN8660 (MATRIX-AS, IT)

geoisp.virgilio.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.108.96.100 (Schaumburg, United States) 2 redirects

ASN16477 (ACNIELSEN-AS - ACNIELSEN, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.238 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.172.216.55 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.172.216.58 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.172.216.111 (New York, United States)

ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.20.38 (Menlo Park, United States)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-z-mini-shv-02-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.249.90 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-249-90.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.222.142 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-142.fra56.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.217.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-217-7.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	136 KB
12	imrworldwide.com 3 redirects secure-it.imrworldwide.com cdn-gl.imrworldwide.com secure-gl.imrworldwide.com	61 KB
8	libero.it login.libero.it geoisp.libero.it	9 KB
6	plug.it ssl-i.plug.it i.plug.it	21 KB
5	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	150 KB
4	doubleclick.net securepubads.g.doubleclick.net	80 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net ad.crwdcntrl.net	12 KB
3	facebook.com www.facebook.com	641 B
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	116 KB
3	google.com www.google.com adservice.google.com	1 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
3	mhamed-ffre.tk mhamed-ffre.tk	19 KB
2	adform.net 1 redirects track.adform.net	588 B
1	virgilio.it geoisp.virgilio.it	792 B
1	google.de adservice.google.de	662 B
1	googletagservices.com www.googletagservices.com	8 KB
1	criteo.com rtax.criteo.com	550 B
1	amazon-adsystem.com c.amazon-adsystem.com	6 KB
74	19

	Domain	Requested by
8	dt.adsafeprotected.com	mhamed-ffre.tk
5	login.libero.it	mhamed-ffre.tk
4	pixel.adsafeprotected.com	mhamed-ffre.tk secure-gl.imrworldwide.com static.adsafeprotected.com
4	secure-gl.imrworldwide.com	2 redirects mhamed-ffre.tk secure-gl.imrworldwide.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mhamed-ffre.tk
4	cdn-gl.imrworldwide.com	secure-it.imrworldwide.com cdn-gl.imrworldwide.com
4	secure-it.imrworldwide.com	1 redirects mhamed-ffre.tk
4	ssl-i.plug.it	mhamed-ffre.tk
3	www.facebook.com	mhamed-ffre.tk
3	static.adsafeprotected.com	pixel.adsafeprotected.com mhamed-ffre.tk
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net mhamed-ffre.tk
3	b.scorecardresearch.com	1 redirects mhamed-ffre.tk
3	geoisp.libero.it	ssl-i.plug.it
3	mhamed-ffre.tk	mhamed-ffre.tk ajax.googleapis.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	track.adform.net	1 redirects mhamed-ffre.tk
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net mhamed-ffre.tk
2	i.plug.it	mhamed-ffre.tk
2	fonts.gstatic.com	mhamed-ffre.tk
2	www.google.com	mhamed-ffre.tk www.gstatic.com
2	fonts.googleapis.com	mhamed-ffre.tk
1	ad.crwdcntrl.net	ssl-i.plug.it
1	geoisp.virgilio.it	ssl-i.plug.it
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.gstatic.com	www.google.com
1	www.googletagservices.com	ssl-i.plug.it
1	rtax.criteo.com	ssl-i.plug.it
1	tags.crwdcntrl.net	mhamed-ffre.tk
1	c.amazon-adsystem.com	mhamed-ffre.tk
1	ajax.googleapis.com	mhamed-ffre.tk
74	31

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
www.libero.it
selfcare.libero.it
aiuto.libero.it
registrazione.libero.it
www.italiaonline.it
blog.libero.it
easy.libero.it
info.libero.it
privacy.italiaonline.it
www.commissariatodips.it

Subject Issuer	Validity	Valid
*.plug.it GlobalSign Domain Validation CA - SHA256 - G2	`2018-03-13` - `2019-05-15`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-05-08` - `2018-07-31`	3 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2018-02-15` - `2019-07-11`	a year	crt.sh

This page contains 9 frames:

Primary Page: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Frame ID: 0E2BFB136C82917083DBB5E4D445344D
Requests: 61 HTTP requests in this frame

Frame: https://ssl-i.plug.it/iplug/js/lib/iol/tr/data/ads/adv/_ads.html
Frame ID: 72B7768C8F9D29521B0E086414E05B1F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeevAETAAAAANf_EIvnZO3Is6XLKxoSdUjV392x&co=aHR0cDovL21oYW1lZC1mZnJlLnRrOjgw&hl=it&type=image&v=v1526884278587&theme=light&size=normal&cb=cg7q4emapxv
Frame ID: A1F151A523983DC6C8F47E462FE0A2A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180521/r20110914/activeview/osd_listener.js
Frame ID: FA7A1277C9B9AB927E85E56BA2334E08
Requests: 5 HTTP requests in this frame

Frame: http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19945967&chanId=135280247&placementId=4679759030&pubCreative=138234046029&pubOrder=2313467949&cb=1259377733
Frame ID: F3A0AE31D6A4B58D3C71BD5CB72FBCE9
Requests: 2 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/ocr/e?aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2JyYW5kbGlmdC5waHA.Y2FtcGFpZ25faWQ9NjE2MWMyM2ZmODRjNjJmNjAzODJlMjhhMGYyYzdkYjdmNGY0NzUwNThjMmFhYzY2OGRjN2VkNTRkM2Y1NGVmMiZjcmVhdGl2ZV9pZD0yMGY2YjRhYjM4ZjE3YmQyNDIwNmUwNGEwMzBkZmNhOTM2NjRjNWFmYWUyNWFmYjUzYWVhMzZkYWI2ZTZiZDYwJnBsYWNlbWVudF9pZD1iODM0Y2QxODQ3YmE2ZDY3OWJiNzYzOTkyMTczODFiMjlkNzdmZDZjZmY1MWMxMDZmNWEyNTBlMzEyY2ZjYzFiJm1lZGlhX3R5cGU9aW1hZ2UmY29udGVudF90eXBlPWpzJnNlZ21lbnQxPURFJnNlZ21lbnQyPTExMSZzZWdtZW50Mz1OQSZvc3ZlcnNpb249TGludXgmZGV2aWNlX3R5cGU9RFNLJnBsYXRmb3JtPURTSyZhZHZlcnRpc2VyX2lkPURTSyZ2ZXI9MSZjcmVhdGl2ZV90eXBlPTAmZGF0YV9kYXRlPTIwMTgwNTI4Jmg9ZmJlNWYwZjkzMQ__
Frame ID: EA3D7CD474CB4B8066DD7E27226C8C19
Requests: 1 HTTP requests in this frame

Frame: http://static.adsafeprotected.com/sca.17.4.72.js
Frame ID: CF04DC22B795502EFD425ECF01BF0B05
Requests: 1 HTTP requests in this frame

Frame: http://bcp.crwdcntrl.net/5/ct=y/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23OpR%2374012%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle/int=%23OpR%2374013%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle%20%3A%20logzmdxs/rt=ifr
Frame ID: 312CBAB877A3214F2269F76B3960DB78
Requests: 1 HTTP requests in this frame

Frame: http://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: C8A4C2A93213BC0F2C8F5C0A155C1E09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^_?COMSCORE$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

74
Requests

4 %
HTTPS

0 %
IPv6

19
Domains

31
Subdomains

30
IPs

6
Countries

650 kB
Transfer

1679 kB
Size

2
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjst3-8ICg3pDqYEHNZ96GD2IQj0pfb5bvV_x_iNhfaHwcZAyJCpgZ-en4MBnTqhr-FDvtXZyjM5_yz4r9Hw_GBqZbDB4x2ub714R5ET7k9XBxGNSL3oUYLR0woLjQGpVbFy8Ap8H2EYogbDsiuiAwKb0iiKKylUl3LFwkFNTBZ0EVXMeWUVBgoJXO-OTAsm7Ucm1OIj82qXuGnWW8Fup4SFVfJ5Ni-Wt_FPkKwdFeXmnP5oGdAetKxZ_wzEliXaoUvG4F2c&sai=AMfl-YQNjqh56zFu_R59sBeNtx45ywnlQDnIYQ2_AHyOjteiX014zh3lbDqJzd7szLelc6gQtgjQxbZQ5tmvyaBDHSTgQaxq4BUigqAutCw0&sig=Cg0ArKJSzBWNlMHJHxE8EAE&urlfix=1&adurl=https://track.adform.net/C/%3Fbn%3D22851005

Search URL Search Domain Scan URL

URL: http://www.libero.it/
Title:

Search URL Search Domain Scan URL

URL: http://selfcare.libero.it/recuperopassword?url_member=http%3A%2F%2Fwebmail.libero.it%2Fcp%2Fdefault.jsp
Title: Password dimenticata?

Search URL Search Domain Scan URL

URL: http://aiuto.libero.it/
Title: Serve aiuto?

Search URL Search Domain Scan URL

URL: https://registrazione.libero.it/?url_new_member=http%3A%2F%2Fwebmail.libero.it%2Fcp%2Fdefault.jsp
Title: Registrati

Search URL Search Domain Scan URL

URL: http://www.italiaonline.it/it/i-brand/libero/
Title: Chi siamo

Search URL Search Domain Scan URL

URL: http://blog.libero.it/mondolibero/?ref=libero
Title: Blog ufficiale

Search URL Search Domain Scan URL

URL: http://easy.libero.it/?ref=libero
Title: Libero Easy

Search URL Search Domain Scan URL

URL: http://aiuto.libero.it/?ref=libero
Title: Aiuto

Search URL Search Domain Scan URL

URL: http://info.libero.it/?ref=libero
Title: Note legali

Search URL Search Domain Scan URL

URL: http://privacy.italiaonline.it/privacy_libero.html?ref=libero
Title: Privacy

Search URL Search Domain Scan URL

URL: http://privacy.italiaonline.it/common/cookie/privacy_detail.php?ref=libero
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://www.commissariatodips.it/
Title: Commissariato di P.S.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

http://b.scorecardresearch.com/b?c1=2&c2=13259779&name=libero.login.others&ns_site=libero&wa_geo_1_id=0&wa_geo_2_id=0&wa_geo_3_id=0&wa_geo_4_id=0&wa_local_1_id=0&wa_local_2_id=0&wa_local_3_id=0&wa_adv_1_id=0&wa_adv_2_id=0&wa_adv_3_id=0&wa_engine_v=1.57&wa_data_v=20151022164346&ns__t=1527564903412&ns_c=UTF-8&cv=3.1e&c8=Libero%20-%20Login&c7=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=2&c2=13259779&name=libero.login.others&ns_site=libero&wa_geo_1_id=0&wa_geo_2_id=0&wa_geo_3_id=0&wa_geo_4_id=0&wa_local_1_id=0&wa_local_2_id=0&wa_local_3_id=0&wa_adv_1_id=0&wa_adv_2_id=0&wa_adv_3_id=0&wa_engine_v=1.57&wa_data_v=20151022164346&ns__t=1527564903412&ns_c=UTF-8&cv=3.1e&c8=Libero%20-%20Login&c7=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&c9=

Request Chain 43

https://track.adform.net/adfserve/?bn=22851005;1x1inv=1;srctype=3;ord=755980997 HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=22851005;1x1inv=1;srctype=3;ord=755980997

Request Chain 57

https://secure-gl.imrworldwide.com/cgi-bin/int?at=view&rt=banner&st=image&ca=cmp1001696&pc=3_plc42973719&cr=crv2543458&vw=meas&r=862871314 HTTP 302
https://www.facebook.com/brandlift.php?campaign_id=44e1f32b0b90e400ac378de3953f75a098b34fe97467b2210244714ccaa59419&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&placement_id=b834cd1847ba6d679bb76399217381b29d77fd6cff51c106f5a250e312cfcc1b&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=Linux&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20180528&h=5a177eac68&rnd=1527564903

Request Chain 60

https://secure-gl.imrworldwide.com/cgi-bin/int?at=view&rt=banner&st=image&ca=cmp1001696&pc=3_plc42973719&cr=crv2543458&vw=susp&r=862871314 HTTP 302
https://www.facebook.com/brandlift.php?campaign_id=348575b06e4563fd4e07534692024607aac084b820c9a0cbc474df2bbd59429e&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&placement_id=b834cd1847ba6d679bb76399217381b29d77fd6cff51c106f5a250e312cfcc1b&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=Linux&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20180528&h=511dfecba4&rnd=1527564904

Request Chain 61

http://bcp.crwdcntrl.net/5/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23OpR%2374012%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle/int=%23OpR%2374013%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle%20%3A%20logzmdxs/rt=ifr HTTP 302
http://bcp.crwdcntrl.net/5/ct=y/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23OpR%2374012%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle/int=%23OpR%2374013%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle%20%3A%20logzmdxs/rt=ifr

Request Chain 65

http://secure-it.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&C16=sdkv,bj.6.0.0&retry=0 HTTP 302
https://www.facebook.com/brandlift.php?sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&media_type=dcr&advertiser_id=NA

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request newlibero.htm Show response
mhamed-ffre.tk/ewelle/logzmdxs/ 18 KB
18 KB 82ms
43ms Document
text/html 80.211.160.221
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 80.211.160.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host221-160-211-80.serverdedicati.aruba.it
Software: Apache /
Resource Hash: 464305bda4925a724f0fbaa6f0587d1719fb354ce6cd150b0479cf16131c1111

Request headers

Host: mhamed-ffre.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0E2BFB136C82917083DBB5E4D445344D

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Server: Apache
Last-Modified: Thu, 15 Feb 2018 09:14:16 GMT
Accept-Ranges: bytes
Content-Length: 18262
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
S 200 css
fonts.googleapis.com/ 446 B
326 B 17ms
14ms Stylesheet
text/css 172.217.22.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.22.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f10.1e100.net

Software

ESF /

Resource Hash

f0c54713c13f66000d586283d47610f486b8bc3cc817d39cba529c175bcad492

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 29 May 2018 03:35:03 GMT

GET
S 200 css
fonts.googleapis.com/ 730 B
330 B 17ms
15ms Stylesheet
text/css 172.217.22.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.22.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f10.1e100.net

Software

ESF /

Resource Hash

a6b774d1722b797b51d8acde49b44e031bcc5800ce07d431aa016dbdbb96b083

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Tue, 29 May 2018 03:35:03 GMT

GET
H/1.1 200
OK stili_footer.css
login.libero.it/site_css/ 1 KB
1012 B 167ms
34ms Stylesheet
text/css 213.209.0.9
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.libero.it/site_css/stili_footer.css

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

HTTP/1.1

Server

213.209.0.9 , Italy, ASN8660 (MATRIX-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

c770ff35bb80f4697d11a979b8caeb50c184e8f2736c50928d1aac5811133046

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 487
Last-Modified: Tue, 06 Dec 2016 14:59:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "46b-542fea81aac40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=864000, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=400
Expires: Fri, 08 Jun 2018 03:35:03 GMT

GET
H/1.1 200
OK login_libero_resp.css
login.libero.it/site_css/ 8 KB
2 KB 178ms
36ms Stylesheet
text/css 213.209.0.9
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.libero.it/site_css/login_libero_resp.css

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

HTTP/1.1

Server

213.209.0.9 , Italy, ASN8660 (MATRIX-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

9f827c190ae4aa968c2d3f245328df504e12d9116ba2d5b70657f75c22bdd31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1923
Last-Modified: Wed, 21 Sep 2016 10:00:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1ed6-53d019e246440-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=864000, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=400
Expires: Fri, 08 Jun 2018 03:35:03 GMT

GET
H/1.1 200
OK stili_loginresp.css
login.libero.it/site_css/ 2 KB
1 KB 180ms
36ms Stylesheet
text/css 213.209.0.9
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.libero.it/site_css/stili_loginresp.css

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

HTTP/1.1

Server

213.209.0.9 , Italy, ASN8660 (MATRIX-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

4d9ff4a5a90662c02dde648dff8e15b3f46d79ae0eb1df443907d4b58b870292

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 520
Last-Modified: Thu, 06 Apr 2017 12:05:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "807-54c7e5417f600-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=864000, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=400
Expires: Fri, 08 Jun 2018 03:35:03 GMT

GET
H/1.1 200
OK splash_noiframe.css
login.libero.it/site_css/ 601 B
883 B 197ms
40ms Stylesheet
text/css 213.209.0.9
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.libero.it/site_css/splash_noiframe.css?d=131105

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

HTTP/1.1

Server

213.209.0.9 , Italy, ASN8660 (MATRIX-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

a4252bfc130627f5aab4837d9d6e2bf95aa4a5e10af584e048955394c775d27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 358
Last-Modified: Thu, 26 May 2016 12:24:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "259-533bddd86fc80-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=864000, public
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=400
Expires: Fri, 08 Jun 2018 03:35:03 GMT

GET
H/1.1 404
Not Found fingerprint.js
mhamed-ffre.tk/ewelle/logzmdxs/site_js/ 0
0 74ms
39ms Script
text/html 80.211.160.221
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://mhamed-ffre.tk/ewelle/logzmdxs/site_js/fingerprint.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 80.211.160.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host221-160-211-80.serverdedicati.aruba.it
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: mhamed-ffre.tk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 355
Content-Type: text/html; charset=iso-8859-1

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 7ms
6ms Script
text/javascript 216.58.207.74
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f10.1e100.net

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 12 Feb 2018 21:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9093263
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 30211
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 21:40:40 GMT

GET
H/1.1 200
OK rta2.js Show response
ssl-i.plug.it/banners/js/ 1 KB
824 B 154ms
37ms Script
application/javascript 213.209.17.230
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-i.plug.it/banners/js/rta2.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 213.209.17.230 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: feded5b395954fa1bf46cf432f138df5f97edbc7424407bde839f4a100a297b9

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1200, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 29 May 2018 03:55:03 GMT

GET
H/1.1 200
OK adv_library3_https.js Show response
ssl-i.plug.it/banners/js/ 61 KB
13 KB 193ms
76ms Script
application/javascript 213.209.17.230
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 213.209.17.230 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 4a215ee7794b8a62baf6803ddbef526402ad11f9a84e79b12b0d274693d1b553

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1200, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 29 May 2018 03:55:03 GMT

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ 16 KB
6 KB 26ms
7ms Script
application/javascript 13.32.217.63
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 13.32.217.63 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-217-63.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 9d70a2ebbf39e4b31f49d7b234def26877428d346936637940bc922b3c994e19

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 01:54:33 GMT
Content-Encoding: gzip
Server: Server
Age: 628
ETag: 10b9c95e8e38f6ee9b4aee1ec1a88b9f
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a853d87afe2972a208a9cd92a357386b.cloudfront.net (CloudFront)
Cache-Control: public, max-age=1800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5505
X-Amz-Cf-Id: IcvJgrSJVDrxsrzq-ipS6phgVEAxBQpoVatpEAmhp6GsYUBk9n5tMQ==

GET
H/1.1 200
OK adv_lib_login.js Show response
ssl-i.plug.it/banners/js/ 5 KB
2 KB 187ms
37ms Script
application/javascript 213.209.17.230
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-i.plug.it/banners/js/adv_lib_login.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 213.209.17.230 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: b9ac89322c981bc25d43e800363fac00de50488e9a3ba67658355b49927ac174

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1200, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 29 May 2018 03:55:03 GMT

GET
S 200 api.js Show response
www.google.com/recaptcha/ 838 B
560 B 16ms
16ms Script
text/javascript 172.217.22.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=it

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f4.1e100.net

Software

GSE /

Resource Hash

e19cf29055a3c489091c1c63a23c93d6f9bd5f5360a74d7f2ef854d3c2f6ae97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 470
x-xss-protection: 1; mode=block
expires: Tue, 29 May 2018 03:35:03 GMT

GET
S 200 cc.js Show response
tags.crwdcntrl.net/c/6201/ 36 KB
11 KB 29ms
10ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6201/cc.js?ns=_cc6201
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: SPDY
Server: 93.184.220.113 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41C7) /
Resource Hash: 5ba7e47b35b5ce54469df5cbc206a5f9dfe373fff3f0cb954b61ef04b87bb79d

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
last-modified: Wed, 23 May 2018 18:48:30 GMT
server: ECS (fcn/41C7)
etag: "5b05b77e-8ea0+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 10592
expires: Wed, 30 May 2018 03:35:03 GMT

GET
H/1.1 200
OK v60.js Show response
secure-it.imrworldwide.com/ 21 KB
7 KB 65ms
26ms Script
application/x-javascript 52.212.83.185
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://secure-it.imrworldwide.com/v60.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 52.212.83.185 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-212-83-185.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jan 2018 08:47:23 GMT
Server: nginx
ETag: "5a605f1b-1922"
Content-Type: application/x-javascript
Connection: keep-alive
Content-Length: 6434

GET
H/1.1 200
OK rta.js Show response
rtax.criteo.com/delivery/rta/ 143 B
550 B 24ms
12ms Script
text/html 178.250.2.100
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://rtax.criteo.com/delivery/rta/rta.js?netId=823&cookieName=cto_rta&rnd=51945351684&varName=crtg_content
Requested by: Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/rta2.js
Protocol: HTTP/1.1
Server: 178.250.2.100 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: rtax.criteo.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 218b29209f80f842c45307708117b423d95d5e8d10d249f67d6ef19a7d2b4eab

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 143

GET
H/1.1 200
OK iolobj-rc-read.js Show response
geoisp.libero.it/ioladv/ 798 B
694 B 167ms
37ms Script
application/javascript 213.209.16.13
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.libero.it/ioladv/iolobj-rc-read.js?tm=1527564903334
Requested by: Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Server: 213.209.16.13 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: 239537ff30411d0ce5f1abf7618fed9bdcc53a9e42b6939b6ab7f44d1e4c3cb6

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 275

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 19 KB
8 KB 44ms
38ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/adv_lib_login.js

Protocol

HTTP/1.1

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

dce6e3bbf14ee6e3277d252915e29a846d80965d519d3270219c8403e386fcba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "4 / 33 of 1000 / last-modified: 1527271874"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 7567
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 May 2018 03:35:03 GMT

GET
H/1.1 200
OK logo_libero.png
login.libero.it/site_images/ 1 KB
2 KB 40ms
40ms Image
image/png 213.209.0.9
MATRIX-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.libero.it/site_images/logo_libero.png

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

HTTP/1.1

Server

213.209.0.9 , Italy, ASN8660 (MATRIX-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

0f003b046696fb5ae2ced1fccb532584b5edbe32449907e5dcae8fb4a69a6de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.libero.it/site_css/login_libero_resp.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 May 2017 14:59:05 GMT
Server: Apache
ETag: "53d-550323a954040"
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=864000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=399
Content-Length: 1341
Expires: Fri, 08 Jun 2018 03:35:03 GMT

GET
S 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v18/ 35 KB
20 KB 6ms
5ms Font
font/ttf 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
Origin: http://mhamed-ffre.tk

Response headers

date: Sat, 07 Apr 2018 05:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4486939
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 20272
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2017 17:32:56 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Apr 2019 05:12:44 GMT

GET
S 200 KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v18/ 34 KB
20 KB 6ms
5ms Font
font/ttf 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc9.ttf

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,700
Origin: http://mhamed-ffre.tk

Response headers

date: Tue, 13 Feb 2018 16:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9025479
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 20309
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Feb 2019 16:30:24 GMT

GET
S 200 recaptcha__it.js Show response
www.gstatic.com/recaptcha/api2/v1526884278587/ 236 KB
76 KB 7ms
7ms Script
text/javascript 172.217.23.131
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1526884278587/recaptcha__it.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=it

Protocol

SPDY

Server

172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f3.1e100.net

Software

sffe /

Resource Hash

5c2b8668114d274528d1001dd0b1ca8c6d8e582ae016a8aaacf197f81765c054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Thu, 24 May 2018 04:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 May 2018 17:45:00 GMT
server: sffe
age: 427987
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 77911
x-xss-protection: 1; mode=block
expires: Fri, 24 May 2019 04:41:56 GMT

GET
H/1.1 200
OK libero-it.json Show response
cdn-gl.imrworldwide.com/ci/ 22 KB
2 KB 633ms
315ms XHR
application/json 13.32.222.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/ci/libero-it.json
Requested by: Host: secure-it.imrworldwide.com
URL: http://secure-it.imrworldwide.com/v60.js
Protocol: HTTP/1.1
Server: 13.32.222.144 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-144.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a913772d12107cc4e3679afca0780ea8433f1820e66daa49cb4b278f46849aa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Origin: http://mhamed-ffre.tk

Response headers

Date: Tue, 29 May 2018 03:35:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 May 2018 03:02:45 GMT
Server: AmazonS3
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-version-id: Msk6hGwsc0DwM4DyZgcqSTXg519lGWy8
Via: 1.1 f083b3a717e76bc416c5912ddf0d8f81.cloudfront.net (CloudFront)
X-Amz-Cf-Id: cqdn0bvkEz4h8uyCRsC20n9m1-i8jsfkcToR45Ux2e1kON3GfMVnmw==

GET
H/1.1 200
OK m
secure-it.imrworldwide.com/cgi-bin/ 44 B
521 B 27ms
27ms Image
image/gif 52.212.83.185
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://secure-it.imrworldwide.com/cgi-bin/m?rnd=1527564903361&ci=libero-it&js=1&cg=0&ts=v60.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&sr=1600x1200
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 52.212.83.185 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-212-83-185.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Server: nginx
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 44
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 12ms
6ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Wed, 30 May 2018 03:35:03 GMT

GET
H/1.1 200
OK comscore_login.libero.it.js Show response
i.plug.it/iplug/js/lib/iol/tr/data/login.libero.it/ 2 KB
1 KB 32ms
27ms Script
application/javascript 13.32.222.101
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://i.plug.it/iplug/js/lib/iol/tr/data/login.libero.it/comscore_login.libero.it.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 13.32.222.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-101.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b375175575d2c6a6cebbe0f4177573f9e058a1e00fda00c5f961097b66cea18d

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 29 May 2018 03:13:57 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
Age: 1266
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d942ee6a387b745954972448a42def1c.cloudfront.net (CloudFront)
Cache-Control: public, max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: r0Wsbc4BsuIc4iFdYmlpxMhhsOjN_iDOZQXgnqVJzLuamUBuqhJ5OA==

GET
H/1.1 200
OK comscore_engine.js Show response
i.plug.it/iplug/js/lib/iol/tr/engine/ 10 KB
3 KB 20ms
14ms Script
application/javascript 13.32.222.101
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://i.plug.it/iplug/js/lib/iol/tr/engine/comscore_engine.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 13.32.222.101 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-101.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9c1e2bb59df7164debaa105d628e7d9bcfa767c2db05ddeeeef4da6adeaee63a

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 29 May 2018 02:58:15 GMT
Content-Encoding: gzip
Server: nginx/1.12.1
Age: 2208
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 df874ca0e51df630ccc49eab9f1f7fb3.cloudfront.net (CloudFront)
Cache-Control: public, max-age=1200
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: 4Y9NUd9W5vn1YYEULwsrqbL8Wn6OJPdU8psjgZt74OSTqaqwm0ZX9w==

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 111 B
662 B 28ms
14ms Script
application/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mhamed-ffre.tk

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.16.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f162.1e100.net

Software

cafe /

Resource Hash

e8a14f313c1ae3d9c0369c13cb9c46c29f2e00e0508eddf13727c3d7e6655351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 105
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 111 B
495 B 31ms
16ms Script
application/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mhamed-ffre.tk

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

e8a14f313c1ae3d9c0369c13cb9c46c29f2e00e0508eddf13727c3d7e6655351

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 105
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_207.js Show response
securepubads.g.doubleclick.net/gpt/ 172 KB
59 KB 62ms
39ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_207.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

3095fa4cd1c72a946217bf19a7087f03be83aa504b6233f9927cf8ded73c7e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 May 2018 22:01:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 60375
x-xss-protection: 1; mode=block
expires: Tue, 29 May 2018 03:35:03 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=2&c2=13259779&name=libero.login.others&ns_site=libero&wa_geo_1_id=0&wa_geo_2_id=0&wa_geo_3_id=0&wa_geo_4_id=0&wa_local_1_id=0&wa_local_2_id=0&wa_local_3_id=0&wa_...
http://b.scorecardresearch.com/b2?c1=2&c2=13259779&name=libero.login.others&ns_site=libero&wa_geo_1_id=0&wa_geo_2_id=0&wa_geo_3_id=0&wa_geo_4_id=0&wa_local_1_id=0&wa_local_2_id=0&wa_local_3_id=0&wa...

0
248 B

7ms
5ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=2&c2=13259779&name=libero.login.others&ns_site=libero&wa_geo_1_id=0&wa_geo_2_id=0&wa_geo_3_id=0&wa_geo_4_id=0&wa_local_1_id=0&wa_local_2_id=0&wa_local_3_id=0&wa_adv_1_id=0&wa_adv_2_id=0&wa_adv_3_id=0&wa_engine_v=1.57&wa_data_v=20151022164346&ns__t=1527564903412&ns_c=UTF-8&cv=3.1e&c8=Libero%20-%20Login&c7=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&c9=
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=2&c2=13259779&name=libero.login.others&ns_site=libero&wa_geo_1_id=0&wa_geo_2_id=0&wa_geo_3_id=0&wa_geo_4_id=0&wa_local_1_id=0&wa_local_2_id=0&wa_local_3_id=0&wa_adv_1_id=0&wa_adv_2_id=0&wa_adv_3_id=0&wa_engine_v=1.57&wa_data_v=20151022164346&ns__t=1527564903412&ns_c=UTF-8&cv=3.1e&c8=Libero%20-%20Login&c7=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&c9=
Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _ads.html
ssl-i.plug.it/iplug/js/lib/iol/tr/data/ads/adv/ Frame 72B7 0
0 38ms
37ms Document
text/html 213.209.17.230
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl-i.plug.it/iplug/js/lib/iol/tr/data/ads/adv/_ads.html
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.209.17.230 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash

Request headers

Host: ssl-i.plug.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0E2BFB136C82917083DBB5E4D445344D
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Response headers

Server: nginx/1.12.1
Date: Tue, 29 May 2018 03:35:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: public, max-age=1200
Content-Encoding: gzip

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame A1F1 0
0 18ms
17ms Document
text/html 172.217.22.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeevAETAAAAANf_EIvnZO3Is6XLKxoSdUjV392x&co=aHR0cDovL21oYW1lZC1mZnJlLnRrOjgw&hl=it&type=image&v=v1526884278587&theme=light&size=normal&cb=cg7q4emapxv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1526884278587/recaptcha__it.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.22.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeevAETAAAAANf_EIvnZO3Is6XLKxoSdUjV392x&co=aHR0cDovL21oYW1lZC1mZnJlLnRrOjgw&hl=it&type=image&v=v1526884278587&theme=light&size=normal&cb=cg7q4emapxv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0E2BFB136C82917083DBB5E4D445344D
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Response headers

status: 200
content-type: text/html; charset=utf-8
content-encoding: gzip
date: Tue, 29 May 2018 03:35:03 GMT
expires: Tue, 29 May 2018 03:35:03 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 552
server: GSE
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"

GET
H/1.1 404
Not Found aphorisms366.js Show response
mhamed-ffre.tk/ewelle/logzmdxs/site_js/ 356 B
556 B 40ms
39ms XHR
text/html 80.211.160.221
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://mhamed-ffre.tk/ewelle/logzmdxs/site_js/aphorisms366.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Protocol: HTTP/1.1
Server: 80.211.160.221 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: host221-160-211-80.serverdedicati.aruba.it
Software: Apache /
Resource Hash: 57ff991421381eb8c870e14f5bc240ecb11c891bd4b67ebcb3bf09a90145ea29

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: mhamed-ffre.tk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cache-Control: no-cache
Accept: application/json, text/javascript, */*; q=0.01
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 356
Content-Type: text/html; charset=iso-8859-1

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 59ms
59ms XHR
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=2764026500189026&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062103&vrg=207&guci=1.2.0.0.2.2&sc=0&sfv=1-0-27&iu_parts=5180%2Clibero%2Cwebmail%2Clogin%2Cbig&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1540x1024&cust_params=optout%3D0%26adv_sso1%3D0%26adv_sso2%3D0%26adv_sso3%3D0%26adv_np%3Dyes%26laud%3Dnull%26swidth%3Dbig&cookie_enabled=1&bc=7&abxe=1&lmt=1518686056&dt=1527564903512&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=195244769&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&dssz=33&icsg=47311921152&mso=512&std=0&vis=1&scr_x=0&scr_y=0&psz=1440x-1&ga_vid=1161292248.1527564904&ga_sid=1527564904&ga_hid=1548731564

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_207.js

Protocol

SPDY

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

533a39bfab92d45805b2a2499597020d8792cc0ea32b64785385e810e31e4056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Origin: http://mhamed-ffre.tk

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 3638
x-xss-protection: 1; mode=block
google-lineitem-id: 4679759030
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234046029
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://mhamed-ffre.tk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_207.js Show response
securepubads.g.doubleclick.net/gpt/ 44 KB
17 KB 38ms
38ms Script
text/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_207.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_207.js

Protocol

SPDY

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

sffe /

Resource Hash

c9d83081bf0b6a4c749852b77cf67886513797868f86ae0eaa228cd4802d37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Tue, 29 May 2018 03:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 May 2018 22:01:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 16974
x-xss-protection: 1; mode=block
expires: Tue, 29 May 2018 03:35:03 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-27/html/ 0
0 11ms
5ms Other
text/html 172.217.23.129
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-27/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_207.js
Protocol: HTTP/1.1
Server: 172.217.23.129 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s18-in-f1.1e100.net
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Expires: Wed, 15 May 2019 20:25:17 GMT
Cache-Control: public, immutable, max-age=31536000
Last-Modified: Mon, 14 May 2018 14:45:16 GMT
Content-Type: text/html

GET
H/1.1 200
OK iolobj-geo.php Show response
geoisp.libero.it/ioladv/ 0
334 B 38ms
38ms Script
text/html 213.209.16.13
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.libero.it/ioladv/iolobj-geo.php?callback=window.IOLOBJ.Profile.setupFromGEO&tm=1527564903530
Requested by: Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Server: 213.209.16.13 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Server: Apache
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Content-Type: text/html
Keep-Alive: timeout=2, max=99
Content-Length: 0

GET
H/1.1 200
OK iolobj-rc-write.js Show response
geoisp.virgilio.it/ioladv/ 780 B
792 B 220ms
37ms Script
application/javascript 213.209.16.12
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.virgilio.it/ioladv/iolobj-rc-write.js?tm=1527564903569&g=[undefined]g&d=[virgilio.it]d
Requested by: Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Server: 213.209.16.12 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: 0c815b93cf68fc9a234ec06fc29143fb1f7ee2c5147ee9b1ae96bc27aa86fe67

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=100
Content-Length: 278

GET
H/1.1 200
OK m Show response
secure-gl.imrworldwide.com/cgi-bin/ 2 KB
2 KB 121ms
26ms Script
text/javascript 138.108.96.100
ACNIELSEN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=ent565065&am=3&mr=1&ty=js&ep=1&at=view&rt=banner&st=image&ca=cmp1001696&cr=crv2543458&pc=plc42973719&r=755980997
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 138.108.96.100 Schaumburg, United States, ASN16477 (ACNIELSEN-AS - ACNIELSEN, US),
Reverse DNS
Software: nginx /
Resource Hash: 56747b487f6fe59e2e4e7a95c4ac2858d83d49718a1796b02d063244e537e1f8

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Server: nginx
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Keep-Alive: timeout=5
Content-Length: 1805
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180521/r20110914/activeview/ Frame FA7A 69 KB
26 KB 34ms
7ms Script
text/javascript 172.217.23.129
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180521/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_207.js

Protocol

SPDY

Server

172.217.23.129 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f1.1e100.net

Software

cafe /

Resource Hash

484bab2f6c64e0c8b45371b41e0300096133024a0d1815b5fd4d930a969efc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 21 May 2018 12:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 657425
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 25815
x-xss-protection: 1; mode=block
server: cafe
etag: 16021068360213885268
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Jun 2018 12:57:58 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 71 KB
26 KB 13ms
6ms Script
text/javascript 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_207.js

Protocol

HTTP/1.1

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

106357d58e48c91d5b74238b6f266e0c9cc50d82af77237ff7c3dd10b06e70ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 May 2018 02:55:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2345
ETag: 4371217384211563518
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 26522
X-XSS-Protection: 1; mode=block
Expires: Tue, 29 May 2018 03:55:58 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame FA7A 0
273 B 21ms
19ms Image
text/html 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusbVYn9jRTHSbQhBxiVtmyEFWgmd6RNkASx2sEg6az1zPqHUWYhA8TpeikE-4NYwrBVvmsGqdsR6WE0IsZcKrLL1MPgAvZLfNLM2CKHFJ7eB543yuHV4oLB2sHF6ypqUQPQVZBHfRPrMq2YXAUNIA8JUo0Q6zHWfRr87jTaf426AYNdDUS--iMoPT7kgAcJPK-SqfJ1Er52TGl-ERuZBijenI36p0qZHeZN2j6LbB9KeYaaYhYn9v3yKbGo_DzlkbwmsiMa_dZrwE&sai=AMfl-YTAG__Fyw9_hTXiQKCfLY-DJ9cDLIV7TlfvMJSIbVwEcAth6QreoA4nN1u1pwAtz0Vn6ixKQb-8V0PSowUBnTryk-iT1E8dLqEKRAZi&sig=Cg0ArKJSzJJvYt4Xw78VEAE&urlfix=1&adurl=
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: SPDY
Server: 172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s18-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: private
expires: Tue, 29 May 2018 03:35:03 GMT

GET
S

200

/
track.adform.net/adfserve/ Frame FA7A
Redirect Chain

https://track.adform.net/adfserve/?bn=22851005;1x1inv=1;srctype=3;ord=755980997
https://track.adform.net/adfserve/?CC=1&bn=22851005;1x1inv=1;srctype=3;ord=755980997

35 B
257 B

21ms
21ms

Image
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/adfserve/?CC=1&bn=22851005;1x1inv=1;srctype=3;ord=755980997
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: SPDY
Server: 37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 May 2018 03:35:03 GMT
server: nginx
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 29 May 2018 03:35:03 GMT
server: nginx
status: 302
location: https://track.adform.net/adfserve/?CC=1&bn=22851005;1x1inv=1;srctype=3;ord=755980997
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
S 200 imgad
tpc.googlesyndication.com/pagead/ 98 KB
98 KB 39ms
12ms Image
image/jpeg 172.217.23.129
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCbisXu0gEQARgBMghTGb1kBBX7Mg

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.23.129 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f1.1e100.net

Software

cafe /

Resource Hash

8a4ad0524e6eb009ac750cea93c5471d0cf313f9ffb373a51f617c4b645ba4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 28 May 2018 22:05:59 GMT
x-content-type-options: nosniff
server: cafe
age: 19744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 99940
x-xss-protection: 1; mode=block
expires: Mon, 04 Jun 2018 22:05:59 GMT

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame F3A0 38 KB
13 KB 28ms
12ms Script
application/javascript 69.172.216.55
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19945967&chanId=135280247&placementId=4679759030&pubCreative=138234046029&pubOrder=2313467949&cb=1259377733
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 69.172.216.55 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a351db2f8b9a9eea0ff7440737c8e87cca381c90a2d186e1cf9a05bbc4a79de4

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Server-Name: app38ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame FA7A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 337751e2f14237aa01dbb428eea871d3666f20e7fdcb47aec88f68b3fa0d84ff

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK e
secure-gl.imrworldwide.com/ocr/ Frame EA3D 0
0 28ms
27ms Document
text/html 138.108.96.100
ACNIELSEN

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/ocr/e?aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2JyYW5kbGlmdC5waHA.Y2FtcGFpZ25faWQ9NjE2MWMyM2ZmODRjNjJmNjAzODJlMjhhMGYyYzdkYjdmNGY0NzUwNThjMmFhYzY2OGRjN2VkNTRkM2Y1NGVmMiZjcmVhdGl2ZV9pZD0yMGY2YjRhYjM4ZjE3YmQyNDIwNmUwNGEwMzBkZmNhOTM2NjRjNWFmYWUyNWFmYjUzYWVhMzZkYWI2ZTZiZDYwJnBsYWNlbWVudF9pZD1iODM0Y2QxODQ3YmE2ZDY3OWJiNzYzOTkyMTczODFiMjlkNzdmZDZjZmY1MWMxMDZmNWEyNTBlMzEyY2ZjYzFiJm1lZGlhX3R5cGU9aW1hZ2UmY29udGVudF90eXBlPWpzJnNlZ21lbnQxPURFJnNlZ21lbnQyPTExMSZzZWdtZW50Mz1OQSZvc3ZlcnNpb249TGludXgmZGV2aWNlX3R5cGU9RFNLJnBsYXRmb3JtPURTSyZhZHZlcnRpc2VyX2lkPURTSyZ2ZXI9MSZjcmVhdGl2ZV90eXBlPTAmZGF0YV9kYXRlPTIwMTgwNTI4Jmg9ZmJlNWYwZjkzMQ__
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=ent565065&am=3&mr=1&ty=js&ep=1&at=view&rt=banner&st=image&ca=cmp1001696&cr=crv2543458&pc=plc42973719&r=755980997
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 138.108.96.100 Schaumburg, United States, ASN16477 (ACNIELSEN-AS - ACNIELSEN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: secure-gl.imrworldwide.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0E2BFB136C82917083DBB5E4D445344D
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Response headers

Server: nginx
Date: Tue, 29 May 2018 03:35:03 GMT
Content-Type: text/html
Content-Length: 578
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ 39 KB
13 KB 55ms
17ms Script
application/javascript 69.172.216.55
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anid=5029&campId=cmp1001696&placementId=3_plc42973719&creativeId=crv2543458&cy=&c9=devid,&c13=asid,
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ci=ent565065&am=3&mr=1&ty=js&ep=1&at=view&rt=banner&st=image&ca=cmp1001696&cr=crv2543458&pc=plc42973719&r=755980997
Protocol: HTTP/1.1
Server: 69.172.216.55 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 75e361c95782a0f20d72a93958ed62c02a87117e97108470bd02310dddf61020

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Server-Name: app33ami.ami.303net.pvt
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK main.17.4.107.js Show response
static.adsafeprotected.com/ Frame F3A0 138 KB
44 KB 27ms
13ms Script
application/javascript 69.172.216.58
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adsafeprotected.com/main.17.4.107.js
Requested by: Host: pixel.adsafeprotected.com
URL: http://pixel.adsafeprotected.com/jload?anId=926174&campId=1540x1024&pubId=19945967&chanId=135280247&placementId=4679759030&pubCreative=138234046029&pubOrder=2313467949&cb=1259377733
Protocol: HTTP/1.1
Server: 69.172.216.58 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: aa503cac75e44163c1d48d102cdd84a2149772b5aa110b1ffa97edf8d0dfd1fc

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 May 2018 19:23:00 GMT
X-Server-Name: app01ami.ami.303net.pvt
ETag: "5b031c94-ae58"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: close
Content-Length: 44632
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK iolobj-rc-write.js Show response
geoisp.libero.it/ioladv/ 778 B
789 B 43ms
38ms Script
application/javascript 213.209.16.13
MATRIX-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://geoisp.libero.it/ioladv/iolobj-rc-write.js?tm=1527564903811&g=[undefined]g&d=[libero.it]d
Requested by: Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Server: 213.209.16.13 , Italy, ASN8660 (MATRIX-AS, IT),
Reverse DNS
Software: Apache /
Resource Hash: 39a3257252a3c0d4c9e71ab27f53fbe417c2ef5d239f95c8324ac80ea0956cae

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref=http://up.ioladv.it/ioladv/policy/p3p.xml, CP=NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT CNT
cache-control: public, max-age=7200
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=2, max=98
Content-Length: 278

GET
H/1.1 200
OK main.17.4.107.js Show response
static.adsafeprotected.com/ 138 KB
44 KB 71ms
26ms Script
application/javascript 69.172.216.58
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.17.4.107.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anid=5029&campId=cmp1001696&placementId=3_plc42973719&creativeId=crv2543458&cy=&c9=devid,&c13=asid,
Protocol: HTTP/1.1
Server: 69.172.216.58 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: aa503cac75e44163c1d48d102cdd84a2149772b5aa110b1ffa97edf8d0dfd1fc

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 May 2018 19:23:00 GMT
X-Server-Name: app16ami.ami.303net.pvt
ETag: "5b031c94-ae58"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: close
Content-Length: 44632
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sca.17.4.72.js Show response
static.adsafeprotected.com/ Frame CF04 81 KB
20 KB 23ms
12ms Script
application/javascript 69.172.216.58
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adsafeprotected.com/sca.17.4.72.js
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 69.172.216.58 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: e8cd262a1cda289635df443ebfe41d7f551f0215fea4090d1a10c04547b3a422

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Mar 2018 20:15:42 GMT
X-Server-Name: app31ami.ami.303net.pvt
ETag: "5aa2eb6e-4fa2"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: close
Content-Length: 20386
Server: nginx
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
304 B 29ms
15ms Image
image/gif 69.172.216.55
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.adsafeprotected.com/mon?anId=926174&campId=1540x1024&pubId=19945967&chanId=135280247&placementId=4679759030&pubCreative=138234046029&pubOrder=2313467949&cb=1259377733&adsafe_url=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&adsafe_type=abcedfq&adsafe_jsinfo=,id:48a43c04-dac7-9d73-b020-e7608b838a30,c:dYfVKE,sl:outOfView,em:true,fr:true,mn:app38ami,pt:1-5-15,wc:0.0.1600.1200,ac:80.10.0.0,am:i,cc:80.10.0.0,piv:0,obst:0,th:0,reas:l,br:u,fv:0,abv:na,an:n,fm:qTp8F2Z+11|12|13*.926174|131|14|15,idMap:13*,pl:,es:0,sc:1,ha:1,gm:1,tt:jload,et:141,oid:4616cdbe-62f1-11e8-9c87-70106fb72758,v:17.4.107,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 69.172.216.55 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
X-Server-Name: app25ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 24ms
12ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=48a43c04-dac7-9d73-b020-e7608b838a30&tv={c:dYfVL0,pingTime:-2,time:161,type:a,im:{prf:{beA:48,beZ:49,mfA:148,cmA:149,inA:149,inZ:169,prA:169,prZ:178,si:188,poA:189,poZ:196,cmZ:196,mfZ:196,loA:205,loZ:207,ltA:208,ltZ:208,mdA:50,mdZ:114}},sca:{dfp:{df:0}},env:{sf:0,pom:1},clog:[{piv:0,vs:o,r:l,w:0,h:0,t:138}],es:0,sc:1,ha:1,gm:1,slTimes:{i:0,o:162,n:0,pp:0,pm:0},slEvents:[{sl:o,t:138,wc:0.0.1600.1200,ac:80.10.0.0,am:i,cc:80.10.0.0,piv:0,obst:0,th:0,reas:l,bkn:{piv:[49~0],as:[49~0.0]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:qTp8F2Z+11|12|13*.926174|131|14|15,idMap:13*,slid:[google_ads_iframe_/5180/libero/webmail/login/big_0,google_ads_iframe_/5180/libero/webmail/login/big_0__container__,adsplash],sinceFw:20,readyFired:true}&br=u
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
X-Server-Name: dt40ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dbapi Show response
pixel.adsafeprotected.com/ 61 B
412 B 47ms
16ms Script
application/javascript 69.172.216.55
Integral Ad Science

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/dbapi?ias_callback=__IntegralAS_c94c190cdd3d60fc555e5ae87299afc8_3717&anid=5029&campId=cmp1001696&placementId=3_plc42973719&creativeId=crv2543458&cy=&c9=devid,&c13=asid,&adsafe_url=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&adsafe_type=abdfq&adsafe_jsinfo=,id:c94c190c-dd3d-60fc-555e-5ae87299afc8,c:dYfVLC,sl:inView,em:false,fr:true,mn:app33ami,pt:1-5-15,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,br:u,fv:0,abv:na,an:n,fm:qTp8F3S+1*.5029|11|12|131|132|14|15,idMap:1*,pl:,es:0,sc:0,ha:1,gm:1,tt:jload,et:145,oid:461e95bb-62f1-11e8-8754-382c4ac630ed,v:17.4.107,sp:1,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/main.17.4.107.js
Protocol: HTTP/1.1
Server: 69.172.216.55 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 879f8ec99bfdf28aaefd9e31378abaa7f047350b43424df0c1cdea4b797637dd

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Content-Encoding: gzip
X-Server-Name: app47ami.ami.303net.pvt
Transfer-Encoding: chunked
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: application/javascript;charset=utf-8
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 37ms
11ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=5029&asId=c94c190c-dd3d-60fc-555e-5ae87299afc8&tv={c:dYfVLE,pingTime:-8,time:146,type:l,es:0,sc:0,ha:1,gm:1,slTimes:{i:146,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:143,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:{piv:[16~75],as:[16~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:qTp8F3S+1*.5029|11|12|131|132|14|15,idMap:1*}&br=u
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
X-Server-Name: dt59ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
S

200

brandlift.php
www.facebook.com/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/int?at=view&rt=banner&st=image&ca=cmp1001696&pc=3_plc42973719&cr=crv2543458&vw=meas&r=862871314
https://www.facebook.com/brandlift.php?campaign_id=44e1f32b0b90e400ac378de3953f75a098b34fe97467b2210244714ccaa59419&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&plac...

67 B
225 B

47ms
47ms

Image
image/png

157.240.20.38
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/brandlift.php?campaign_id=44e1f32b0b90e400ac378de3953f75a098b34fe97467b2210244714ccaa59419&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&placement_id=b834cd1847ba6d679bb76399217381b29d77fd6cff51c106f5a250e312cfcc1b&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=Linux&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20180528&h=5a177eac68&rnd=1527564903

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

157.240.20.38 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

edge-star-z-mini-shv-02-frt3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: QCGlo/t6tqo1l7ZxGFOqgrWHF8j8swZvTjLfzXxOkRnP8nv4wmAhSZCLCvefiVKn4h73iXtOi2HBMD96KsJDmg==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 May 2018 03:35:04 GMT
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
content-type: image/png
status: 200
cache-control: private, no-store, no-cache, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:03 GMT
Server: nginx
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Location: https://www.facebook.com/brandlift.php?campaign_id=44e1f32b0b90e400ac378de3953f75a098b34fe97467b2210244714ccaa59419&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&placement_id=b834cd1847ba6d679bb76399217381b29d77fd6cff51c106f5a250e312cfcc1b&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=Linux&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20180528&h=5a177eac68&rnd=1527564903
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 44
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 42ms
13ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=5029&asId=c94c190c-dd3d-60fc-555e-5ae87299afc8&tv={c:dYfVLS,pingTime:-2,time:160,type:a,im:{prf:{bdA:710,bdZ:769,beA:782,beZ:784,mfA:910,cmA:910,inA:910,inZ:916,prA:916,prZ:920,si:926,poA:929,poZ:930,cmZ:930,mfZ:930,loA:934,loZ:935,ltA:942,ltZ:942,mdA:784,mdZ:881}},env:{sf:0,pom:1},clog:[{piv:99,vs:i,r:,w:1600,h:1200,t:143}],es:0,sc:0,ha:1,gm:1,slTimes:{i:160,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:143,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:{piv:[29~75],as:[29~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:qTp8F2Z+1*.5029|11|12|13.926174|131|132|14|15,idMap:1*,slid:[adv_click],sinceFw:12,readyFired:true}&br=u
Requested by: Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:04 GMT
X-Server-Name: dt14ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FA7A 42 B
438 B 26ms
14ms Image
image/gif 172.217.18.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPCRIn5riKKxHjvQzBsu_KQTYvoZsLY7MTDUtBBT0tKcKLTdJYMzynUmat-YMMeoWLUBTymKnStx6wSi2bBmYxf5BdBG7FxsI&sig=Cg0ArKJSzAIV7cVIBSn_EAE&id=osdim&ti=1&r=z&adk=195244769&tt=361&bs=1600,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=10,80,10,80&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&bos=1600,1200&ps=1600,482&ss=1600,1200&pt=-1&deb=1-0-1-2-2--1-2-1&tvt=253&op=1&uc=1&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=0x0&v=r20180521

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

172.217.18.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 May 2018 03:35:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

brandlift.php
www.facebook.com/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/int?at=view&rt=banner&st=image&ca=cmp1001696&pc=3_plc42973719&cr=crv2543458&vw=susp&r=862871314
https://www.facebook.com/brandlift.php?campaign_id=348575b06e4563fd4e07534692024607aac084b820c9a0cbc474df2bbd59429e&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&plac...

67 B
204 B

47ms
47ms

Image
image/png

157.240.20.38
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/brandlift.php?campaign_id=348575b06e4563fd4e07534692024607aac084b820c9a0cbc474df2bbd59429e&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&placement_id=b834cd1847ba6d679bb76399217381b29d77fd6cff51c106f5a250e312cfcc1b&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=Linux&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20180528&h=511dfecba4&rnd=1527564904

Requested by

Host: mhamed-ffre.tk
URL: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Protocol

SPDY

Server

157.240.20.38 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

edge-star-z-mini-shv-02-frt3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: rq3EUlK8Dw//g1ANhU1LxO5LXZoqExHBLAKqnc4E+HMZNwiCIgmGV0FCYf+Yn0RXpzlxyxiS718Bm//eoZjQZQ==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 May 2018 03:35:04 GMT
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
content-type: image/png
status: 200
cache-control: private, no-store, no-cache, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:04 GMT
Server: nginx
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Location: https://www.facebook.com/brandlift.php?campaign_id=348575b06e4563fd4e07534692024607aac084b820c9a0cbc474df2bbd59429e&creative_id=20f6b4ab38f17bd24206e04a030dfca93664c5afae25afb53aea36dab6e6bd60&placement_id=b834cd1847ba6d679bb76399217381b29d77fd6cff51c106f5a250e312cfcc1b&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=Linux&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20180528&h=511dfecba4&rnd=1527564904
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=5
Content-Length: 44
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23OpR%... Frame 312C
Redirect Chain

http://bcp.crwdcntrl.net/5/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23Op...
http://bcp.crwdcntrl.net/5/ct=y/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=...

0
0

55ms
54ms

Document
text/html

54.171.249.90
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://bcp.crwdcntrl.net/5/ct=y/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23OpR%2374012%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle/int=%23OpR%2374013%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle%20%3A%20logzmdxs/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/6201/cc.js?ns=_cc6201
Protocol: HTTP/1.1
Server: 54.171.249.90 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-171-249-90.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Accept-Encoding: gzip, deflate
Cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0E2BFB136C82917083DBB5E4D445344D
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Response headers

Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 29 May 2018 03:35:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 23-Feb-2019 03:35:04 GMT _cc_id=4022ae88d421d0488cbe70bc6afbd386;Path=/;Domain=crwdcntrl.net;Expires=Sat, 23-Feb-2019 03:35:04 GMT _cc_cc="ACZ4nGNQMDEwMkpMtbBIMTEyTDEwsbBITko1N0hKNktMS0oxtjBjAIJonlMZDHDAu%2BugLuNOA4b%2FjIwMOxHMNw33BWDs6SfUYczzi%2BewwNgPpvYwwtgfP1vCmIeRlPxqPSMOY9849YgNxr6ExP6AZNM7JDYAaW0%2FNA%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 23-Feb-2019 03:35:04 GMT;Max-Age=23328000 _cc_aud="ABR4nGNgYGCI5jmVwQADTAyM2TNADMbsaUASADowA6I%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sat, 23-Feb-2019 03:35:04 GMT;Max-Age=23328000
Vary: Accept-Encoding
X-Server: 10.26.20.157
Content-Length: 995
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Tue, 29 May 2018 03:35:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: http://bcp.crwdcntrl.net/5/ct=y/c=6201/rand=289521366/pv=y/int=%23OpR%2356471%23Total%20Site%20Traffic%20%3A%20mhamed-ffre.tk/int=%23OpR%2374011%23mhamed-ffre.tk%20%3A%20Total%20Site%20Traffic/int=%23OpR%2374012%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle/int=%23OpR%2374013%23mhamed-ffre.tk%20%3A%20Site%20Section%20%3A%20ewelle%20%3A%20logzmdxs/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net
X-Server: 10.26.10.113
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK config250.js Show response
cdn-gl.imrworldwide.com/conf/ 11 KB
4 KB 12ms
6ms Script
application/javascript 13.32.222.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: secure-it.imrworldwide.com
URL: http://secure-it.imrworldwide.com/v60.js
Protocol: HTTP/1.1
Server: 13.32.222.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-142.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b39f3a0ee73fa28b682dc3e46ee9bef9a574a7fd6cfcc2fd26e2ef2e722db26c

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 29 May 2018 02:41:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 May 2018 02:17:26 GMT
Server: AmazonS3
Age: 3217
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: DgYltY_WGCrgwj_Fp7wB7CWekjIYWH_o
Via: 1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: kQv-yuW63Fb5Q_-8ntK-FrIc0tcCEfdMpXxHrSIo6dN8pCsXO_wzkw==

GET
H/1.1 200
OK nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 147 KB
43 KB 6ms
6ms Script
text/javascript 13.32.222.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: http://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: HTTP/1.1
Server: 13.32.222.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-142.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad4addaf71f714802a5410b386e0d3f39877abf7a2d111e88ad073c86dc538f1

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Mon, 14 May 2018 15:29:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 May 2018 13:16:59 GMT
Server: AmazonS3
Age: 43523
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: XVcjO4BvLwV8QpN9YYrOoufc45OQXeaO
Via: 1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript
X-Amz-Cf-Id: YLMNtsOtSpFWvAPUA56tP5s9EfYLiOlVaHY8ZgK3GIhVjsMK547eyw==

GET
H/1.1 200
OK ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame C8A4 0
0 7ms
6ms Document
text/html 13.32.222.142
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: http://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: HTTP/1.1
Server: 13.32.222.142 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-142.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: cdn-gl.imrworldwide.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
Accept-Encoding: gzip, deflate
Cookie: IMRID=da2b5b88-c667-4f7a-a403-85fafd0a5551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 0E2BFB136C82917083DBB5E4D445344D
Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 14 May 2018 15:29:40 GMT
Last-Modified: Thu, 03 May 2018 13:16:57 GMT
x-amz-server-side-encryption: AES256
Cache-Control: max-age=86400
x-amz-version-id: XlWBFuw82iK9o9hrYC00rPqRnxlbhpb9
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 43524
X-Cache: Hit from cloudfront
Via: 1.1 dfb957c193e8f98057bb6f530c2816a9.cloudfront.net (CloudFront)
X-Amz-Cf-Id: iukKpS759G6gh6kdpn2pOB1lJ_Hlk1ONEaHU6j4wbzZy4p3ih0zwPA==

GET
S

200

brandlift.php
www.facebook.com/
Redirect Chain

http://secure-it.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&C16=sdkv,bj.6.0.0&retry=0
https://www.facebook.com/brandlift.php?sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&media_type=dcr&advertiser_id=NA

67 B
212 B

44ms
44ms

Image
image/png

157.240.20.38
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/brandlift.php?sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&media_type=dcr&advertiser_id=NA

Protocol

SPDY

Server

157.240.20.38 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

edge-star-z-mini-shv-02-frt3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: XWBzT6cbwa4/xx2pd00DQal4eKTZ9PkA1Np8JZG/KJG3hvuB4bl9JnJkZ7Hk8+p42vovMSYRQTBORe+tKf25iQ==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 29 May 2018 03:35:04 GMT
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
content-type: image/png
status: 200
cache-control: private, no-store, no-cache, must-revalidate
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:04 GMT
Server: nginx
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Location: https://www.facebook.com/brandlift.php?sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&media_type=dcr&advertiser_id=NA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 44
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 33ms
18ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=926174&asId=48a43c04-dac7-9d73-b020-e7608b838a30&tv={c:dYfVR0,pingTime:-10,time:533,type:s,mvn:ZnNjPTExLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.72v220002022020220000022002222000022220202020222200222020002222022002222200002220222022222222222000220200000002220222220222222222222202222222222222222222222222222222222222200000022022020020000002002202022022022222222000000000022222202022022222000000020000000000000000000220002220000022200222202220022200200222022202220222222220020222202000220000222202222202222000002002002222222222220022202200022002222222202,sd:MTcuNC43MnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNC43MnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8OHx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgSGVhZGxlc3NDaHJvbWUvNjYuMC4zMzU5LjEzOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1527564904288||0471597758fd1d0046c25e72942621d9||067a9243f06e23b09a948e996055c2e8||3b5edc88f3cb1a1579632f106033b43c||a10cbd609708e772a96aa49b967e09cd||bd540597e920349783236b15ec174189||e32a0b8940d174efbd55574a64f06bf5||e3962b5bf2ff93336c0767d277df9db4||1520626246}
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:04 GMT
X-Server-Name: dt10ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 41ms
12ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=5029&asId=c94c190c-dd3d-60fc-555e-5ae87299afc8&tv={c:dYfW1T,pingTime:1,time:1153,type:p,clog:[{piv:99,vs:i,r:,w:1600,h:1200,t:143}],es:0,sc:0,ha:1,gm:1,slTimes:{i:1153,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:143,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:{piv:[1023~75],as:[1023~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:44,fm:qTp8F2Z+1*.5029|11|12|13.926174|131|132|14|15,idMap:1*}&br=u
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:04 GMT
X-Server-Name: dt06ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 40ms
12ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=5029&asId=c94c190c-dd3d-60fc-555e-5ae87299afc8&tv={c:dYfW1U,pingTime:1,time:1154,type:c,clog:[{piv:99,vs:i,r:,w:1600,h:1200,t:143}],es:0,sc:0,ha:1,gm:1,slTimes:{i:1154,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:143,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:{piv:[1023~75],as:[1023~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:44,fm:qTp8F2Z+1*.5029|11|12|13.926174|131|132|14|15,idMap:1*,metricId:publ1}&br=u
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:05 GMT
X-Server-Name: dt02ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 41ms
13ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=5029&asId=c94c190c-dd3d-60fc-555e-5ae87299afc8&tv={c:dYfW1U,pingTime:1,time:1154,type:c,clog:[{piv:99,vs:i,r:,w:1600,h:1200,t:143}],es:0,sc:0,ha:1,gm:1,slTimes:{i:1154,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:143,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:{piv:[1023~75],as:[1023~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:44,fm:qTp8F2Z+1*.5029|11|12|13.926174|131|132|14|15,idMap:1*,metricId:grpm1}&br=u
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:05 GMT
X-Server-Name: dt49ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK callback=iol.dmp.getProfile Show response
ad.crwdcntrl.net/5/c=6199/pe=y/ 220 B
503 B 120ms
30ms Script
application/javascript 52.48.217.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=6199/pe=y/callback=iol.dmp.getProfile
Requested by: Host: ssl-i.plug.it
URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js
Protocol: HTTP/1.1
Server: 52.48.217.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-48-217-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d4bdf75be7c7a675879ce4208831212cff1aa17915a70bfdaf0dc4de6268d5fb

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:05 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Cache-Control: no-cache
X-Server: 10.26.19.141
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 220
Expires: 0

GET
H/1.1 200
OK gn
secure-it.imrworldwide.com/cgi-bin/ 44 B
521 B 257ms
256ms Image
image/gif 52.212.83.185
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://secure-it.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=it-409317&ch=it-409317_b99_0&sessionId=ZXbbUlHH2hh4i2zxBVIJYeVMHMVEi1527564904&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1527564904185523&c30=bldv,6.0.0.158&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=http%3A%2F%2Fmhamed-ffre.tk%2Fewelle%2Flogzmdxs%2Fnewlibero.htm&c73=phtype,&c74=dvcnm,&df=&c62=sendTime,1527564906&rnd=417867
Protocol: HTTP/1.1
Server: 52.212.83.185 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-212-83-185.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:07 GMT
Server: nginx
P3P: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 44
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
303 B 42ms
13ms Image
image/gif 69.172.216.111
Integral Ad Science

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=5029&asId=c94c190c-dd3d-60fc-555e-5ae87299afc8&tv={c:dYfX4p,pingTime:5,time:5153,type:p,clog:[{piv:99,vs:i,r:,w:1600,h:1200,t:143}],es:0,sc:0,ha:1,gm:1,slTimes:{i:5153,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:143,wc:0.0.1600.1200,ac:-10.-10.1600.1200,am:a,cc:-10.-10.1600.1200,piv:99,obst:0,th:0,reas:,bkn:{piv:[5023~75],as:[5023~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:44,fm:qTp8F2Z+1*.5029|11|12|13.926174|131|132|14|15,idMap:1*}&br=u
Protocol: HTTP/1.1
Server: 69.172.216.111 New York, United States, ASN7415 (ADSAFE-1 - Integral Ad Science, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://mhamed-ffre.tk/ewelle/logzmdxs/newlibero.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 May 2018 03:35:09 GMT
X-Server-Name: dt51ami.ami.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: close
Content-Type: image/gif
Content-Length: 43
Server: nginx

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.imrworldwide.com/	1970-01-19 01:41:00	Name: IMRID Value: da2b5b88-c667-4f7a-a403-85fafd0a5551
			.mhamed-ffre.tk/	1970-01-18 16:29:29	Name: fup_sess Value: gcrl=0\|gic=0\|gip=0\|gis=0\|lic=0\|lip=0\|lir=0\|sfe=0\|spr=0\|sse=0\|g4=0\|exp=0\|ts=0\|dm=0\|id=0\|tsi=0\|ext=7d7b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ssl-i.plug.it/banners/js/adv_lib_login.js(Line 1) Message: ADV LIBRARY Login : 04 Mag 2018
console-api	log	URL: https://ssl-i.plug.it/banners/js/adv_library3_https.js(Line 367) Message: ADV PROFILE = 0
console-api	debug	URL: http://static.adsafeprotected.com/sca.17.4.72.js(Line 32) Message: a: 0.003173828125ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.crwdcntrl.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
b.scorecardresearch.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn-gl.imrworldwide.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
geoisp.libero.it
geoisp.virgilio.it
i.plug.it
login.libero.it
mhamed-ffre.tk
pagead2.googlesyndication.com
pixel.adsafeprotected.com
rtax.criteo.com
secure-gl.imrworldwide.com
secure-it.imrworldwide.com
securepubads.g.doubleclick.net
ssl-i.plug.it
static.adsafeprotected.com
tags.crwdcntrl.net
tpc.googlesyndication.com
track.adform.net
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
13.32.217.63
13.32.222.101
13.32.222.142
13.32.222.144
138.108.96.100
157.240.20.38
172.217.16.162
172.217.18.162
172.217.22.10
172.217.22.4
172.217.23.129
172.217.23.130
172.217.23.131
178.250.2.100
2.16.186.80
213.209.0.9
213.209.16.12
213.209.16.13
213.209.17.230
216.58.207.74
37.157.2.238
52.212.83.185
52.48.217.7
54.171.249.90
69.172.216.111
69.172.216.55
69.172.216.58
80.211.160.221
93.184.220.113
0c815b93cf68fc9a234ec06fc29143fb1f7ee2c5147ee9b1ae96bc27aa86fe67
0f003b046696fb5ae2ced1fccb532584b5edbe32449907e5dcae8fb4a69a6de9
106357d58e48c91d5b74238b6f266e0c9cc50d82af77237ff7c3dd10b06e70ef
218b29209f80f842c45307708117b423d95d5e8d10d249f67d6ef19a7d2b4eab
239537ff30411d0ce5f1abf7618fed9bdcc53a9e42b6939b6ab7f44d1e4c3cb6
3095fa4cd1c72a946217bf19a7087f03be83aa504b6233f9927cf8ded73c7e44
337751e2f14237aa01dbb428eea871d3666f20e7fdcb47aec88f68b3fa0d84ff
39a3257252a3c0d4c9e71ab27f53fbe417c2ef5d239f95c8324ac80ea0956cae
464305bda4925a724f0fbaa6f0587d1719fb354ce6cd150b0479cf16131c1111
466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f
484bab2f6c64e0c8b45371b41e0300096133024a0d1815b5fd4d930a969efc9f
4a215ee7794b8a62baf6803ddbef526402ad11f9a84e79b12b0d274693d1b553
4d9ff4a5a90662c02dde648dff8e15b3f46d79ae0eb1df443907d4b58b870292
533a39bfab92d45805b2a2499597020d8792cc0ea32b64785385e810e31e4056
56747b487f6fe59e2e4e7a95c4ac2858d83d49718a1796b02d063244e537e1f8
57ff991421381eb8c870e14f5bc240ecb11c891bd4b67ebcb3bf09a90145ea29
5ba7e47b35b5ce54469df5cbc206a5f9dfe373fff3f0cb954b61ef04b87bb79d
5c2b8668114d274528d1001dd0b1ca8c6d8e582ae016a8aaacf197f81765c054
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8
75e361c95782a0f20d72a93958ed62c02a87117e97108470bd02310dddf61020
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879f8ec99bfdf28aaefd9e31378abaa7f047350b43424df0c1cdea4b797637dd
8a4ad0524e6eb009ac750cea93c5471d0cf313f9ffb373a51f617c4b645ba4f6
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb
9c1e2bb59df7164debaa105d628e7d9bcfa767c2db05ddeeeef4da6adeaee63a
9d70a2ebbf39e4b31f49d7b234def26877428d346936637940bc922b3c994e19
9f827c190ae4aa968c2d3f245328df504e12d9116ba2d5b70657f75c22bdd31c
a351db2f8b9a9eea0ff7440737c8e87cca381c90a2d186e1cf9a05bbc4a79de4
a4252bfc130627f5aab4837d9d6e2bf95aa4a5e10af584e048955394c775d27e
a6b774d1722b797b51d8acde49b44e031bcc5800ce07d431aa016dbdbb96b083
a913772d12107cc4e3679afca0780ea8433f1820e66daa49cb4b278f46849aa5
aa503cac75e44163c1d48d102cdd84a2149772b5aa110b1ffa97edf8d0dfd1fc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad4addaf71f714802a5410b386e0d3f39877abf7a2d111e88ad073c86dc538f1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b375175575d2c6a6cebbe0f4177573f9e058a1e00fda00c5f961097b66cea18d
b39f3a0ee73fa28b682dc3e46ee9bef9a574a7fd6cfcc2fd26e2ef2e722db26c
b9ac89322c981bc25d43e800363fac00de50488e9a3ba67658355b49927ac174
c770ff35bb80f4697d11a979b8caeb50c184e8f2736c50928d1aac5811133046
c9d83081bf0b6a4c749852b77cf67886513797868f86ae0eaa228cd4802d37eb
d4bdf75be7c7a675879ce4208831212cff1aa17915a70bfdaf0dc4de6268d5fb
dce6e3bbf14ee6e3277d252915e29a846d80965d519d3270219c8403e386fcba
e19cf29055a3c489091c1c63a23c93d6f9bd5f5360a74d7f2ef854d3c2f6ae97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a14f313c1ae3d9c0369c13cb9c46c29f2e00e0508eddf13727c3d7e6655351
e8cd262a1cda289635df443ebfe41d7f551f0215fea4090d1a10c04547b3a422
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c54713c13f66000d586283d47610f486b8bc3cc817d39cba529c175bcad492
feded5b395954fa1bf46cf432f138df5f97edbc7424407bde839f4a100a297b9

mhamed-ffre.tk Open in urlscan Pro 80.211.160.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

74 Requests

4 %HTTPS

0 %IPv6

19 Domains

31 Subdomains

30 IPs

6 Countries

650 kBTransfer

1679 kBSize

2 Cookies

13 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mhamed-ffre.tk Open in urlscan Pro
80.211.160.221 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

4 %
HTTPS

0 %
IPv6

19
Domains

31
Subdomains

30
IPs

6
Countries

650 kB
Transfer

1679 kB
Size

2
Cookies

74 HTTP transactions
0 data transactions