urlscan.io logo urlscan.io
SecurityTrails logo

top.theresultsengine.com Open in urlscan Pro
51.91.200.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://caplitalone.com/
Effective URL: https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
Submission: On August 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 10 domains to perform 9 HTTP transactions. The main IP is 51.91.200.241, located in France and belongs to OVH, FR. The main domain is top.theresultsengine.com.
TLS certificate: Issued by R3 on July 28th 2021. Valid for: 3 months.
This is the only time top.theresultsengine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 209.15.13.134 13768 (COGECO-PEER1)
1 2 209.15.13.136 13768 (COGECO-PEER1)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 1 2a05:d014:286... 16509 (AMAZON-02)
1 5 52.215.97.224 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.193.209.105 16509 (AMAZON-02)
3 51.91.200.241 16276 (OVH)
9 4
1    209.15.13.134 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
caplitalone.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
btpnative.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p274637.mybetterdl.com
1    2a05:d014:286:3502:280f:5c03:88aa:6d81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cvp1a.bemobtrk.com
5    52.215.97.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-97-224.eu-west-1.compute.amazonaws.com
topscore.info
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3031::ac43:a6dd (United States)

ASN13335 (CLOUDFLARENET, US)
feed.lookbox.net
1    18.193.209.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com
searchada.com
3    51.91.200.241 (France)

ASN16276 (OVH, FR)
PTR: ip241.ip-51-91-200.eu
top.theresultsengine.com
techadsmedia.com
Domain Requested by
5 topscore.info 1 redirects topscore.info
2 top.theresultsengine.com top.theresultsengine.com
2 btpnative.com 1 redirects
1 techadsmedia.com top.theresultsengine.com
1 searchada.com 1 redirects
1 feed.lookbox.net 1 redirects
1 ajax.googleapis.com topscore.info
1 cvp1a.bemobtrk.com 1 redirects
1 p274637.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
1 caplitalone.com 1 redirects
9 11

This site contains links to these domains. Also see Links.

Domain
www.hellobank.fr
www.bforbank.com
www.orangebank.fr
www.mafrenchbank.fr
www.theresultsengine.com
Subject Issuer Validity Valid
topscore.info
Amazon		 2021-06-02 -
2022-07-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-07-26 -
2021-10-18		 3 months crt.sh
top.theresultsengine.com
R3		 2021-07-28 -
2021-10-26		 3 months crt.sh
techadsmedia.com
R3		 2021-07-23 -
2021-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
Frame ID: C48258F30802506B107FE695F8C0AD95
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Theresultsengine.com | All Results You Need! All In One Place!

Page URL History Show full URLs

  1. http://caplitalone.com/ HTTP 302
    http://btpnative.com/click?data=bmZVMkt1QmluU1cyaXJ6OEhuOTBfWU9sMUpwQzNuY1kxUDFSWHpfclgzZFpBeGlCb... Page URL
  2. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGv3LXxTkl4ou8Rwf_khkulFfSMU3tyux_zI-C59EmPmRpnt4ao8L... HTTP 302
    https://p274637.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkKmXfSMMjk7Q08Dj-CTZF5GioOmXVNKul... HTTP 302
    https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.001&subid=86872520275&source=3... HTTP 302
    https://topscore.info/s240.php?ts=sa&in=bank&ln=DE HTTP 302
    https://topscore.info/ Page URL
  3. https://feed.lookbox.net/s240/?q=bank HTTP 302
    https://searchada.com/e22452b8-a9a4-4484-a352-42a7e1866e6e?chname=mw_DE_2569&q=bank HTTP 302
    https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

9
Requests

89 %
HTTPS

33 %
IPv6

10
Domains

11
Subdomains

4
IPs

5
Countries

313 kB
Transfer

405 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://caplitalone.com/ HTTP 302
    http://btpnative.com/click?data=bmZVMkt1QmluU1cyaXJ6OEhuOTBfWU9sMUpwQzNuY1kxUDFSWHpfclgzZFpBeGlCbnFmSGlKcjA2dV9ObWE3T3Q5dzdaSWFrV0I2MDJNTGc3eFAwSWFyUHVXSFlEUmR4OHJiX3ZJMDBxS05STWJ2UTRQV0dadDZ0aHNmV2hkZklWQlN4dmxKMzJYSHFWOHN6d3hkRGdRMg2&id=a915de40-ab89-4ad8-9cfe-aa99bcc5f1f1 Page URL
  2. http://btpnative.com/Redirect/ HTTP 302
    https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGv3LXxTkl4ou8Rwf_khkulFfSMU3tyux_zI-C59EmPmRpnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX2ByJkw_hnoLHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-ZGpeUVPf47BgtGERVdrhdoc5wAmlTDEWtiXzkKPiF0d0y6OxedLl-f8ufG-Vyn8t3DpLbnaMyBLDJj2sibB0nbvMfEzUqz3DqDz2vJB5XFD6AEkaEijmrqwV22eFf93142lLFXaWtdeUxKLkYDPDj_pVOC6McnGmhxfgOfdQkav02TO_6oAZy92f25H-kqpbOsKpX1A9PVw_XpiN2GyOz_NFRJJIQcnsIk5sBx9e7Qj_7PGaXIPapi5JH6phhEJpxByGfWVcxXUJWwXA4agY4b6ItDEHLmVVHu0AEkCGOEmnqF99BIe7As23g9iYSAEvGj9EJMagbKaHGKZ6ZxUV6tIW3nDQU0wTRRRLZ6b9BM-Uia0QAIbpbEHdWoXAYCZOXXocVRJSVLZi3GGVD-BrW7R5ACGIFrhMUdq0Y2X-xvl6AxGj5xgRqsDX0weTrd7zSprE9dSBR94R2N4o4CktrEB4jhHkoUDZlMWwaetNRLUtU1ldftm7Uz6QLcYjMEUSgUoM-h4JqN3xD2i8VJIchAsSSuBL1X5qKVMdJaa6bMBJqShORnMzxBAN_8CfGbc-bu9M_oOb3brZITLTzbXFND56vGmFsURUxNbPywyo2MTqFI5O7ncEb9i74LMckX_8jDOoozmHi-MkUifEPvcMKmpGlpMlDZi8O5xb5iGLXAMhmbxsoXBD82iKEiO1kYWJzteUrBwLHqgo6MF0xGKb5ORcGZwstLDB4PSgu9KU89XQHIS6tE2QaduBauBpq9X3RDF7HP2pa9s97c6Qo1dtDDFrtuhlA-aLy_eCEOpBKfqpDynOrgpUmLFZF24y649ibOrNuO0Oeo1EppbEYs0Zsl7mVSL1SCrdgJjWi0ugsZ833mT9Z-BX9xIx5AGqAoeb4FFLpZJq5B5VreronmLVGFLv992c29NZ0s_fLK6zOsgyrFUPImMXHvSiI6d9byHhXowe2DFGn6n9T8cX06L_531RAOERUFiCh-fo3iwFLKc92_xYwNl3Pu5mgoBrp2jj8NdTSos7m3UQE79nyuLZ4uR1n1ND4uAFHQHhYlLuZ1inf2twmcQrXYxyh-QQQmGHooc--rbual_IGHnq3e6hXbIU6ub7-moRqXH0L9txGGHiDWJJW7XBDnt_aVPDXHyAydRd-3umbilmSqEWNA44bZOVGF8YjQH50IO-ECA-X_hQpWvfThI-rY1XtBMMc4m6Q20wt4-TL6n45IzDHlXGKG8UcICulahL8TnUz89nfXhfdIcntkxvwoWHxYmWnTX-W5t1dOmUxEboW5zrx85pSjybhC7fAuGkQ5trshqF1I3lKFf_QPcg1ZMrkzRZfIpa-yUPkl2Vs67AFR2s7F1rqY3xmKifiVR5nohzS509du81wyhk9BNJEgp2gSRZeb6fmn3SZOP8lt-rCBBnPo4Z3ewlTExivJIuOR1E2ozd90UOOSSahfR1IKxXtsCAdYH-wjrMJjGIb-Gcxi3L92MM0iJRyIssgxhhpntfFyYB6efdvTYvGB4sSUphahzbsvrCl6vwBWq58sR-p92U6JAoTEkuFOiwos7dnqj7GcsPq7tV1KrV4CmG7y9IG6Tcypo0tXzwxhzvPwCpBQKKRkWDXkwRDUjGI3FHN-QiTSYr1vJ3xST96hAWLkTZppv2ODAgqbcr-Zp6notzFsPempYdXJOr8nzFaMYuxDefVrvmLRJv638Hu_qfzRUISXQkk2JmA1YwW7synk1kBoz2SuFi-HXgt3axIfbzUEdoCugy9I-5oOc7R9McpAvanJJwY-iHemUyZNX7HiHnaMzr4fK_SpbHq3qHI856E7PhlpeutCUQ1AMgaJ8Ya6EOh1stuYPImaPFzf4UIJAAC-mKJKBriZXaJShSUazdHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBIwMWm0GiwcindQUxmqxHJ-6ton4a9sn4IYUYJddZNGEFHmQcG0kBTpQHbCaGHjN5-mG-m3g_mqgRB3PCkpleyd0BaqJJ6e6uAIny8TMy-GFGGRjBowPw12QxjRJpAQZRCDeuj0QC6btCpV717tjJBID-RtqD0DhJ4YC94p_zIlOM9273-PL1e1TyZ-hnWHmWUDS1JWXrGryBtBmo95pCb8mhtSi9ZQzA3FZeR9SGMuW5anNy9AWuXbbn-u1wVTnq2Ue5nqL0JmUTTHbWr1H05x3AyP1gBbyNDn6yRVu4ZrO0Xlk35XhRa7RN6aAmM3eiGjYP1AxbO-mNE68sHm7-vzlYaFlLAg6rR1Mzuw_XDKeaOstq-BufBtNmLQDUzgbALaTEQfzMpJOfDwkRLK8UT9qPKSpnPBcjBrrFUqi47299_006yTxQr-_usdq9-Kchd31A8x6faM91GXkiyppNSWTE_UsO2RbyMHb7GoR2Ht6lJ7_r25_AbaqgchisKRmGeucqY394gFVY4XvRP8ZjFVnshfONOdf30BFoKuQ2F4-hbCqxc20AJZAzaGfRzy6zxdYm-7IRXHoKwK9SyUSauG4cqyDnWB6pke72sxxSgYg1rDWNzp32QKYyE0J0sNS645eiAZXca5-ROd2b2JjzrQGmNDPxWchEBahiJl-ctBaKzWx2e21KM_p6PS38w5gMeKZiAKD-YRuMDRjCHoFCOw0S58tY9AhtXxtQxPt4cDHtKkEfcB3ZN7WozCro2vsUosdRQQx4PX6hJx8ou9DiI01V2ur1TrtVfGxnyqfhGj5-tBZtBmyBB7cbB7bVwCesRpHy9Oj6KLJmZrRaGxXPqMMquateQDT7ZGIokYLosnfvI_RXnhr98NPK4Tbr8D9xOgXO4aOJHUvEevqB2Lw3j5lOqICy7A8nt0MrwVdeUqdVfUyKNhMpG0H9e-UWpbDSqMhDqf7kErm4RFo5Kh-hRL4sEqx-l7HYxSNStp1pvgKTB6gJwSUIt74sEqx-l7HY0_EFhlizsnYzepjkoTTRCCO5f5r7vleFnzHykOcMREwc-xu2T3uG870NatE1cnb9Q5RUDuR6cw8qQqSPuPjiW3mh6y2RNxf5w HTTP 302
    https://p274637.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkKmXfSMMjk7Q08Dj-CTZF5GioOmXVNKulVNjLlN6936TRYK8ejJitU94JLHnCbFIKjVwJ2AuHbWv8aI4WU5XGve_yKNMuAwyj90MrwVdeUqdSCKGYvLABhhF4iEcBHxfVJjKPk0uPxg_P2C-y6tYqjAwrboQ3eFuEdguLNYw3-IUYPbwW8hssrXwANDjkIaqtqITvh1QLeDdLu-ItJcb33y8O8h1mOgTNAcu8b2ET47d5GVlvDL-jPpg9vBbyGyytVpg9FaYdPWjiGK9VuQDYlB8em4RUDerV9XYNghMk9phD-V--Ry1-S4dzNolPyIVxiJt52MenVqKu_RTETHePw_sGeiwz5PO5RF_TDQxN8U9FchNB6HJHKaf38eX9cSNisbD1fBnVB8AYp4LcP2n_Pabu9OE4mpPAWc0_115PM2y-ZzBXl5BYPgdvertd9RYHEJWvyD1XzJKQYaaWiIRLX1LJpjhSLS-03_HrxpZzl7ek54YxYyTKGS2Jxyfk51HkVcGHqlrLm1YW3GKUq2r-UM6dU_3-DQtuDqcD3VFDJf-o_n_VMWxhu__uPPgLf4LbjBvFTBS0ScDE6J25LKoVMJR1IFkYyenPne5H_v3TCAjkJdfRLzNmeGhl6cG-tU5iaLuZIqj-vmeS0LzYEqQQn_O41bNYCEercT0P5BGEq5lL27vHQ1Zcc3Epw6ChknYzW1vcNBdd2DDLeBjLmy_SKQkapEgRI5DzYQ9s97gqrhy4pmIAoP5hG6Z_ex3H9vQYHLBwWwhy132yM84dIaeqIA_u9ZTR2WpkpkxtrvCsfMYgZvPN1tioKRqgEE0f5Fjh2Fpj1cEdMDm8Vt3gGI-z5Vlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWO5f5r7vleFnzHykOcMREwAUgheKjLQ6KwCMoixrppYlAdsJoYeM3n6Yb6beD-aqCsFnB-eWnMmVkP0FZzZbcZPXWMRX_HngVnv07J4v7R0mtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_SPzLT4LMmGh2X8pkP_QRbXsKZ0t97KRou&ui=u6geJV4sLGskf7d-KJz214BVNmK1S2tVb4xS2up2--o2ftDXOL1xCNBs22y4pG9ACV4lhuTYo8wKJ3Wy9xe-Gsg4K-3ZCIdEqt8o5ejSATLb0kjCNdF2qg&si=1&oref=b2dd2da797a9cbc6e367417d2d334291&optunit=juX-a-75XhbSKi5mMjRcVg&rb=LW_v4KVZAgI&rr=4&abtg=0 HTTP 302
    https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.001&subid=86872520275&source=367235248&campaignkeyword=bank&keyword=caplitalone.com+MT+Lending+entrepreneur+loan+Communities+cocktails+Drink+credit+check+Mining+finance+companies+bar+visa+gold+business+funding+social+sites+social+community+ebanking+Business+train+rails+routes+experian+checking+account+metro+Games+public+transport+Gambling+corporate+financing+capitalone.com+Industrial+visa+card+Metals+drinks+liquor+cash+advance+corporate+loan+Credit+bad+credit+Shopping+Beverages+social+media+Food+payday+loans+quicken+loans+Investing+metrobus+Finance+spirit+Accommodations+Hotels+debit+card+schedule+Travel+commercial+bank+credit+history+Online+MT+Lending+entrepreneur+loan+Communities+cocktails+Drink+credit+check+Mining+finance+companies+bar+visa+gold+business+funding+social+sites+social+community+ebanking+Business+train+rails+routes+experian+checking+account+metro+Games+public+transport+Gambling+corporate+financing+capitalone.com+Industrial+visa+card+Metals+drinks+liquor+cash+advance+corporate+loan+Credit+bad+credit+Shopping+Beverages+social+media+Food+payday+loans+quicken+loans+Investing+metrobus+Finance+spirit+Accommodations+Hotels+debit+card+schedule+Travel+commercial+bank+credit+history+Online&geo=FR&campaignname=FRANCIA+SENZA+RELATED&device=Desktop&os=Windows+10&browser=Chrome+92&carrier=UNKNOWN HTTP 302
    https://topscore.info/s240.php?ts=sa&in=bank&ln=DE HTTP 302
    https://topscore.info/ Page URL
  3. https://feed.lookbox.net/s240/?q=bank HTTP 302
    https://searchada.com/e22452b8-a9a4-4484-a352-42a7e1866e6e?chname=mw_DE_2569&q=bank HTTP 302
    https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://caplitalone.com/ HTTP 302
  • http://btpnative.com/click?data=bmZVMkt1QmluU1cyaXJ6OEhuOTBfWU9sMUpwQzNuY1kxUDFSWHpfclgzZFpBeGlCbnFmSGlKcjA2dV9ObWE3T3Q5dzdaSWFrV0I2MDJNTGc3eFAwSWFyUHVXSFlEUmR4OHJiX3ZJMDBxS05STWJ2UTRQV0dadDZ0aHNmV2hkZklWQlN4dmxKMzJYSHFWOHN6d3hkRGdRMg2&id=a915de40-ab89-4ad8-9cfe-aa99bcc5f1f1
Request Chain 1
  • http://btpnative.com/Redirect/ HTTP 302
  • https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGv3LXxTkl4ou8Rwf_khkulFfSMU3tyux_zI-C59EmPmRpnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX2ByJkw_hnoLHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy-ZGpeUVPf47BgtGERVdrhdoc5wAmlTDEWtiXzkKPiF0d0y6OxedLl-f8ufG-Vyn8t3DpLbnaMyBLDJj2sibB0nbvMfEzUqz3DqDz2vJB5XFD6AEkaEijmrqwV22eFf93142lLFXaWtdeUxKLkYDPDj_pVOC6McnGmhxfgOfdQkav02TO_6oAZy92f25H-kqpbOsKpX1A9PVw_XpiN2GyOz_NFRJJIQcnsIk5sBx9e7Qj_7PGaXIPapi5JH6phhEJpxByGfWVcxXUJWwXA4agY4b6ItDEHLmVVHu0AEkCGOEmnqF99BIe7As23g9iYSAEvGj9EJMagbKaHGKZ6ZxUV6tIW3nDQU0wTRRRLZ6b9BM-Uia0QAIbpbEHdWoXAYCZOXXocVRJSVLZi3GGVD-BrW7R5ACGIFrhMUdq0Y2X-xvl6AxGj5xgRqsDX0weTrd7zSprE9dSBR94R2N4o4CktrEB4jhHkoUDZlMWwaetNRLUtU1ldftm7Uz6QLcYjMEUSgUoM-h4JqN3xD2i8VJIchAsSSuBL1X5qKVMdJaa6bMBJqShORnMzxBAN_8CfGbc-bu9M_oOb3brZITLTzbXFND56vGmFsURUxNbPywyo2MTqFI5O7ncEb9i74LMckX_8jDOoozmHi-MkUifEPvcMKmpGlpMlDZi8O5xb5iGLXAMhmbxsoXBD82iKEiO1kYWJzteUrBwLHqgo6MF0xGKb5ORcGZwstLDB4PSgu9KU89XQHIS6tE2QaduBauBpq9X3RDF7HP2pa9s97c6Qo1dtDDFrtuhlA-aLy_eCEOpBKfqpDynOrgpUmLFZF24y649ibOrNuO0Oeo1EppbEYs0Zsl7mVSL1SCrdgJjWi0ugsZ833mT9Z-BX9xIx5AGqAoeb4FFLpZJq5B5VreronmLVGFLv992c29NZ0s_fLK6zOsgyrFUPImMXHvSiI6d9byHhXowe2DFGn6n9T8cX06L_531RAOERUFiCh-fo3iwFLKc92_xYwNl3Pu5mgoBrp2jj8NdTSos7m3UQE79nyuLZ4uR1n1ND4uAFHQHhYlLuZ1inf2twmcQrXYxyh-QQQmGHooc--rbual_IGHnq3e6hXbIU6ub7-moRqXH0L9txGGHiDWJJW7XBDnt_aVPDXHyAydRd-3umbilmSqEWNA44bZOVGF8YjQH50IO-ECA-X_hQpWvfThI-rY1XtBMMc4m6Q20wt4-TL6n45IzDHlXGKG8UcICulahL8TnUz89nfXhfdIcntkxvwoWHxYmWnTX-W5t1dOmUxEboW5zrx85pSjybhC7fAuGkQ5trshqF1I3lKFf_QPcg1ZMrkzRZfIpa-yUPkl2Vs67AFR2s7F1rqY3xmKifiVR5nohzS509du81wyhk9BNJEgp2gSRZeb6fmn3SZOP8lt-rCBBnPo4Z3ewlTExivJIuOR1E2ozd90UOOSSahfR1IKxXtsCAdYH-wjrMJjGIb-Gcxi3L92MM0iJRyIssgxhhpntfFyYB6efdvTYvGB4sSUphahzbsvrCl6vwBWq58sR-p92U6JAoTEkuFOiwos7dnqj7GcsPq7tV1KrV4CmG7y9IG6Tcypo0tXzwxhzvPwCpBQKKRkWDXkwRDUjGI3FHN-QiTSYr1vJ3xST96hAWLkTZppv2ODAgqbcr-Zp6notzFsPempYdXJOr8nzFaMYuxDefVrvmLRJv638Hu_qfzRUISXQkk2JmA1YwW7synk1kBoz2SuFi-HXgt3axIfbzUEdoCugy9I-5oOc7R9McpAvanJJwY-iHemUyZNX7HiHnaMzr4fK_SpbHq3qHI856E7PhlpeutCUQ1AMgaJ8Ya6EOh1stuYPImaPFzf4UIJAAC-mKJKBriZXaJShSUazdHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBIwMWm0GiwcindQUxmqxHJ-6ton4a9sn4IYUYJddZNGEFHmQcG0kBTpQHbCaGHjN5-mG-m3g_mqgRB3PCkpleyd0BaqJJ6e6uAIny8TMy-GFGGRjBowPw12QxjRJpAQZRCDeuj0QC6btCpV717tjJBID-RtqD0DhJ4YC94p_zIlOM9273-PL1e1TyZ-hnWHmWUDS1JWXrGryBtBmo95pCb8mhtSi9ZQzA3FZeR9SGMuW5anNy9AWuXbbn-u1wVTnq2Ue5nqL0JmUTTHbWr1H05x3AyP1gBbyNDn6yRVu4ZrO0Xlk35XhRa7RN6aAmM3eiGjYP1AxbO-mNE68sHm7-vzlYaFlLAg6rR1Mzuw_XDKeaOstq-BufBtNmLQDUzgbALaTEQfzMpJOfDwkRLK8UT9qPKSpnPBcjBrrFUqi47299_006yTxQr-_usdq9-Kchd31A8x6faM91GXkiyppNSWTE_UsO2RbyMHb7GoR2Ht6lJ7_r25_AbaqgchisKRmGeucqY394gFVY4XvRP8ZjFVnshfONOdf30BFoKuQ2F4-hbCqxc20AJZAzaGfRzy6zxdYm-7IRXHoKwK9SyUSauG4cqyDnWB6pke72sxxSgYg1rDWNzp32QKYyE0J0sNS645eiAZXca5-ROd2b2JjzrQGmNDPxWchEBahiJl-ctBaKzWx2e21KM_p6PS38w5gMeKZiAKD-YRuMDRjCHoFCOw0S58tY9AhtXxtQxPt4cDHtKkEfcB3ZN7WozCro2vsUosdRQQx4PX6hJx8ou9DiI01V2ur1TrtVfGxnyqfhGj5-tBZtBmyBB7cbB7bVwCesRpHy9Oj6KLJmZrRaGxXPqMMquateQDT7ZGIokYLosnfvI_RXnhr98NPK4Tbr8D9xOgXO4aOJHUvEevqB2Lw3j5lOqICy7A8nt0MrwVdeUqdVfUyKNhMpG0H9e-UWpbDSqMhDqf7kErm4RFo5Kh-hRL4sEqx-l7HYxSNStp1pvgKTB6gJwSUIt74sEqx-l7HY0_EFhlizsnYzepjkoTTRCCO5f5r7vleFnzHykOcMREwc-xu2T3uG870NatE1cnb9Q5RUDuR6cw8qQqSPuPjiW3mh6y2RNxf5w HTTP 302
  • https://p274637.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkKmXfSMMjk7Q08Dj-CTZF5GioOmXVNKulVNjLlN6936TRYK8ejJitU94JLHnCbFIKjVwJ2AuHbWv8aI4WU5XGve_yKNMuAwyj90MrwVdeUqdSCKGYvLABhhF4iEcBHxfVJjKPk0uPxg_P2C-y6tYqjAwrboQ3eFuEdguLNYw3-IUYPbwW8hssrXwANDjkIaqtqITvh1QLeDdLu-ItJcb33y8O8h1mOgTNAcu8b2ET47d5GVlvDL-jPpg9vBbyGyytVpg9FaYdPWjiGK9VuQDYlB8em4RUDerV9XYNghMk9phD-V--Ry1-S4dzNolPyIVxiJt52MenVqKu_RTETHePw_sGeiwz5PO5RF_TDQxN8U9FchNB6HJHKaf38eX9cSNisbD1fBnVB8AYp4LcP2n_Pabu9OE4mpPAWc0_115PM2y-ZzBXl5BYPgdvertd9RYHEJWvyD1XzJKQYaaWiIRLX1LJpjhSLS-03_HrxpZzl7ek54YxYyTKGS2Jxyfk51HkVcGHqlrLm1YW3GKUq2r-UM6dU_3-DQtuDqcD3VFDJf-o_n_VMWxhu__uPPgLf4LbjBvFTBS0ScDE6J25LKoVMJR1IFkYyenPne5H_v3TCAjkJdfRLzNmeGhl6cG-tU5iaLuZIqj-vmeS0LzYEqQQn_O41bNYCEercT0P5BGEq5lL27vHQ1Zcc3Epw6ChknYzW1vcNBdd2DDLeBjLmy_SKQkapEgRI5DzYQ9s97gqrhy4pmIAoP5hG6Z_ex3H9vQYHLBwWwhy132yM84dIaeqIA_u9ZTR2WpkpkxtrvCsfMYgZvPN1tioKRqgEE0f5Fjh2Fpj1cEdMDm8Vt3gGI-z5Vlqf_64l0Z6hpyy_YN0YQtpLSZmparWHWO5f5r7vleFnzHykOcMREwAUgheKjLQ6KwCMoixrppYlAdsJoYeM3n6Yb6beD-aqCsFnB-eWnMmVkP0FZzZbcZPXWMRX_HngVnv07J4v7R0mtdnt_Lrhn8xIM-F2T9IJsA6I4B8spzdfq1VQcFG0q_7cxV8pdl6qeNnUqwZB1wttfL2tY4RhRiPI3aj7cR-FAiUOPEN66SyzZXxnX9w3KH1wgeoYy4_2BwF5GYn3cQm7mTKB2lpsLjbWnaHeEFBufsfIEQ6j_a0nnaMzr4fK_SPzLT4LMmGh2X8pkP_QRbXsKZ0t97KRou&ui=u6geJV4sLGskf7d-KJz214BVNmK1S2tVb4xS2up2--o2ftDXOL1xCNBs22y4pG9ACV4lhuTYo8wKJ3Wy9xe-Gsg4K-3ZCIdEqt8o5ejSATLb0kjCNdF2qg&si=1&oref=b2dd2da797a9cbc6e367417d2d334291&optunit=juX-a-75XhbSKi5mMjRcVg&rb=LW_v4KVZAgI&rr=4&abtg=0 HTTP 302
  • https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.001&subid=86872520275&source=367235248&campaignkeyword=bank&keyword=caplitalone.com+MT+Lending+entrepreneur+loan+Communities+cocktails+Drink+credit+check+Mining+finance+companies+bar+visa+gold+business+funding+social+sites+social+community+ebanking+Business+train+rails+routes+experian+checking+account+metro+Games+public+transport+Gambling+corporate+financing+capitalone.com+Industrial+visa+card+Metals+drinks+liquor+cash+advance+corporate+loan+Credit+bad+credit+Shopping+Beverages+social+media+Food+payday+loans+quicken+loans+Investing+metrobus+Finance+spirit+Accommodations+Hotels+debit+card+schedule+Travel+commercial+bank+credit+history+Online+MT+Lending+entrepreneur+loan+Communities+cocktails+Drink+credit+check+Mining+finance+companies+bar+visa+gold+business+funding+social+sites+social+community+ebanking+Business+train+rails+routes+experian+checking+account+metro+Games+public+transport+Gambling+corporate+financing+capitalone.com+Industrial+visa+card+Metals+drinks+liquor+cash+advance+corporate+loan+Credit+bad+credit+Shopping+Beverages+social+media+Food+payday+loans+quicken+loans+Investing+metrobus+Finance+spirit+Accommodations+Hotels+debit+card+schedule+Travel+commercial+bank+credit+history+Online&geo=FR&campaignname=FRANCIA+SENZA+RELATED&device=Desktop&os=Windows+10&browser=Chrome+92&carrier=UNKNOWN HTTP 302
  • https://topscore.info/s240.php?ts=sa&in=bank&ln=DE HTTP 302
  • https://topscore.info/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set click
btpnative.com/
Redirect Chain
  • http://caplitalone.com/
  • http://btpnative.com/click?data=bmZVMkt1QmluU1cyaXJ6OEhuOTBfWU9sMUpwQzNuY1kxUDFSWHpfclgzZFpBeGlCbnFmSGlKcjA2dV9ObWE3T3Q5dzdaSWFrV0I2MDJNTGc3eFAwSWFyUHVXSFlEUmR4OHJiX3ZJMDBxS05STWJ2UTRQV0dadDZ0aHNmV...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://btpnative.com/click?data=bmZVMkt1QmluU1cyaXJ6OEhuOTBfWU9sMUpwQzNuY1kxUDFSWHpfclgzZFpBeGlCbnFmSGlKcjA2dV9ObWE3T3Q5dzdaSWFrV0I2MDJNTGc3eFAwSWFyUHVXSFlEUmR4OHJiX3ZJMDBxS05STWJ2UTRQV0dadDZ0aHNmV2hkZklWQlN4dmxKMzJYSHFWOHN6d3hkRGdRMg2&id=a915de40-ab89-4ad8-9cfe-aa99bcc5f1f1
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
72e472129a629ce500862f916de8592e1ed5aa82dce45fdb2823e898e790677b

Request headers

Host
btpnative.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
pgcnshVvPNEyxWK=pgcnshVvPNEyxWK; path=/
X-Server
web01
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Date
Tue, 24 Aug 2021 03:23:21 GMT
Content-Length
2186

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
http://btpnative.com/click?data=bmZVMkt1QmluU1cyaXJ6OEhuOTBfWU9sMUpwQzNuY1kxUDFSWHpfclgzZFpBeGlCbnFmSGlKcjA2dV9ObWE3T3Q5dzdaSWFrV0I2MDJNTGc3eFAwSWFyUHVXSFlEUmR4OHJiX3ZJMDBxS05STWJ2UTRQV0dadDZ0aHNmV2hkZklWQlN4dmxKMzJYSHFWOHN6d3hkRGdRMg2&id=a915de40-ab89-4ad8-9cfe-aa99bcc5f1f1
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
X-Server
web02
Date
Tue, 24 Aug 2021 03:23:20 GMT
Connection
close
Content-Length
396
/
topscore.info/
Redirect Chain
  • http://btpnative.com/Redirect/
  • https://mybetterdl.com/aS/feedclick?s=u6geJV4sLGv3LXxTkl4ou8Rwf_khkulFfSMU3tyux_zI-C59EmPmRpnt4ao8LBkH_vAN-6p8GpmDZG8TCuTZ6pDoEwlyap2kCgkrfFs9ISFE6wPoeLHgX2ByJkw_hnoLHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPB...
  • https://p274637.mybetterdl.com/adServe/domainClick?ai=aMZ3O5C3_XuH8_3zvumQkKmXfSMMjk7Q08Dj-CTZF5GioOmXVNKulVNjLlN6936TRYK8ejJitU94JLHnCbFIKjVwJ2AuHbWv8aI4WU5XGve_yKNMuAwyj90MrwVdeUqdSCKGYvLABhhF4iE...
  • https://cvp1a.bemobtrk.com/go/47f9f2bc-5a46-4b55-b129-96cb6d85f7f2?bid=0.001&subid=86872520275&source=367235248&campaignkeyword=bank&keyword=caplitalone.com+MT+Lending+entrepreneur+loan+Communities...
  • https://topscore.info/s240.php?ts=sa&in=bank&ln=DE
  • https://topscore.info/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-97-224.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d45e1b3bcd5a995f016d96f2c102a79ef61a919c02c038aa5f1b8763c67e5054

Request headers

:method
GET
:authority
topscore.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://btpnative.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
AWSALB=k+avSzrs+YYTgS5Aszi/llpgMu58cFfysTrJX9grq99dZv3iMH2NmRkXRhJYTu94p2wJet/EXwK+Q1uPy8m+2wKJmlywgu3EmKwAkWYVr63kfa5vTWGcYpxRfRTM; AWSALBCORS=k+avSzrs+YYTgS5Aszi/llpgMu58cFfysTrJX9grq99dZv3iMH2NmRkXRhJYTu94p2wJet/EXwK+Q1uPy8m+2wKJmlywgu3EmKwAkWYVr63kfa5vTWGcYpxRfRTM; PHPSESSID=a4pj6k97ckce8bq6dcrq3njpjo
Upgrade-Insecure-Requests
1
Origin
http://btpnative.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
http://btpnative.com/

Response headers

date
Tue, 24 Aug 2021 03:23:22 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/ AWSALBCORS=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/; SameSite=None; Secure
server
nginx/1.20.0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache

Redirect headers

date
Tue, 24 Aug 2021 03:23:22 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=k+avSzrs+YYTgS5Aszi/llpgMu58cFfysTrJX9grq99dZv3iMH2NmRkXRhJYTu94p2wJet/EXwK+Q1uPy8m+2wKJmlywgu3EmKwAkWYVr63kfa5vTWGcYpxRfRTM; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/ AWSALBCORS=k+avSzrs+YYTgS5Aszi/llpgMu58cFfysTrJX9grq99dZv3iMH2NmRkXRhJYTu94p2wJet/EXwK+Q1uPy8m+2wKJmlywgu3EmKwAkWYVr63kfa5vTWGcYpxRfRTM; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/; SameSite=None; Secure PHPSESSID=a4pj6k97ckce8bq6dcrq3njpjo; path=/
server
nginx/1.20.0
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
/
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 21 Aug 2021 12:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Aug 2022 12:14:35 GMT
topscore.png
topscore.info/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topscore.info/topscore.png
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-97-224.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

:path
/topscore.png
pragma
no-cache
cookie
PHPSESSID=a4pj6k97ckce8bq6dcrq3njpjo; AWSALB=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2; AWSALBCORS=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
topscore.info
referer
https://topscore.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:22 GMT
last-modified
Thu, 24 Jun 2021 11:03:44 GMT
server
nginx/1.20.0
etag
"60d46690-6fb4"
content-type
image/png
set-cookie
AWSALB=XPd7hxOUFwNdE4Tldxr8z/Hp6RuSdLm4rqVjjkZS1anwa0t5oe3bUHNBmVuhvM3RqHewwoa7WjolFHczXSKjjvFd9FsjWgdWTHBq9bO6NT1Ol2BWVRhsZQzsZrxo; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/ AWSALBCORS=XPd7hxOUFwNdE4Tldxr8z/Hp6RuSdLm4rqVjjkZS1anwa0t5oe3bUHNBmVuhvM3RqHewwoa7WjolFHczXSKjjvFd9FsjWgdWTHBq9bO6NT1Ol2BWVRhsZQzsZrxo; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
28596
feel.jpg
topscore.info/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topscore.info/feel.jpg
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-97-224.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

:path
/feel.jpg
pragma
no-cache
cookie
PHPSESSID=a4pj6k97ckce8bq6dcrq3njpjo; AWSALB=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2; AWSALBCORS=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
topscore.info
referer
https://topscore.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:22 GMT
last-modified
Thu, 24 Jun 2021 11:03:42 GMT
server
nginx/1.20.0
etag
"60d4668e-32dab"
content-type
image/jpeg
set-cookie
AWSALB=JTaAuklYxsxaPmAorsfZUpc8IX88i9CdMVAEOXqotiIokM6+UK0py7XV27obUSGw6k0+D8cAnZ1JyMw+ZXGcvKMs0OKjC65PzrlXRJRRJTk7EFHBHr5gAs4DI4zj; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/ AWSALBCORS=JTaAuklYxsxaPmAorsfZUpc8IX88i9CdMVAEOXqotiIokM6+UK0py7XV27obUSGw6k0+D8cAnZ1JyMw+ZXGcvKMs0OKjC65PzrlXRJRRJTk7EFHBHr5gAs4DI4zj; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
208299
banner.jpg
topscore.info/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://topscore.info/banner.jpg
Requested by
Host: topscore.info
URL: https://topscore.info/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.97.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-97-224.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

:path
/banner.jpg
pragma
no-cache
cookie
PHPSESSID=a4pj6k97ckce8bq6dcrq3njpjo; AWSALB=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2; AWSALBCORS=3IVliZsaupEESE+kupHFkzelLW6EYBMHSeJKcE0ApTXCQQ1+bkhWHRieOnCzDdDeX7/2h69z6Fd4hIMVldKo6qNDNAW3p0bmfgWfgS5hga1pw7p9yLSd6DeeCXN2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
topscore.info
referer
https://topscore.info/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://topscore.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:22 GMT
last-modified
Thu, 24 Jun 2021 11:03:42 GMT
server
nginx/1.20.0
etag
"60d4668e-8544"
content-type
image/jpeg
set-cookie
AWSALB=+Pk5I620S31J/2CPwdkV6SxdmRp6MBfVKKXlat4zvGl63sp/IkOnAbp9NwZavTfiAurh+VGzEhFigesH1lpXOwe9dy1CZF7vol1p8t+jr9J1xc0V0ocjOXibwS8t; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/ AWSALBCORS=+Pk5I620S31J/2CPwdkV6SxdmRp6MBfVKKXlat4zvGl63sp/IkOnAbp9NwZavTfiAurh+VGzEhFigesH1lpXOwe9dy1CZF7vol1p8t+jr9J1xc0V0ocjOXibwS8t; Expires=Tue, 31 Aug 2021 03:23:22 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
34116
Primary Request ar
top.theresultsengine.com/
Redirect Chain
  • https://feed.lookbox.net/s240/?q=bank
  • https://searchada.com/e22452b8-a9a4-4484-a352-42a7e1866e6e?chname=mw_DE_2569&q=bank
  • https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.200.241 , France, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-51-91-200.eu
Software
nginx/1.14.2 / PHP/7.4.18
Resource Hash
c8138e9dbf325861317dd6dbe9f627eb9a7735dad3b2e3424bb7ff9ad57575d3

Request headers

:method
GET
:authority
top.theresultsengine.com
:scheme
https
:path
/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://topscore.info/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://topscore.info/

Response headers

server
nginx/1.14.2
date
Tue, 24 Aug 2021 03:23:23 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.18
set-cookie
PHPSESSID=736eb4b9a7ae388c11738ffb8d9402a2; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
processedon
s14
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 24 Aug 2021 03:23:23 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
Pragma
no-cache
Set-Cookie
e22452b8-a9a4-4484-a352-42a7e1866e6e-v4=e22452b8-a9a4-4484-a352-42a7e1866e6e; Max-Age=86400; Expires=Wed, 25-Aug-2021 03:23:23 GMT; Domain=searchada.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=jf5L%2F%2F3A%2BsvOaLVQ4xM1c0Kkh3PM2dZhCXlcl5xrO3UAFrTZq9R0nswYKLPRLCjp7x%2BAxhT8LYu9TnkW3qBZpjHrIEdasDB8PEC5zuJI9Qtd17Dk3haL7mO9PXuQgXcqvpRVoNw3CjeSB02mR5oF8Q%3D%3D; Max-Age=31536000; Expires=Wed, 24-Aug-2022 03:23:23 GMT; Domain=searchada.com; Path=/; Secure; HttpOnly;SameSite=None
DefaultLayout.css
top.theresultsengine.com/v2common/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://top.theresultsengine.com/v2common/css/DefaultLayout.css
Requested by
Host: top.theresultsengine.com
URL: https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.200.241 , France, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-51-91-200.eu
Software
nginx/1.14.2 /
Resource Hash
51ef6ec8fcc981bf8a47e6d7dcee8b654f8d5536379084a60bdd75dc9df7e229

Request headers

:path
/v2common/css/DefaultLayout.css
pragma
no-cache
cookie
PHPSESSID=736eb4b9a7ae388c11738ffb8d9402a2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
top.theresultsengine.com
referer
https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 03:23:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 14:21:06 GMT
server
nginx/1.14.2
etag
W/"60db2c52-5b11"
content-type
text/css
cache-control
max-age=3600
expires
Tue, 24 Aug 2021 04:23:23 GMT
tracking.php
techadsmedia.com/ 		27 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://techadsmedia.com/tracking.php
Requested by
Host: top.theresultsengine.com
URL: https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.91.200.241 , France, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-51-91-200.eu
Software
nginx/1.14.2 / PHP/7.4.14
Resource Hash
3e42893697cdf30fca4dde19eb6a2188b7821b94a4efdd4bd39b66612f31b4e5

Request headers

Referer
https://top.theresultsengine.com/ar?src=39&q=bank&campname=05af389dc8&rangeBlockId=111&mkt=fr-FR&clickid=wcnrnsmip8mb8rv9i0ha1j2o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Aug 2021 03:23:23 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx/1.14.2
x-powered-by
PHP/7.4.14
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Sun, 01 Jan 2014 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| clickManager function| jsIsRetard1 function| onClickBinder1

1 Cookies

Domain/Path Name / Value
top.theresultsengine.com/ Name: PHPSESSID
Value: 736eb4b9a7ae388c11738ffb8d9402a2