urlscan.io logo urlscan.io
SecurityTrails logo

rdv-secret.com Open in urlscan Pro
2606:4700:3031::ac43:d4ea  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FCmqSbbtwUV7-2B0UeXhts0Jxw4iH-2F4NbS7nIjE...
Effective URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd...
Submission: On May 17 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::ac43:d4ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is rdv-secret.com.
TLS certificate: Issued by E1 on May 10th 2023. Valid for: 3 months.
This is the only time rdv-secret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
2 18.159.143.120 16509 (AMAZON-02)
1 35.158.73.11 16509 (AMAZON-02)
1 1 34.160.108.161 396982 (GOOGLE-CL...)
2 14 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 3.123.164.204 16509 (AMAZON-02)
22 6
1    167.89.123.16 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u23306908.ct.sendgrid.net
1    2606:4700:3033::6815:14b1 (United States)

ASN13335 (CLOUDFLARENET, US)
baise-directe.com
2    2606:4700:3037::ac43:a0f4 (United States)

ASN13335 (CLOUDFLARENET, US)
baise-partie.com
2    18.159.143.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-143-120.eu-central-1.compute.amazonaws.com
www.clicks.dating
1    35.158.73.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-73-11.eu-central-1.compute.amazonaws.com
www.clicks.dating
1    34.160.108.161 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 161.108.160.34.bc.googleusercontent.com
www.a2y8vytrk.com
14    2606:4700:3031::ac43:d4ea (United States)

ASN13335 (CLOUDFLARENET, US)
rdv-secret.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    3.123.164.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
ads.adextrem.com
Apex Domain
Subdomains		 Transfer
14 rdv-secret.com
rdv-secret.com
392 KB
6 adextrem.com
ads.adextrem.com — Cisco Umbrella Rank: 749325
15 KB
3 clicks.dating
www.clicks.dating
13 KB
2 baise-partie.com
baise-partie.com
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 385
85 KB
1 a2y8vytrk.com
www.a2y8vytrk.com
493 B
1 baise-directe.com
baise-directe.com
833 B
1 sendgrid.net
u23306908.ct.sendgrid.net
498 B
22 8
Domain Requested by
14 rdv-secret.com 2 redirects www.clicks.dating
rdv-secret.com
6 ads.adextrem.com rdv-secret.com
ads.adextrem.com
3 www.clicks.dating www.clicks.dating
2 baise-partie.com 2 redirects
1 ajax.googleapis.com rdv-secret.com
1 www.a2y8vytrk.com 1 redirects
1 baise-directe.com 1 redirects
1 u23306908.ct.sendgrid.net 1 redirects
22 8

This site contains links to these domains. Also see Links.

Domain
dashboard.everprofit.com
Subject Issuer Validity Valid
www.clicks.dating
Amazon RSA 2048 M02		 2023-02-13 -
2023-08-23		 6 months crt.sh
rdv-secret.com
E1		 2023-05-10 -
2023-08-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.adextrem.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-02-16		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Frame ID: EE8344AE058A734EC9B32AA754CFDEAE
Requests: 20 HTTP requests in this frame

Frame: https://ads.adextrem.com/push/ifp.php?slot=4&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.92%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:178.33.144.176&allowcookie=true&setreferrer=https%3A%2F%2Frdv-secret.com%2F
Frame ID: 008DFE715C70346000679373D6809308
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rencontre dans moins de 24h

Page URL History Show full URLs

  1. https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FCmqSbbtwUV7-2B0UeXht... HTTP 302
    https://baise-directe.com/r/0e721b92e1d394812fdb454d9?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlb... HTTP 302
    https://baise-partie.com/click.php?key=ywvveb8ky3jsxna3b5s9&tracker=BDS582&email=pascal.langlois%40ga... HTTP 302
    https://baise-partie.com/click.php?lp=1&uclick=gxe2syxr&uclickhash=gxe2syxr-gxe2syxr-kt-7vi4-tw3y-xsm... HTTP 302
    https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langl... Page URL
  2. https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langl... Page URL
  3. http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly93d3cuYTJ5OHZ5dHJrLmNvbS8yOEtMNi8yQ1R... Page URL
  4. https://www.a2y8vytrk.com/28KL6/2CTPL/?sub2=102&sub3=16907&sub5=fWrA34kc7Vjo7u93NJpKdubrd1AOUAVY8m0ZEJ... HTTP 302
    https://rdv-secret.com/offer/?id=39&lp=0&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd9... HTTP 302
    https://rdv-secret.com/plancul/1/lp1.php?pt=auto&id=39&lp=0&affid=1_102&source=16907&clickid=e6ba60... HTTP 302
    https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

503 kB
Transfer

1777 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FCmqSbbtwUV7-2B0UeXhts0Jxw4iH-2F4NbS7nIjESlj1F3qpuXYIhzrj9QCDVUXXNTJe19Edwkzb8B0bdKmm80nD4gpNPt5hePUAyeLlDRg2KT9xMFm7FNHjhKONR-2Fh5juvbD65wyuEdobyg5lI0Nb5xOsO8LiTIDP0e6sHQkwsJQE5ahy-2FvOrb5rju8qZ5Q9NTMsiSKiCcdINbP47r-2BuHqAJmH-2FlIiagTjzdXzBLNUHTts2RFXsx98-2FVmPmtqPpXUDiP58xZHsKUsjt3opQ5vJCvuZ40Qks7F-2BFWC-2BMU2nwFSpnHIODcV1rBDae-2Fp7rLHVmpTgIG1EpD6q6DwF5JMKJqsDpqC6euuvG0Px2g61QpaA-3D-3DuVbE_YdLQUIKaov6ZWiz5tgGnTmCRSkFr-2FojefGPylZmhBXv4MLAEyFSw-2BjX7BRLgvk5kAjX-2B3vHqhgDdEnbsfvvszESSvr8qGwF5LDIc-2FX-2BQu1iESGdFqFmeRX-2Bk7fCLmvPTEPKZ4ns3wWRgHIjTQ-2F9l898KA6-2BVJaNMRu5V8DJ0h5-2F1-2BIR90-2B6F0alnqSKlN-2FGerVoZUgz0SYbtMgZRlO9-2BQA-3D-3D HTTP 302
    https://baise-directe.com/r/0e721b92e1d394812fdb454d9?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6OTI3O31zOjU6ImVtYWlsIjtpOjkyNztzOjQ6InN0YXQiO3M6MjI6IjY0NjQ1ZTEyNmQxOTY5OTgxMTc0MzUiO3M6NDoibGVhZCI7czo2OiI1MjcwOTAiO3M6NzoiY2hhbm5lbCI7YToxOntzOjU6ImVtYWlsIjtpOjkyNzt9fQ%3D%3D& HTTP 302
    https://baise-partie.com/click.php?key=ywvveb8ky3jsxna3b5s9&tracker=BDS582&email=pascal.langlois%40gan.fr HTTP 302
    https://baise-partie.com/click.php?lp=1&uclick=gxe2syxr&uclickhash=gxe2syxr-gxe2syxr-kt-7vi4-tw3y-xsm7-ci3v-3368c1 HTTP 302
    https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr Page URL
  2. https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.92%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:178.33.144.176&allowcookie=true&setreferrer= Page URL
  3. http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly93d3cuYTJ5OHZ5dHJrLmNvbS8yOEtMNi8yQ1RQTC8/c3ViMj0xMDImc3ViMz0xNjkwNyZzdWI1PWZXckEzNGtjN1Zqbzd1OTNOSnBLZHVicmQxQU9VQVZZOG0wWkVKY2tFa3lsNVdDckdSY0lsY1puMzBjd2tXdkcmc3ViMT1wYXNjYWwubGFuZ2xvaXMlNDBnYW4uZnI=&hash=82178b77ebced99af80e985c07c2c174&ts=1684323975 Page URL
  4. https://www.a2y8vytrk.com/28KL6/2CTPL/?sub2=102&sub3=16907&sub5=fWrA34kc7Vjo7u93NJpKdubrd1AOUAVY8m0ZEJckEkyl5WCrGRcIlcZn30cwkWvG&sub1=pascal.langlois%40gan.fr HTTP 302
    https://rdv-secret.com/offer/?id=39&lp=0&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois%40gan.fr HTTP 302
    https://rdv-secret.com/plancul/1/lp1.php?pt=auto&id=39&lp=0&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois%40gan.fr HTTP 302
    https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FCmqSbbtwUV7-2B0UeXhts0Jxw4iH-2F4NbS7nIjESlj1F3qpuXYIhzrj9QCDVUXXNTJe19Edwkzb8B0bdKmm80nD4gpNPt5hePUAyeLlDRg2KT9xMFm7FNHjhKONR-2Fh5juvbD65wyuEdobyg5lI0Nb5xOsO8LiTIDP0e6sHQkwsJQE5ahy-2FvOrb5rju8qZ5Q9NTMsiSKiCcdINbP47r-2BuHqAJmH-2FlIiagTjzdXzBLNUHTts2RFXsx98-2FVmPmtqPpXUDiP58xZHsKUsjt3opQ5vJCvuZ40Qks7F-2BFWC-2BMU2nwFSpnHIODcV1rBDae-2Fp7rLHVmpTgIG1EpD6q6DwF5JMKJqsDpqC6euuvG0Px2g61QpaA-3D-3DuVbE_YdLQUIKaov6ZWiz5tgGnTmCRSkFr-2FojefGPylZmhBXv4MLAEyFSw-2BjX7BRLgvk5kAjX-2B3vHqhgDdEnbsfvvszESSvr8qGwF5LDIc-2FX-2BQu1iESGdFqFmeRX-2Bk7fCLmvPTEPKZ4ns3wWRgHIjTQ-2F9l898KA6-2BVJaNMRu5V8DJ0h5-2F1-2BIR90-2B6F0alnqSKlN-2FGerVoZUgz0SYbtMgZRlO9-2BQA-3D-3D HTTP 302
  • https://baise-directe.com/r/0e721b92e1d394812fdb454d9?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6OTI3O31zOjU6ImVtYWlsIjtpOjkyNztzOjQ6InN0YXQiO3M6MjI6IjY0NjQ1ZTEyNmQxOTY5OTgxMTc0MzUiO3M6NDoibGVhZCI7czo2OiI1MjcwOTAiO3M6NzoiY2hhbm5lbCI7YToxOntzOjU6ImVtYWlsIjtpOjkyNzt9fQ%3D%3D& HTTP 302
  • https://baise-partie.com/click.php?key=ywvveb8ky3jsxna3b5s9&tracker=BDS582&email=pascal.langlois%40gan.fr HTTP 302
  • https://baise-partie.com/click.php?lp=1&uclick=gxe2syxr&uclickhash=gxe2syxr-gxe2syxr-kt-7vi4-tw3y-xsm7-ci3v-3368c1 HTTP 302
  • https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a.php
www.clicks.dating/
Redirect Chain
  • https://u23306908.ct.sendgrid.net/ls/click?upn=bggGI6dzST2rzeCpLKozA7JgaCwwXCAlMJtJBJg0d3FCmqSbbtwUV7-2B0UeXhts0Jxw4iH-2F4NbS7nIjESlj1F3qpuXYIhzrj9QCDVUXXNTJe19Edwkzb8B0bdKmm80nD4gpNPt5hePUAyeLlDRg...
  • https://baise-directe.com/r/0e721b92e1d394812fdb454d9?ct=YTo1OntzOjY6InNvdXJjZSI7YToyOntpOjA7czo1OiJlbWFpbCI7aToxO2k6OTI3O31zOjU6ImVtYWlsIjtpOjkyNztzOjQ6InN0YXQiO3M6MjI6IjY0NjQ1ZTEyNmQxOTY5OTgxMTc0...
  • https://baise-partie.com/click.php?key=ywvveb8ky3jsxna3b5s9&tracker=BDS582&email=pascal.langlois%40gan.fr
  • https://baise-partie.com/click.php?lp=1&uclick=gxe2syxr&uclickhash=gxe2syxr-gxe2syxr-kt-7vi4-tw3y-xsm7-ci3v-3368c1
  • https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr
32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.143.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-143-120.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-encoding
gzip
content-length
10852
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 11:46:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.10 (Debian)
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c8b9e6bfd3699d5-CDG
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 11:46:15 GMT
location
https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoK6O%2BINDaW%2FljfoliqfAcQJgVqNB%2F1Vv6f62MMSN%2Ftg7MvuKeHvwK4IWgpGZ5FVhAhmAnaglj2qPVPBSWrEDCx3reEhfoPhpJgkiWgG4eSb%2FGkrRKRa2k9MGheYMU%2BB7szcMocvPxtHBukxcFQH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a.php
www.clicks.dating/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.92%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:178.33.144.176&allowcookie=true&setreferrer=
Requested by
Host: www.clicks.dating
URL: https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.143.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-143-120.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
02d3599d4ac26765b396d3c80fe5b963d5bc3eb28bd091986860b831926a0ea4

Request headers

Referer
https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

adxcampaignid
18232
adxcid
fWrA34kc7Vjo7u93NJpKdubrd1AOUAVY8m0ZEJckEkyl5WCrGRcIlcZn30cwkWvG
adxcost
0.12542402252789
adxdomain
adxmaterialid
48705
adxmaterialname
adxsubid
adxzoneid
16907
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
content-encoding
gzip
content-length
595
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 11:46:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.10 (Debian)
vary
Accept-Encoding
redirect.php
www.clicks.dating/delivery/ 		608 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly93d3cuYTJ5OHZ5dHJrLmNvbS8yOEtMNi8yQ1RQTC8/c3ViMj0xMDImc3ViMz0xNjkwNyZzdWI1PWZXckEzNGtjN1Zqbzd1OTNOSnBLZHVicmQxQU9VQVZZOG0wWkVKY2tFa3lsNVdDckdSY0lsY1puMzBjd2tXdkcmc3ViMT1wYXNjYWwubGFuZ2xvaXMlNDBnYW4uZnI=&hash=82178b77ebced99af80e985c07c2c174&ts=1684323975
Requested by
Host: www.clicks.dating
URL: https://www.clicks.dating/a.php?slot=16907&tracker1=BDS582&pub_cid=44ebegxe2syxr0cf&email=pascal.langlois@gan.fr&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.92%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:178.33.144.176&allowcookie=true&setreferrer=
Protocol
HTTP/1.1
Server
35.158.73.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-73-11.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
b51eda8bf90bbf9233eee386701757a0954cfcbeaf52a52d567d88103ae2fa89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
370
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 May 2023 11:46:15 GMT
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Primary Request lp12.php
rdv-secret.com/plancul/1/
Redirect Chain
  • https://www.a2y8vytrk.com/28KL6/2CTPL/?sub2=102&sub3=16907&sub5=fWrA34kc7Vjo7u93NJpKdubrd1AOUAVY8m0ZEJckEkyl5WCrGRcIlcZn30cwkWvG&sub1=pascal.langlois%40gan.fr
  • https://rdv-secret.com/offer/?id=39&lp=0&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois%40gan.fr
  • https://rdv-secret.com/plancul/1/lp1.php?pt=auto&id=39&lp=0&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois%40gan.fr
  • https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Requested by
Host: www.clicks.dating
URL: http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly93d3cuYTJ5OHZ5dHJrLmNvbS8yOEtMNi8yQ1RQTC8/c3ViMj0xMDImc3ViMz0xNjkwNyZzdWI1PWZXckEzNGtjN1Zqbzd1OTNOSnBLZHVicmQxQU9VQVZZOG0wWkVKY2tFa3lsNVdDckdSY0lsY1puMzBjd2tXdkcmc3ViMT1wYXNjYWwubGFuZ2xvaXMlNDBnYW4uZnI=&hash=82178b77ebced99af80e985c07c2c174&ts=1684323975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7f9e84b6ba3023db5ab23113260737bc1a48c395ef80f4bff9e60969f86f11

Request headers

Referer
http://www.clicks.dating/delivery/redirect.php?target=aHR0cHM6Ly93d3cuYTJ5OHZ5dHJrLmNvbS8yOEtMNi8yQ1RQTC8/c3ViMj0xMDImc3ViMz0xNjkwNyZzdWI1PWZXckEzNGtjN1Zqbzd1OTNOSnBLZHVicmQxQU9VQVZZOG0wWkVKY2tFa3lsNVdDckdSY0lsY1puMzBjd2tXdkcmc3ViMT1wYXNjYWwubGFuZ2xvaXMlNDBnYW4uZnI=&hash=82178b77ebced99af80e985c07c2c174&ts=1684323975
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c8b9e734aac2a6d-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 11:46:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj4rRQGz6EjuqRbz7j2JJzoHIe164F0iXhPWfN96%2BWZbVo9FKTvS2OlpCu1xgNo2iaUMhOO2cJOpxrQoV2OVnkhfvgJdNP6oDTDNhPvkLFtjOOJAZIPTgyAiwFvF4REdTh199mpXbvUhYNd6Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c8b9e72d91c049c-CDG
content-type
text/html; charset=UTF-8
date
Wed, 17 May 2023 11:46:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNCYcPOVhEwzvIlXSPeTNG5Giubg54ahGhwp1ew7ix3vj2KoJsBZQDdWEEQwWmu%2FFXx5UGA2rOTjE3kVjckCedtI2qMgpBkkGN4x%2BZnKNY%2FM314ocjaEg9nJvCzY5cLhgO0OdvO9PHUnB5WYBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
jquery.min.js
rdv-secret.com/plancul/1/lp12/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/jquery.min.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6392
etag
W/"14e55-591a6c2b82540-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6thBRED6gpnF9ykVgvDrDczSzaZtZXgYWh%2B6P5xPsaPuSvL09nBAD%2BsmB4M7%2BQULrp4QRzzI5p7IVodcEUPKVTFWwIbVA%2BClL5tG62jshcw2u8uhQENJYj8AW%2F0%2F%2FZlwtQXI6CoX5qBK74WGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c8b9e758cf92a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
rdv-secret.com/plancul/1/lp12/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/style.css
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26adb712e1abb07e3e9ae8a7b4f00334d621f53fbf5b7eb40ba9cc79d5f54da

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Dec 2020 15:10:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1208
etag
W/"2a35-5b66e0c9a3a28-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0gXmdSn4LvSJUsYDPUg7d7IIm4YN%2BiOURR8LIRTVrcxGVQwXmmXNNZTnnop1O5HpqRIcWWcAAyOZLaMD5rEIkN1ucaFDHiu7nvVvAY65Bb2oa%2FkfwhE3YoRz3LvM%2BokZAO6Crzq1lNqwlTJ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7c8b9e758cfd2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
rdv-secret.com/plancul/1/lp12/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/css
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68668bd8f029c3e6b6bd1fbcd92b676def3edaa7c2f92bbeb7424f778b9c7c6f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 03 Sep 2019 14:18:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a82-591a6c299a0c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2QiZxNK%2Fq1H%2BB29A9l9CoWU1OIdqnXnLadgJ0EAA2VOWMjL%2BKi%2FMZ2zHKswiivG742v99uLyW8CelbFDEqTfwtDP25jYVYzpd4SvbDfRxvueBffZyLpfLRoph%2B1l4MUXx%2BIYZICZXanSQ%2FfLg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c8b9e758cfe2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2690
jquery-2.2.4.min.js
rdv-secret.com/plancul/1/lp12/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/jquery-2.2.4.min.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6392
etag
W/"14e4a-591a6c2a8e300-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfn0ZshnhcyXnUaDE7gVdUEF1NSqRj7CdXDnK9%2FYYFv1P6kDcANYioRDLdDzSWkFzI32HyRt6cZ3OkYTXpAmhVQI2wbO5v3MQdHBUxNu4giIUcHd6c382gJeUOPLwfX0gmjkcqEUAPUQ1cj%2BVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c8b9e758cff2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style(1).css
rdv-secret.com/plancul/1/lp12/ 		176 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/style(1).css
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b17d0c9d8b2e8521b032581bc7c2064c37b890ad99eba5138cc80e2d86a9664

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6392
etag
W/"2be0d-591a6c2c76780-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WXLzAPNzmMQ0uVbCuhddwYd%2B4EABkyLbj5Y2DiwXFMC1zsrNXNVyDtKrwq5wY%2BtUHhM%2FcsUK4Vn2XqN1in9MOP613Sjk4jaj3XB%2FPl49vVUYkk%2FJ2urqv6da7Li7BlJivvHg3m26rbjMHkE5Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7c8b9e758d002a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.js
rdv-secret.com/plancul/1/lp12/ 		1 MB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/script.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab1c1f6ff5001e1edd3e55074da2607eb9026af0f971d37f0dde0845d8671cb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6392
etag
W/"12e5da-591a6c2b82540-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gv5tfwmRW%2B2PDKkJu%2FoPBeSXIF6KlSX%2FPVILjRBfW4GL0EFVXuzFWzToTlJb60JeVKExPICX02Lvfv4KDOvUSBPvxu82Azm0vfL2lBh5LF7zDeM8YdWVe4fPN9Rm%2Fih9RkMM7DCnfBg8OE8I3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c8b9e758d022a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 		84 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 05:24:43 GMT
x-content-type-options
nosniff
age
368493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86351
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 05:24:43 GMT
detect.js
ads.adextrem.com/ 		78 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adextrem.com/detect.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 11:46:16 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Sep 2017 11:31:43 GMT
Server
Apache/2.4.10 (Debian)
ETag
"4e-559751641a5c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91
loading.svg
rdv-secret.com/plancul/1/lp12/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdv-secret.com/plancul/1/lp12/loading.svg
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf5bedc2a1eb22bcd2e5274195e5ee850fe88e6e02e7af3dd00e5ea8ae1db60

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6393
etag
W/"9e0-591a6c2b82540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zeljcl755VyS6CoqNhtFNqUMyV67RBo3hA%2BwNTzXMNTCMYdfyufi8hIIOzNt%2FC5PyYjK4Dcul4KUDeKvD0ZYyEpJULi2ncj28jKOWuMXtugqbd9x9PIuYOmVWjKIN01EI7KpDR%2BsYrSPr8FptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cf-ray
7c8b9e7948cc2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mailcheck.min.js
rdv-secret.com/plancul/1/lp12/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/mailcheck.min.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe6d324af5bb8e7ad85ebebc49405fa780214b9833c850063ffddb63fcc88a2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:16 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1208
etag
W/"e3d-591a6c299a0c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNYnELeW%2FFpt%2FyLaqL2JvR1sVaejxqLScvAgjI%2Fd0L7dxt0qbl4W9pa2wvPLuenlqm%2FzOUTj5332rAc5Mu8%2BVgFz8X2JbwQaot0nz%2Bm0A6o3qWR2NF1I7y1zP3O4lGT0vrftT7IF8MnnbzDMdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c8b9e782f882a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mailcheckPG.js
rdv-secret.com/plancul/1/lp12/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/mailcheckPG.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7012d6221624a436117114c6fe2e0680aa636b7d42f48bacaac432d8bb6cf527

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6393
etag
W/"719-591a6c299a0c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fFqDQeeRf6KGnxmQTB%2BCvJlguf4xTqLpOiSrNF2NwRyTmdQb%2BKUa6JL5hMAecn2rSUdeSK33PA%2BoFh883VtuzJkRSTHI0mzHRYabKIuXNG9gEj7UVGpXGZefTLcKsavA7nuNp5eIJ2tTxDCfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c8b9e78d84a2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.cycle2.min.js
rdv-secret.com/plancul/1/lp12/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdv-secret.com/plancul/1/lp12/jquery.cycle2.min.js
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 03 Sep 2019 14:18:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6393
etag
W/"599c-591a6c2a8e300-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfQ%2FDbRqVfETby7Ed%2FFCDSio5Zjt0QXf7eqvZ%2BpMbwX7lFH7VfbeGwUBimPos%2B5xz%2BZSRRVN%2FM5q%2B1Uj5NmaijHkznBoArqXoThS77XyDEnZF81OEt0CkUN%2BqMZvPLS6irPFkFLO9XIBuZSPSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
7c8b9e78d84e2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
detect.php
ads.adextrem.com/ 		34 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adextrem.com/detect.php
Requested by
Host: ads.adextrem.com
URL: https://ads.adextrem.com/detect.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175

Request headers

Referer
https://rdv-secret.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 17 May 2023 11:46:17 GMT
Server
Apache/2.4.10 (Debian)
Connection
keep-alive
Content-Length
34
Content-Type
text/html; charset=UTF-8
sprite.png
rdv-secret.com/plancul/1/lp12/ 		196 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rdv-secret.com/plancul/1/lp12/sprite.png
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/plancul/1/lp12/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 17 May 2023 11:46:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
177
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJnWaVPdhd94euVt96SWfczGIehjBSwhTsdTj8YymV%2BQtuNMXcJqoy1xbIy1Jjs%2FtNGKfj5oEK6gzkGh80Ncs8Tctn1WNpYJkrHfyO81UhGXICFbgAbB7FssiO9wPkS9Lo3tK49M07oaOXHldw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
7c8b9e7978fa2a6d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loader.php
ads.adextrem.com/push/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adextrem.com/push/loader.php
Requested by
Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rdv-secret.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 May 2023 11:46:17 GMT
Content-Encoding
gzip
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
1561
truncated
/ 		37 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d053bc001f5b8017185802b0f3b96b1abf806fcda7b141e6408684d0b2bfe38f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
text/javascript
ifp.php
ads.adextrem.com/push/ Frame 008D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adextrem.com/push/ifp.php?slot=4
Requested by
Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/loader.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
64e3e3e8bc33bafb371a505da59f2b5f9386ee05c60b3947ccd8b65492c526b6

Request headers

Referer
https://rdv-secret.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1088
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 May 2023 11:46:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
plugindetect.js
ads.adextrem.com/delivery/ Frame 008D 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adextrem.com/delivery/plugindetect.js
Requested by
Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/ifp.php?slot=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
229cd6de3803504ccd895d2c6de028bf9ffe6cd2e7cf0ac107eb382086a7be65

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ads.adextrem.com/push/ifp.php?slot=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 17 May 2023 11:46:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2016 07:52:59 GMT
Server
Apache/2.4.10 (Debian)
ETag
"7847-5287d68deacc0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9907
ifp.php
ads.adextrem.com/push/ Frame 008D 		0
552 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adextrem.com/push/ifp.php?slot=4&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/113.0.5672.92%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:178.33.144.176&allowcookie=true&setreferrer=https%3A%2F%2Frdv-secret.com%2F
Requested by
Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/ifp.php?slot=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.164.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-164-204.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.adextrem.com/push/ifp.php?slot=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 May 2023 11:46:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache/2.4.10 (Debian)

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| _peq object| ZeroClipboard function| ucfirst function| toggle function| addInterest function| closeLayer function| openLayer function| hideInterestMatches function| showError function| hideError function| blink number| i_xhr object| xhr function| citylist function| selectCity function| highlightCity function| protectButton function| unprotectButton function| keypress object| consents function| consentAction function| getRandomArbitrary function| debounce function| AjaxBootstrapSelect function| AjaxBootstrapSelectList function| AjaxBootstrapSelectRequest function| moment function| daterangepicker number| __ADX_adextrem_regular function| getURLParameter number| __ADX_isAdBlockUser object| AdExtremPush function| validateForm function| loadCSS boolean| internalLink boolean| popunderlink boolean| exitlink object| Mailcheck function| setCookie number| pre_submit function| add_mail_on_url function| emailIsValid function| I2QQ undefined| ua undefined| html string| __ADX_slot_id number| __ADX_frequency_mseconde boolean| __ADX_only_adblock string| __ADX_link_mode boolean| __ADX_isDataUrlCompatible string| __ADX_coockie_name string| __ADX_URL_U string| __ADX_URL_U_INIT string| strLeaveArea object| AdExtremPushObj function| ini_push object| o

16 Cookies

Domain/Path Name / Value
baise-directe.com/ Name: mautic_device_id
Value: z7rvvxy7cg7e7dfyp7di92q
baise-directe.com/ Name: mtc_id
Value: 527090
baise-directe.com/ Name: mtc_sid
Value: z7rvvxy7cg7e7dfyp7di92q
baise-directe.com/ Name: mautic_referer_id
Value: 987701
baise-partie.com/ Name: uclick
Value: gxe2syxr
baise-partie.com/ Name: uclickhash
Value: gxe2syxr-gxe2syxr-kt-7vi4-tw3y-xsm7-ci3v-3368c1
www.clicks.dating/ Name: PHPSESSID
Value: 56ak0jvhumme6bifq1853iqv00
.www.clicks.dating/ Name: fp2
Value: 4cd17183d51dfc52d556c5fad586b7b5
www.a2y8vytrk.com/ Name: uniqueClick_2CTPL
Value: 3bd640e2-2c93-449a-b173-59b5ae409746:1684323975
www.a2y8vytrk.com/ Name: transaction_id
Value: e6ba60b1dc544876a54c22cd920b12ce
rdv-secret.com/ Name: PHPSESSID
Value: jnibo0g22dlbbmdtpkoq0i1no0
ads.adextrem.com/ Name: AWSELBCORS
Value: 671BC5111EC8C439EC6ECDAADF42C2FCC39A19517227BECBED123D3D2F3DC41482870D4994F5F60AFCADD93926CF44860692B62F1C523342AA1E31DD525C1153A8D6FEC31A
rdv-secret.com/ Name: fw
Value: 1600
rdv-secret.com/ Name: fh
Value: 1200
rdv-secret.com/ Name: fua
Value: Mozilla/5.0 (Windows NT 10.0
.ads.adextrem.com/ Name: fp2
Value: 4cd17183d51dfc52d556c5fad586b7b5

6 Console Messages

Source Level URL
Text
javascript warning URL: https://ads.adextrem.com/detect.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.adextrem.com/detect.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.adextrem.com/detect.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.adextrem.com/detect.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://rdv-secret.com/plancul/1/lp12/sprite.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://rdv-secret.com/plancul/1/lp12.php?pt=auto&lp=12&id=39&affid=1_102&source=16907&clickid=e6ba60b1dc544876a54c22cd920b12ce&mail=pascal.langlois@gan.fr#
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adextrem.com
ajax.googleapis.com
baise-directe.com
baise-partie.com
rdv-secret.com
u23306908.ct.sendgrid.net
www.a2y8vytrk.com
www.clicks.dating
167.89.123.16
18.159.143.120
2606:4700:3031::ac43:d4ea
2606:4700:3033::6815:14b1
2606:4700:3037::ac43:a0f4
2a00:1450:4001:810::200a
3.123.164.204
34.160.108.161
35.158.73.11
02d3599d4ac26765b396d3c80fe5b963d5bc3eb28bd091986860b831926a0ea4
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1b17d0c9d8b2e8521b032581bc7c2064c37b890ad99eba5138cc80e2d86a9664
1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8
229cd6de3803504ccd895d2c6de028bf9ffe6cd2e7cf0ac107eb382086a7be65
2bf5bedc2a1eb22bcd2e5274195e5ee850fe88e6e02e7af3dd00e5ea8ae1db60
64e3e3e8bc33bafb371a505da59f2b5f9386ee05c60b3947ccd8b65492c526b6
68668bd8f029c3e6b6bd1fbcd92b676def3edaa7c2f92bbeb7424f778b9c7c6f
6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175
7012d6221624a436117114c6fe2e0680aa636b7d42f48bacaac432d8bb6cf527
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943
b26adb712e1abb07e3e9ae8a7b4f00334d621f53fbf5b7eb40ba9cc79d5f54da
b51eda8bf90bbf9233eee386701757a0954cfcbeaf52a52d567d88103ae2fa89
bfe6d324af5bb8e7ad85ebebc49405fa780214b9833c850063ffddb63fcc88a2
d053bc001f5b8017185802b0f3b96b1abf806fcda7b141e6408684d0b2bfe38f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab1c1f6ff5001e1edd3e55074da2607eb9026af0f971d37f0dde0845d8671cb
ed7f9e84b6ba3023db5ab23113260737bc1a48c395ef80f4bff9e60969f86f11