rdv-secret.com Open in urlscan Pro
2606:4700:3031::ac43:d4ea Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://erosexx.site/
Effective URL:
https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3...
Submission: On April 16 via manual (April 16th 2023, 12:40:02 pm UTC) from HU — Scanned from FR

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3031::ac43:d4ea, located in United States and belongs to CLOUDFLARENET, US. The main domain is rdv-secret.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2022. Valid for: a year.

This is the only time rdv-secret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:202	197695 (AS-REG) (AS-REG)
1 1	2606:4700:303... 2606:4700:3036::ac43:d742	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3033::6815:1735	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 13	2606:4700:303... 2606:4700:3031::ac43:d4ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
6	3.122.219.14 3.122.219.14	16509 (AMAZON-02) (AMAZON-02)
20	6

2 2a00:f940:2:2:1:1:0:202 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

erosexx.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d742 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wvw.godaoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:1735 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

m.godastd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track701.tracklyfast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3031::ac43:d4ea (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

rdv-secret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.122.219.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com

ads.adextrem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	rdv-secret.com 2 redirects rdv-secret.com	1000 KB
6	adextrem.com ads.adextrem.com	15 KB
2	godastd.com 1 redirects m.godastd.com	1 KB
2	erosexx.site 1 redirects erosexx.site	417 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 323	30 KB
1	tracklyfast.com 1 redirects track701.tracklyfast.com	2 KB
1	godaoff.com 1 redirects wvw.godaoff.com	743 B
20	7

	Domain	Requested by
13	rdv-secret.com	2 redirects rdv-secret.com
6	ads.adextrem.com	rdv-secret.com ads.adextrem.com
2	m.godastd.com	1 redirects
2	erosexx.site	1 redirects
1	ajax.googleapis.com	rdv-secret.com
1	track701.tracklyfast.com	1 redirects
1	wvw.godaoff.com	1 redirects
20	7

This site contains links to these domains. Also see Links.

Domain
dashboard.offeriz.com

Subject Issuer	Validity	Valid
www.erosexx.site GlobalSign GCC R3 DV TLS CA 2020	`2023-04-15` - `2023-11-15`	7 months	crt.sh
*.godastd.com R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.adextrem.com Amazon RSA 2048 M02	`2023-02-13` - `2024-02-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Frame ID: 1F5D7DD1F6410EDAEA5E7B11AAE54FEE
Requests: 18 HTTP requests in this frame

Frame: https://ads.adextrem.com/push/ifp.php?slot=4&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/112.0.5615.49%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:37.59.164.97&allowcookie=true&setreferrer=https%3A%2F%2Frdv-secret.com%2F
Frame ID: 18A098BDF9D0E134EC4709B804A1AB1A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rencontre Sexuelle

Page URL History Show full URLs

http://erosexx.site/ HTTP 302
https://erosexx.site/ Page URL
https://wvw.godaoff.com/click?pid=62653&offer_id=25 HTTP 302
https://m.godastd.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=643bec9e1551be00012b8296&affpid=62653&a... HTTP 302
https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62... Page URL
https://track701.tracklyfast.com/aff_c?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653 HTTP 302
https://rdv-secret.com/offer/?lp=0&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef39... HTTP 302
https://rdv-secret.com/plancul/1/lp1.php?pt=auto&lp=0&id=2&affid=2392&source=62653&clickid=1023f5ab... HTTP 302
https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

1045 kB
Transfer

1196 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://dashboard.offeriz.com/signup_affiliate/2
Title: Affiliation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://erosexx.site/ HTTP 302
https://erosexx.site/ Page URL
https://wvw.godaoff.com/click?pid=62653&offer_id=25 HTTP 302
https://m.godastd.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=643bec9e1551be00012b8296&affpid=62653&action_id=FRdesktop&referrer=https%3A%2F%2Ferosexx.site%2F&sub1=&sub2=&sub3=&sub4=&sub5=&sub6= HTTP 302
https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653&url_bnm_redirect=https://track701.tracklyfast.com/aff_c Page URL
https://track701.tracklyfast.com/aff_c?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653 HTTP 302
https://rdv-secret.com/offer/?lp=0&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail={email} HTTP 302
https://rdv-secret.com/plancul/1/lp1.php?pt=auto&lp=0&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=%7Bemail%7D HTTP 302
https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://erosexx.site/ HTTP 302
https://erosexx.site/

Request Chain 1

https://wvw.godaoff.com/click?pid=62653&offer_id=25 HTTP 302
https://m.godastd.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=643bec9e1551be00012b8296&affpid=62653&action_id=FRdesktop&referrer=https%3A%2F%2Ferosexx.site%2F&sub1=&sub2=&sub3=&sub4=&sub5=&sub6= HTTP 302
https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653&url_bnm_redirect=https://track701.tracklyfast.com/aff_c

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
erosexx.site/
Redirect Chain

http://erosexx.site/
https://erosexx.site/

112 B
213 B

227ms
86ms

Document
text/html

2a00:f940:2:2:1:1:0:202
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://erosexx.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:1:0:202 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2e2eaaa1055ef943a843bdc4beeb6429783c10252956f025022ea1b20e72fd6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 16 Apr 2023 12:39:57 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 16 Apr 2023 12:39:57 GMT
Location: https://erosexx.site/
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

index.php Show response
m.godastd.com/nlp/
Redirect Chain

https://wvw.godaoff.com/click?pid=62653&offer_id=25
https://m.godastd.com/c.php?k=63r1l5p2seqav3mqsdvc&clickid=643bec9e1551be00012b8296&affpid=62653&action_id=FRdesktop&referrer=https%3A%2F%2Ferosexx.site%2F&sub1=&sub2=&sub3=&sub4=&sub5=&sub6=
https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653&url_bnm_redirect=https://track701.tracklyfast.com/aff_c

149 B
403 B

43ms
42ms

Document
text/html

2606:4700:3033::6815:1735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653&url_bnm_redirect=https://track701.tracklyfast.com/aff_c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1735 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7747e88d897bf6ac0ec6b539bbdfe2458f659c5d23e4ed0a5ae6af0930f3f68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erosexx.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b8c7e7f2b6ed578-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Apr 2023 12:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WiFHIVNoSJ%2BmjqFZyoFraxoXL6Cmsq2XTWZO%2Fqd59YjOUdc1CFzCbmOmZZQzbhVCDWen7H0iotdmUg4Hx%2FOscdTjku4cqq%2BpyCXXQw4Ruw1f5r4IHHoTsKWBYI7LHn%2FFlDou8uj4y2Mi%2B%2FYE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b8c7e7e7af4d578-CDG
content-type: text/html; charset=UTF-8
date: Sun, 16 Apr 2023 12:39:58 GMT
location: https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653&url_bnm_redirect=https://track701.tracklyfast.com/aff_c
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42ucl7eQ9y1sR0OogSZdT3CTKOJIwTVq9NO5NlscBdJk%2BVoNO2WcBTZ5otc0yrfQUP%2BZO1dTwqfTvjtlq29%2BeSN7Z%2F%2BbqQK%2FktB%2FWrrrvJyob%2BauWQECq%2FYzOU9kXywxOyd8fx0gL4BFI5KK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

GET
H3

200

Primary Request lp15.php Show response
rdv-secret.com/plancul/1/
Redirect Chain

https://track701.tracklyfast.com/aff_c?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653
https://rdv-secret.com/offer/?lp=0&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail={email}
https://rdv-secret.com/plancul/1/lp1.php?pt=auto&lp=0&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=%7Bemail%7D
https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=

27 KB
10 KB

728ms
726ms

Document
text/html

2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df75271464826249c308841a0785ebc60b79a8e48dc1e5e75b77b4a95d17532

Request headers

Referer: https://m.godastd.com/nlp/index.php?offer_id=559&aff_id=2392&aff_sub2=c4713irlpuo4kdz0a5&source=62653&url_bnm_redirect=https://track701.tracklyfast.com/aff_c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b8c7e81cdec0379-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 16 Apr 2023 12:39:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV1zfazL9thjPRxrivYjvDdj2FSNXfRhOAE5t67Z3B2%2FSmwgg2ZOTErGnBqolvroRz%2FOtJQIAM0u%2FOFLs894%2BdNMRj50ExoXop8svIdBCDocJ9cG16Z2odA7%2FCPSrbrPiLJr1haX%2Fs59jmbhHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7b8c7e8168ce3cce-CDG
content-type: text/html; charset=UTF-8
date: Sun, 16 Apr 2023 12:39:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFk0p42Up3j8oqdaNafgnUKHW8lq1W037R%2FGQw3Y52WqtzJ%2BMFPYgQ%2FfG5Hz103jACDH7mqa%2BeWwXgMR%2F%2B%2FvpRE1MoGSAjnN3dAxZFN7s14hYu2GBSZ1T9t0hZrydLTLG8SCKv1M78khHKt8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 style.css
rdv-secret.com/plancul/1/lp15/ 11 KB
2 KB 55ms
55ms Stylesheet
text/css 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdv-secret.com/plancul/1/lp15/style.css?v=643bec9fac581
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed9a94b515a5c841ce4518d354a88d6cea607390fe8c6a21fe303ecac227f66

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Sep 2021 13:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c0b-5cb7c0f8d1d9b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zvi9YoErJ%2FixhuHFvWoTO4jVD9NdBjeKCJorP%2FJt8okhtF1cgrH6ZCKJKXWsfzLmp7umcRmSBM3LB5sHpZRzdStH98%2FdShY%2B03OqM4B1rR43cvVMbCty%2FRVstGrK6yAqF2%2FNOj0evdpSSqBhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7b8c7e8659700379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 91ms
25ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Apr 2024 18:00:15 GMT

GET
H3 200 javascriptje.js Show response
rdv-secret.com/plancul/1/lp15/ 85 KB
31 KB 29ms
29ms Script
application/javascript 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdv-secret.com/plancul/1/lp15/javascriptje.js
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04378445af160757c9616795d113e0970f02cb40d9d3e9fda029bf684e8956bb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: W/"1558b-5957c2d5b6140-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CICPHZRk%2BmiJbWnchx7y20LS9U3bQBj3QnzvnDG73uAaSRJ0IVo7G2MEl%2FynwPn8WcvZ8v4xp6LN3%2BreGx0Mmuu%2FAjBBX%2FVLTH2raz1yxHLscw%2Bq95h%2FuFKn6i3C67lWkT%2BHiaWWcssORzC6sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7b8c7e8659720379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK detect.js Show response
ads.adextrem.com/ 78 B
826 B 132ms
23ms Script
application/javascript 3.122.219.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/detect.js
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.219.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 12:39:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Sep 2017 11:31:43 GMT
Server: Apache/2.4.10 (Debian)
ETag: "4e-559751641a5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91

GET
H3 200 bg2.jpg
rdv-secret.com/plancul/1/lp15/ 130 KB
131 KB 26ms
25ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg2.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "208cf-5957c2d79e5c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSAFnQTw7N3GPG0AXERHMqCbLrKr1RV82sN4rtiNElzjqWm6ITlg6rMPUEjlswwQJ%2FPOWZzDhJc3iejM4fZK%2B%2Fh2MAy%2FbyEI81yv1Q2vmwpAi0KpFR5K5%2FHxGk2dxotVNlOV9LaJCHtbtPcAdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e871a130379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133327

GET
H3 200 bg3.jpg
rdv-secret.com/plancul/1/lp15/ 159 KB
159 KB 53ms
52ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg3.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "27a8f-5957c2d6aa380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxqRQtNDAif4lZDHI9GvObxU2C10gKx0Rt4B%2FmGxReeAyRP95M9bYDqrIocdtmmrTcH8qgjE%2B33jx2HvZmftMIIHIJ7GJO40oOVCB6cAcBVYnRiiWERAjHp%2BAtRZdsDjYdGPzCnjOtrd%2Blxo6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e873a2d0379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 162447

GET
H3 200 bg4.jpg
rdv-secret.com/plancul/1/lp15/ 125 KB
125 KB 46ms
43ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg4.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "1f352-5957c2d6aa380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63tRMVzPwiUYpjmxKGiG49WFhvIk2SQL5hoS2hdDWZlDaQxprf5X3ahq7oEiJwK32O7EaWuvvn9jUIYeeRHxF8lCLRyNQQG4ZfSOMYFlPQLjiBJZajzPawVpu9Y%2BaETXTVHoNJbNlDotKW771A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e877a620379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 127826

GET
H3 200 bg5.jpg
rdv-secret.com/plancul/1/lp15/ 113 KB
114 KB 46ms
42ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg5.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "1c5c3-5957c2d5b6140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbrUbGvnaZ96yP95XyCO8Sg5%2Flhpa8gJR8I2wdz9%2BwUxKPqWWNsSwdnqQ0TtqmmzcPLcPO1JL0Y29kZ0QV4QvrArwx6SiK9l6vG62wKyuYKEeCahK6V76b6QU4ckr7A8AZi9oLDOPiH4IrQHyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e878a680379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 116163

GET
H3 200 bg6.jpg
rdv-secret.com/plancul/1/lp15/ 164 KB
164 KB 103ms
97ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg6.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "28ea7-5957c2d5b6140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVMRxspLlDaVQrBSHmxxjIi4QjPnhaGrGHjanS5X5YwF2uJ49z7dkZHFootYykRfV0qGzH11zQYT8FLbTZQW6oBm99T1k1SX1WPcD%2Fbq9%2BBJsR9Cr%2BW7kSelxbhGj6SwCUAPdDmIv4e92%2BoC8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e878a690379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 167591

GET
H3 200 bg7.jpg
rdv-secret.com/plancul/1/lp15/ 124 KB
124 KB 138ms
133ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg7.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "1ee3c-5957c2d5b6140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujMpZv%2BYjVluO433ZIghvin66YIo0h3E%2B4d1wHR8OQohVItWLVOn8jegyKt2qtJiFiP5Y%2BOlglmnd%2FBzULFQOd5gAbCgzyko62%2B1Ceb018o0LZ04LxlwNpsCp%2Fiu%2BR5lzyqAkUAyXAtQJr1bRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e878a6b0379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 126524

GET
H3 200 bg1.jpg
rdv-secret.com/plancul/1/lp15/ 109 KB
109 KB 162ms
157ms Image
image/jpeg 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/bg1.jpg
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "1b333-5957c2d6aa380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nai2UN8EXhEhozye5syYoCLZq1Gcd%2B%2FlrOLAbj4wQYEs9yiS7L%2F6TcP3bQ0erjYBpkeb5Q%2BSlMb0P77EKY3U8NU7dq7SYI8Lu%2BlfCoWkFa5CsK5hX%2F5%2FdtGqLc%2Bewpt2%2Fdd7OfIUDjO6xNL40g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7b8c7e878a6c0379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111411

GET
H3 200 secured-website.png
rdv-secret.com/plancul/1/lp15/ 29 KB
29 KB 190ms
186ms Image
image/png 2606:4700:3031::ac43:d4ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdv-secret.com/plancul/1/lp15/secured-website.png
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41ba3dae709e1a8984377fab99ded7d1aebba4afa08b73ab8137fc647a87509

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Sun, 16 Apr 2023 12:39:59 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Oct 2019 09:10:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 240
etag: "73a2-5957c2d79e5c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47LUSdl%2FmND16KbNpCDOqigN9Cd3Vc74FoVdFcXsotIlbo2%2FAUgFq3KOTas7iZVlZf2jaRVOeIn3y43p4Noz88vJ8%2B9cvJH2EuUnujM1D9EglRVAUT0AGyfje%2FRhzrw8aqR3%2FfxZirkyBhDRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7b8c7e878a6d0379-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29602

GET
H/1.1 200
OK detect.php Show response
ads.adextrem.com/ 34 B
206 B 26ms
25ms Script
text/html 3.122.219.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/detect.php
Requested by: Host: ads.adextrem.com
URL: https://ads.adextrem.com/detect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.219.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175

Request headers

Referer: https://rdv-secret.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 16 Apr 2023 12:39:59 GMT
Server: Apache/2.4.10 (Debian)
Connection: keep-alive
Content-Length: 34
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK loader.php Show response
ads.adextrem.com/push/ 4 KB
2 KB 25ms
23ms Script
text/html 3.122.219.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/push/loader.php
Requested by: Host: rdv-secret.com
URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.219.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rdv-secret.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Apr 2023 12:39:59 GMT
Content-Encoding: gzip
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 1561

GET
DATA 200
OK truncated Show response
/ 37 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d053bc001f5b8017185802b0f3b96b1abf806fcda7b141e6408684d0b2bfe38f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H/1.1 200
OK ifp.php Show response
ads.adextrem.com/push/ Frame 18A0 2 KB
1 KB 23ms
23ms Document
text/html 3.122.219.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/push/ifp.php?slot=4
Requested by: Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/loader.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.219.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 2aaaa3e52be4b6b1262d4bba69d027bec1ea5c6c3c14103bbe16c5ffa54b68b3

Request headers

Referer: https://rdv-secret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1085
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Apr 2023 12:39:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H/1.1 200
OK plugindetect.js Show response
ads.adextrem.com/delivery/ Frame 18A0 30 KB
10 KB 25ms
25ms Script
application/javascript 3.122.219.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/delivery/plugindetect.js
Requested by: Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/ifp.php?slot=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.219.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 229cd6de3803504ccd895d2c6de028bf9ffe6cd2e7cf0ac107eb382086a7be65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://ads.adextrem.com/push/ifp.php?slot=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Sun, 16 Apr 2023 12:40:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2016 07:52:59 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7847-5287d68deacc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9907

GET
H/1.1 200
OK ifp.php Show response
ads.adextrem.com/push/ Frame 18A0 0
552 B 72ms
71ms Document
text/html 3.122.219.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/push/ifp.php?slot=4&fp2=AX1|tz:0|w:1600|h:1200|ua:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/112.0.5615.49%20Safari/537.36|lng:fr-FR,fr;q=0.9|Chrome%20PDF%20Plugin|Chrome%20PDF%20Viewer|Native%20Client|IP:37.59.164.97&allowcookie=true&setreferrer=https%3A%2F%2Frdv-secret.com%2F
Requested by: Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/ifp.php?slot=4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.219.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-219-14.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.adextrem.com/push/ifp.php?slot=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 16 Apr 2023 12:40:00 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Debian)

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wvw.godaoff.com/	1970-01-20 19:53:04	Name: afclick Value: 643bec9e1551be00012b8296
wvw.godaoff.com/	1970-01-20 19:53:04	Name: afoffers Value: {"25":1681648798}
m.godastd.com/	1970-01-20 11:08:55	Name: uclick Value: irlpuo4kbl
m.godastd.com/	1970-01-20 11:08:55	Name: uclickhash Value: irlpuo4kbl-irlpuo4kdz-xsa9-1mmy-gxbz8n-1mx9dz-1msyvr-d17ab8
track701.tracklyfast.com/	1970-01-20 11:50:40	Name: enc_aff_session_559 Value: ENC037df389498adeac52bc6e27be8bbc5deb610b49d90e07d66062bf2c414c66d0c310556f1c8a2d43fcf2360d1edfc538a5703817721e292683dfca1414e4d82e28b457832c21d00e61106f636e25c8aead97ca54dceb969d694b5af4168a8bb2434ba41c8a934237bbf9e46d974438b07ad29fac64ee1fc2820137b1db93ad5a570455ac7ad271c27689220e68d4fb9559124a2ba8b8958dbc3f052a0eee8845460a6a30ce
track701.tracklyfast.com/	1970-01-20 20:43:28	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTIiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuNDkgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImZyLUZSLGZyO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
rdv-secret.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: le35ksrlelk0838jk5p80tgjp4
ads.adextrem.com/	1970-01-20 11:07:29	Name: AWSELBCORS Value: 671BC5111EC8C439EC6ECDAADF42C2FCC39A19517227BECBED123D3D2F3DC41482870D4994F5F60AFCADD93926CF44860692B62F1C152ACF8DBA4A3B75D7E7AFDD4F0291A9
rdv-secret.com/	1970-01-20 11:50:40	Name: fw Value: 1600
rdv-secret.com/	1970-01-20 11:50:40	Name: fh Value: 1200
rdv-secret.com/	1970-01-20 11:50:40	Name: fua Value: Mozilla/5.0 (Windows NT 10.0
.ads.adextrem.com/	1970-01-20 11:17:33	Name: fp2 Value: eb25265177e95f1dfc398afebaee4a48

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ads.adextrem.com/detect.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.adextrem.com/detect.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.adextrem.com/detect.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.adextrem.com/detect.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	error	URL: https://rdv-secret.com/plancul/1/lp15.php?pt=auto&lp=15&id=2&affid=2392&source=62653&clickid=1023f5ab2d7ed9de091730aef3936b&mail=# Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adextrem.com
ajax.googleapis.com
erosexx.site
m.godastd.com
rdv-secret.com
track701.tracklyfast.com
wvw.godaoff.com
2606:4700:3031::ac43:d4ea
2606:4700:3033::6815:1735
2606:4700:3036::ac43:d742
2a00:1450:4001:800::200a
2a00:f940:2:2:1:1:0:202
2a06:98c1:3120::3
3.122.219.14
04378445af160757c9616795d113e0970f02cb40d9d3e9fda029bf684e8956bb
1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8
229cd6de3803504ccd895d2c6de028bf9ffe6cd2e7cf0ac107eb382086a7be65
2aaaa3e52be4b6b1262d4bba69d027bec1ea5c6c3c14103bbe16c5ffa54b68b3
2e2eaaa1055ef943a843bdc4beeb6429783c10252956f025022ea1b20e72fd6a
49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804
6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c
7747e88d897bf6ac0ec6b539bbdfe2458f659c5d23e4ed0a5ae6af0930f3f68b
888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2
8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943
8df75271464826249c308841a0785ebc60b79a8e48dc1e5e75b77b4a95d17532
90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8
bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77
d053bc001f5b8017185802b0f3b96b1abf806fcda7b141e6408684d0b2bfe38f
d41ba3dae709e1a8984377fab99ded7d1aebba4afa08b73ab8137fc647a87509
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14
eed9a94b515a5c841ce4518d354a88d6cea607390fe8c6a21fe303ecac227f66
f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780

rdv-secret.com Open in urlscan Pro 2606:4700:3031::ac43:d4ea Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

86 %IPv6

7 Domains

7 Subdomains

6 IPs

3 Countries

1045 kBTransfer

1196 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

12 Cookies

5 Console Messages

Indicators

rdv-secret.com Open in urlscan Pro
2606:4700:3031::ac43:d4ea Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

1045 kB
Transfer

1196 kB
Size

12
Cookies

20 HTTP transactions
1 data transactions