urlscan.io logo urlscan.io
SecurityTrails logo

s3.amazonaws.com Open in urlscan Pro
52.217.81.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
Effective URL: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=34537068144792...
Submission Tags: falconsandbox
Submission: On December 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 18 HTTP transactions. The main IP is 52.217.81.70, located in Ashburn, United States and belongs to AMAZON-02, US. The main domain is s3.amazonaws.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on June 23rd 2021. Valid for: a year.
This is the only time s3.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.31 61969 (TEAMINTER...)
1 2600:9000:224... 16509 (AMAZON-02)
2 3.232.117.161 14618 (AMAZON-AES)
1 52.218.29.3 16509 (AMAZON-02)
2 3.33.239.202 16509 (AMAZON-02)
3 52.217.81.70 16509 (AMAZON-02)
1 95.216.138.119 24940 (HETZNER-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a03:2880:f11... 32934 (FACEBOOK)
18 10
4    185.53.177.31 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)
downloader48speeder.ga
1    2600:9000:224a:2400:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)
d1lxhc4jvstzrp.cloudfront.net
2    3.232.117.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-117-161.compute-1.amazonaws.com
katie.v4.omgtnc.com
1    52.218.29.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
2    3.33.239.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4e2909a0d7f91ad3.awsglobalaccelerator.com
fadverdirect.com
3    52.217.81.70 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    95.216.138.119 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.119.138.216.95.clients.your-server.de
www.addonsearch.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
4 downloader48speeder.ga d1lxhc4jvstzrp.cloudfront.net
downloader48speeder.ga
3 s3.amazonaws.com s3.amazonaws.com
2 www.facebook.com s3.amazonaws.com
2 connect.facebook.net s3.amazonaws.com
connect.facebook.net
2 fadverdirect.com katie.v4.omgtnc.com
2 katie.v4.omgtnc.com downloader48speeder.ga
katie.v4.omgtnc.com
1 www.addonsearch.net s3.amazonaws.com
1 s3-eu-west-1.amazonaws.com katie.v4.omgtnc.com
1 d1lxhc4jvstzrp.cloudfront.net downloader48speeder.ga
18 9

This site contains no links.

Subject Issuer Validity Valid
omgtnc.com
Amazon		 2021-04-03 -
2022-05-02		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon		 2021-03-26 -
2022-03-08		 a year crt.sh
fadverdirect.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-04 -
2022-06-03		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
addonsearch.net
R3		 2021-11-15 -
2022-02-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-09 -
2022-01-07		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Frame ID: FB8DE3FCF61703CA077EA7C7616AC128
Requests: 20 HTTP requests in this frame

Frame: https://www.addonsearch.net/trhandler.php
Frame ID: EAC60DB988361790A8A94E4085F40B2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Eco Search

Page URL History Show full URLs

  1. http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link Page URL
  2. https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
  3. https://fadverdirect.com/bdv_rd.dbm?ownid=zt.ivwvvkh84ivwzlomdlw&enparms2=9173%2C1909725%2C3399769%2C... Page URL
  4. https://fadverdirect.com/bdv_rd3.dbm?frdto=689584 Page URL
  5. https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&cl... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

18
Requests

72 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

10
IPs

4
Countries

309 kB
Transfer

596 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link Page URL
  2. https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjEyMzEwNDA5IiwiZCI6ImRvd25sb2FkZXI0OHNwZWVkZXIuZ2EifQ.UplUJ_hE4mMz0o8qXD8fgPEvGWQ2DvHVfbwDEZOHvC0 Page URL
  3. https://fadverdirect.com/bdv_rd.dbm?ownid=zt.ivwvvkh84ivwzlomdlw&enparms2=9173%2C1909725%2C3399769%2C9124%2C9125%2C11873%2C9174%2C0%2C0%2C9128%2C0%2C1907336%2C689584%2C50028%2C115423453689%2C206235750%2Czt.ivwvvkh84ivwzlomdlw&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=ivwvvkh84ivwzlomdlw%2Civwvvkh%2084%20ivwzlomdlw%2Civwvvkh84ivwzlomdlw&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=72&chsh=3bd29fa71d2e6126e989d1c2d784fa80&rn=10108863979&cf=8&frdto=689584&tclkid=017fb298e04a720b467cf1a26be2e98ec5d70a6544.r Page URL
  4. https://fadverdirect.com/bdv_rd3.dbm?frdto=689584 Page URL
  5. https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
iDQigxQ9
downloader48speeder.ga/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
Protocol
HTTP/1.1
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
22f142564e18a2fba3f2de798b56f8209641317810bf7ec900b8c2024228ef6b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 31 Dec 2021 04:09:05 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Redirect
adtonic
X-Template
tpl_CleanPeppermintBlack_twoclick
X-Language
german
Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Content-Encoding
gzip
js3.js
d1lxhc4jvstzrp.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Requested by
Host: downloader48speeder.ga
URL: http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
Protocol
HTTP/1.1
Server
2600:9000:224a:2400:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloader48speeder.ga/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 10:43:08 GMT
Via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
Last-Modified
Tue, 17 Aug 2021 09:17:22 GMT
Server
nginx
Age
62757
ETag
"611b7ea2-46e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
1134
X-Amz-Cf-Id
b5lFlNORQVMc0qq5GIh1gxQywSoYdr-6Gbe6ceOeYv3_VYnp68MPQA==
track.php
downloader48speeder.ga/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downloader48speeder.ga/track.php?domain=downloader48speeder.ga&toggle=browserjs&uid=MTY0MDkyMzc0NC45MTE3OjYwY2RhM2U3NDM4MzgxNmQ1NjcxMjFiY2MzODViNTg4ZDQyMjE3ZGNmM2ZiM2I0NTk3YmVhMTcwZjU3NGFjYmU6NjFjZTgyNjBkZTk1NA%3D%3D
Requested by
Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 31 Dec 2021 04:09:05 GMT
Content-Encoding
gzip
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
ls.php
downloader48speeder.ga/ 		0
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downloader48speeder.ga/ls.php
Requested by
Host: downloader48speeder.ga
URL: http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
Protocol
HTTP/1.1
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Fri, 31 Dec 2021 04:09:05 GMT
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, OPTIONS
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_qZf8rb5byJ+y1IH6OqP4Q0mxPZJqftgfj2fEBvEEzCd4LVaG6RJvxxurAsVU+g8DO3uqFeDR3Kwh5c6WVRglLw==
Access-Control-Allow-Origin
http://downloader48speeder.ga
X-Log-Success
61ce8261480df5618d3e2071
Charset
utf-8
Accept-CH-Lifetime
30
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Server
nginx
track.php
downloader48speeder.ga/ 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downloader48speeder.ga/track.php?click=3d53a09f84bf7b3bb152131fbb9c62f61fd1c5e9&domain=downloader48speeder.ga&uid=MTY0MDkyMzc0NC45MTE3OjYwY2RhM2U3NDM4MzgxNmQ1NjcxMjFiY2MzODViNTg4ZDQyMjE3ZGNmM2ZiM2I0NTk3YmVhMTcwZjU3NGFjYmU6NjFjZTgyNjBkZTk1NA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MWNlODI2MGRlOTI3fHx8MTY0MDkyMzc0NS4zNzIyfGEwNzRmM2ZjZDYxZmI0MTEwZjRkODQzNTllNjIzZjkxNjUzMDM3M2N8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwxfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxjMmQyNTM5MmU0OGMxOTMwNGI3ZWRiZjI1NWYyZDg4M2VlOGYyNzZmfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDA%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
Requested by
Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
185.53.177.31 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 31 Dec 2021 04:09:05 GMT
Content-Encoding
gzip
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Vary
Accept-Encoding
Accept-CH-Lifetime
30
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
X-View-Match
true
Connection
keep-alive
Transfer-Encoding
chunked
Server
nginx
017fb298e04a720b467cf1a26be2e98ec5d70a6544.r
katie.v4.omgtnc.com/api/user/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjEyMzEwNDA5IiwiZCI6ImRvd25sb2FkZXI0OHNwZWVkZXIuZ2EifQ.UplUJ_hE4mMz0o8qXD8fgPEvGWQ2DvHVfbwDEZOHvC0
Requested by
Host: downloader48speeder.ga
URL: http://downloader48speeder.ga/iDQigxQ9?filename=hello.please%20send%20me%20antidetect%208%20link
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.117.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-117-161.compute-1.amazonaws.com
Software
/
Resource Hash
9cbcf8f43662c7b606a0439e6571446eb5d5788ae629d7f9f7972ccdb11de13c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://downloader48speeder.ga/

Response headers

date
Fri, 31 Dec 2021 04:09:05 GMT
content-type
text/html; charset=utf-8
content-length
2168
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
accept-ch
UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjEyMzEwNDA5IiwiZCI6ImRvd25sb2FkZXI0OHNwZWVkZXIuZ2EifQ.UplUJ_hE4mMz0o8qXD8fgPEvGWQ2DvHVfbwDEZOHvC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.29.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 31 Dec 2021 04:09:06 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
YKKBA9BZCZPF7QNR
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
PUrghfpXXxPHQ+4JJ3EzPsHkhhb5v9mwjSGKmsvbqTUXlB5mynJdwm9ykPz+zfQ0ynj1W7dtWvs=
017fb298e04a720b467cf1a26be2e98ec5d70a6544.r
katie.v4.omgtnc.com/api/product/ 		516 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://katie.v4.omgtnc.com/api/product/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?confirm=e0afd1ffa1f7a5861155558de0217c4b&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Fdownloader48speeder.ga%2F&reftaken=feed&refEqual=true
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjEyMzEwNDA5IiwiZCI6ImRvd25sb2FkZXI0OHNwZWVkZXIuZ2EifQ.UplUJ_hE4mMz0o8qXD8fgPEvGWQ2DvHVfbwDEZOHvC0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.117.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-117-161.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 04:09:05 GMT
referrer-policy
no-referrer
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
content-length
516
content-type
text/html; charset=utf-8
bdv_rd.dbm
fadverdirect.com/ 		24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fadverdirect.com/bdv_rd.dbm?ownid=zt.ivwvvkh84ivwzlomdlw&enparms2=9173%2C1909725%2C3399769%2C9124%2C9125%2C11873%2C9174%2C0%2C0%2C9128%2C0%2C1907336%2C689584%2C50028%2C115423453689%2C206235750%2Czt.ivwvvkh84ivwzlomdlw&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=ivwvvkh84ivwzlomdlw%2Civwvvkh%2084%20ivwzlomdlw%2Civwvvkh84ivwzlomdlw&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=72&chsh=3bd29fa71d2e6126e989d1c2d784fa80&rn=10108863979&cf=8&frdto=689584&tclkid=017fb298e04a720b467cf1a26be2e98ec5d70a6544.r
Requested by
Host: katie.v4.omgtnc.com
URL: https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjEyMzEwNDA5IiwiZCI6ImRvd25sb2FkZXI0OHNwZWVkZXIuZ2EifQ.UplUJ_hE4mMz0o8qXD8fgPEvGWQ2DvHVfbwDEZOHvC0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.239.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4e2909a0d7f91ad3.awsglobalaccelerator.com
Software
Microsoft-IIS/8.5 / PHP/7.3.7 ASP.NET
Resource Hash
827e2910f0fce9568fa47e50378d3958831c5b57e035cf914162caa8b1bf9eaf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.3.7 ASP.NET
Date
Fri, 31 Dec 2021 04:08:58 GMT
Content-Length
24788
Vary
Accept-Encoding
bdv_rd3.dbm
fadverdirect.com/ 		890 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fadverdirect.com/bdv_rd3.dbm?frdto=689584
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.239.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4e2909a0d7f91ad3.awsglobalaccelerator.com
Software
Microsoft-IIS/8.5 / PHP/7.3.7 ASP.NET
Resource Hash
2dcb2f1b464484de6be3235d7f3646a3981701bd02b6197c357660cab432f417
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
Origin
https://fadverdirect.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fadverdirect.com/bdv_rd.dbm?ownid=zt.ivwvvkh84ivwzlomdlw&enparms2=9173%2C1909725%2C3399769%2C9124%2C9125%2C11873%2C9174%2C0%2C0%2C9128%2C0%2C1907336%2C689584%2C50028%2C115423453689%2C206235750%2Czt.ivwvvkh84ivwzlomdlw&u_agnt=a2fdad25d911a8a4b39828759d282361&skter=ivwvvkh84ivwzlomdlw%2Civwvvkh%2084%20ivwzlomdlw%2Civwvvkh84ivwzlomdlw&czero=-1&cstate=mvhhvs&skwdb=MLI&ccntry=VW&cctid=72&chsh=3bd29fa71d2e6126e989d1c2d784fa80&rn=10108863979&cf=8&frdto=689584&tclkid=017fb298e04a720b467cf1a26be2e98ec5d70a6544.r

Response headers

Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
X-Powered-By
PHP/7.3.7 ASP.NET
X-Frame-Options
deny
Content-Security-Policy
frame-ancestors 'none'
Referrer-Polic
no-referrer
Date
Fri, 31 Dec 2021 04:08:58 GMT
Content-Length
890
Vary
Accept-Encoding
Primary Request eco.html
s3.amazonaws.com/extpro/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.81.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b80f10aa3fde71bc395ace1d0a50d22de8b5aa860853e2cc616b53ea38fe0327

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fadverdirect.com/

Response headers

x-amz-id-2
8qYCX+jFcdXAGQd6UrNPVZ/2U0azJt6cEG5ezodbHvGdqLDs8s7gY0+At4WnEuL7Ze5MZfyafIE=
x-amz-request-id
X35X9Q5AKZ9WXKC1
Date
Fri, 31 Dec 2021 04:09:07 GMT
Last-Modified
Tue, 14 Jul 2020 14:03:20 GMT
ETag
"d3e6ed4a3a3bed6e6bff8a987700f95d"
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Content-Length
12718
trhandler.php
www.addonsearch.net/ Frame EAC6 		52 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.addonsearch.net/trhandler.php
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.216.138.119 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.119.138.216.95.clients.your-server.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
873caa9743ddac49b8e600c33180518ee3416c14dcb76b3930ff08c860d77a3f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/

Response headers

Date
Fri, 31 Dec 2021 04:09:06 GMT
Server
Apache/2.4.29 (Ubuntu)
Content-Length
52
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
/wAtYKhPZE4ipENzLQ+xK0RIo9ovDCq6xH9MnTxz2gzdfWPjIIS92Mn0CJsEJlqEDm3qAWGeO0ynzscNVGqihw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 31 Dec 2021 04:09:06 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
nature.jpg
s3.amazonaws.com/extpro/img/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/extpro/img/nature.jpg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.81.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
907a44ee1fd7cfb088f3fe6792231d6a4cb4e3179558269ae75bf7de188d2c9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Fri, 31 Dec 2021 04:09:07 GMT
Last-Modified
Tue, 14 Jul 2020 13:38:02 GMT
Server
AmazonS3
x-amz-request-id
X35P1KZZATNCNPJW
ETag
"acfbcb2b525b32854d0aaccc1fad0b4c"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
114507
x-amz-id-2
fVH0cWqbOq6LcJYnMvWq/dKtUYeuK3U92LN+9VUx45CXWv3SyjaYBWbn5zv1Z3KnOkhdiThoAyY=
truncated
/ 		382 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
chrome-install-de.mp3
s3.amazonaws.com/extpro/audio/ 		27 KB
28 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/extpro/audio/chrome-install-de.mp3
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.81.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bb62e0ef481571f12f08143eca5eefbc5aa2db0a9e783bac9e31212146388d99

Request headers

Referer
https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 31 Dec 2021 04:09:07 GMT
Last-Modified
Fri, 29 Nov 2019 13:08:09 GMT
Server
AmazonS3
x-amz-request-id
X35RQFFK6A7VTKK7
ETag
"51baab6c7a4a89f9ae69e4356d880fb5"
Content-Type
audio/mp3
Content-Range
bytes 0-27839/27840
Accept-Ranges
bytes
Content-Length
27840
x-amz-id-2
tTQ4+tu1ij2WypYFslKIAgp3r5dfdQ5HUVtfUCIStON+N4yXcPJeJ8dLl3PMcVjBWguaQg2esok=
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		354 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
1731381120475197
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1731381120475197?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf3ca22b2acbf745b5759ee7cb14de1a7fd93734ac9f6a1ee5ee480e8d376d1e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
88912
x-xss-protection
0
pragma
public
x-fb-debug
kuMvJakREUf9ebGElmwPBT7DRP5BSpuD0iPe0hKRjmIc7NS8VLuMfn0KISwyagahBecI5kEVTmZad9xun33jvQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 31 Dec 2021 04:09:06 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1731381120475197&ev=PageView&dl=https%3A%2F%2Fs3.amazonaws.com%2Fextpro%2Feco.html%3Flang%3Dde%26source%3Dbv%26zoneId%3D3bd29fa71d2e6126e989d1c2d784fa80%26clickId%3D3453706814479237389123882152&rl=https%3A%2F%2Ffadverdirect.com%2F&if=false&ts=1640923746630&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&it=1640923746591&coo=false&exp=p0&rqm=GET
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/extpro/eco.html?lang=de&source=bv&zoneId=3bd29fa71d2e6126e989d1c2d784fa80&clickId=3453706814479237389123882152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 04:09:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Fri, 31 Dec 2021 04:09:06 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1731381120475197&ev=Microdata&dl=https%3A%2F%2Fs3.amazonaws.com%2Fextpro%2Feco.html%3Flang%3Dde%26source%3Dbv%26zoneId%3D3bd29fa71d2e6126e989d1c2d784fa80%26clickId%3D3453706814479237389123882152&rl=https%3A%2F%2Ffadverdirect.com%2F&if=false&ts=1640923748134&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Eco%20Search%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&it=1640923746591&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 04:09:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Fri, 31 Dec 2021 04:09:08 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| currentURL string| userAgent string| lang string| ref string| source string| zoneId string| clickId boolean| useFallback string| fallbackURL string| extensionChromeURL string| extensionFirefoxURL string| audioGuide string| txtTitle string| txtDescription string| txtInstall string| txtMessage string| txtYes string| txtNo boolean| isWindows boolean| isMobile boolean| isChrome boolean| isFirefox string| browser function| showOverlay function| showMessage function| messageYes function| messageNo boolean| timer function| checkInstallHandler function| receiveMessage function| fbq function| _fbq

3 Cookies

Domain/Path Name / Value
katie.v4.omgtnc.com/ Name: checkme
Value: e0afd1ffa1f7a5861155558de0217c4bb789
fadverdirect.com/ Name: CF3c10429eb78e3a0ef4680cccf0ff4619
Value: 1640923738000
fadverdirect.com/ Name: C3c10429eb78e3a0ef4680cccf0ff4619_js
Value: 1640952546093

2 Console Messages

Source Level URL
Text
deprecation warning URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3.js(Line 17)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
deprecation warning URL: https://katie.v4.omgtnc.com/api/user/017fb298e04a720b467cf1a26be2e98ec5d70a6544.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjEyMzEwNDA5IiwiZCI6ImRvd25sb2FkZXI0OHNwZWVkZXIuZ2EifQ.UplUJ_hE4mMz0o8qXD8fgPEvGWQ2DvHVfbwDEZOHvC0(Line 9)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1lxhc4jvstzrp.cloudfront.net
downloader48speeder.ga
fadverdirect.com
katie.v4.omgtnc.com
s3-eu-west-1.amazonaws.com
s3.amazonaws.com
www.addonsearch.net
www.facebook.com
185.53.177.31
2600:9000:224a:2400:1f:4100:9540:21
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.232.117.161
3.33.239.202
52.217.81.70
52.218.29.3
95.216.138.119
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
22f142564e18a2fba3f2de798b56f8209641317810bf7ec900b8c2024228ef6b
2dcb2f1b464484de6be3235d7f3646a3981701bd02b6197c357660cab432f417
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
827e2910f0fce9568fa47e50378d3958831c5b57e035cf914162caa8b1bf9eaf
873caa9743ddac49b8e600c33180518ee3416c14dcb76b3930ff08c860d77a3f
907a44ee1fd7cfb088f3fe6792231d6a4cb4e3179558269ae75bf7de188d2c9a
9cbcf8f43662c7b606a0439e6571446eb5d5788ae629d7f9f7972ccdb11de13c
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b80f10aa3fde71bc395ace1d0a50d22de8b5aa860853e2cc616b53ea38fe0327
bb62e0ef481571f12f08143eca5eefbc5aa2db0a9e783bac9e31212146388d99
bf3ca22b2acbf745b5759ee7cb14de1a7fd93734ac9f6a1ee5ee480e8d376d1e
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855