urlscan.io logo urlscan.io
SecurityTrails logo

www.fl-y.com Open in urlscan Pro
94.23.28.150  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.fl-y.com/19qee
Submission: On November 27 via manual from LU — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 94.23.28.150, located in France and belongs to OVH, FR. The main domain is www.fl-y.com.
This is the only time www.fl-y.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 94.23.28.150 16276 (OVH)
6 51.91.68.112 16276 (OVH)
8 217.79.188.11 24961 (MYLOC-AS ...)
6 217.79.188.46 24961 (MYLOC-AS ...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.0.165 44788 (ASN-CRITE...)
1 37.252.173.27 29990 (ASN-APPNEX)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
40 10
13    94.23.28.150 (France)

ASN16276 (OVH, FR)
PTR: ns367892.ip-94-23-28.eu
www.fl-y.com
6    51.91.68.112 (France)

ASN16276 (OVH, FR)
PTR: ns3161774.ip-51-91-68.eu
view.webplexmedia.de
8    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
6    217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com
ad4.adfarm1.adition.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
Domain Requested by
13 www.fl-y.com www.fl-y.com
8 imagesrv.adition.com view.webplexmedia.de
ad4.adfarm1.adition.com
imagesrv.adition.com
6 ad4.adfarm1.adition.com view.webplexmedia.de
ad4.adfarm1.adition.com
imagesrv.adition.com
6 view.webplexmedia.de www.fl-y.com
view.webplexmedia.de
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net imagesrv.adition.com
static.criteo.net
1 mug.criteo.com
1 ib.adnxs.com imagesrv.adition.com
1 bidder.criteo.com imagesrv.adition.com
1 cdn.jsdelivr.net imagesrv.adition.com
40 10

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
view.webplexmedia.de
R3		 2021-10-30 -
2022-01-28		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2021-05-21 -
2022-06-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://www.fl-y.com/19qee
Frame ID: F40EEFAE7645A418F912ACED3B52815A
Requests: 15 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4
Frame ID: 25B1B1B48594770A5B8043CEA0D1C3EE
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
Frame ID: A9F221044037233D0B3DB09AC40AC475
Requests: 3 HTTP requests in this frame

Frame: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
Frame ID: D28570E15F196024A641921C72A7118B
Requests: 9 HTTP requests in this frame

Frame: https://view.webplexmedia.de/gtx.php?nc=9171f78616b1b0d7ae492d7ebf419277&sid=1061&uid=436643363&sz=4
Frame ID: 1E5B8C59F73E3210BBB626022D2D2479
Requests: 1 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Frame ID: AB145D74956FB1F32B0BB8AC2CBF74BE
Requests: 4 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Frame ID: C7AA9C766F5D8E796B5C3AA2D4D337A2
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.fl-y.com
Frame ID: 4E2D7FC593545967E2B942606D7BCC22
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirecting to url, please wait... - FL-Y.COM

Page Statistics

40
Requests

65 %
HTTPS

30 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

407 kB
Transfer

1090 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=0&topUrl=www.fl-y.com&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=gTadXXxGT2VEekFDRDBmSFV1R3YyQVZvM0dyNGVqYXltZktaZWttT01zVEhoREhkSHZ2amt4eHQ2M0hiMnFyTTBVMUZXcHY5OHY2Mnc4cUE0RGxYMkhjdGswV0hMTTVVK3Y5a1o0RnpFMXNQN1pkNHRyNU5GNm5pNVVocjJwNmpFYmFjb1o3U2F1bjdweXlUazRNZjVxaE15ZXozNnlUdW14bWVWOGVsT01FQUFmOHNKdDBSK2N1R2syK1pWdkJKTnVqTkd5bzlmc1E2aGc4REVSUHhOYkZMMjQrajlnZlBCbUErUDkrZGI0T1FNZmszaGh2clYrQVpHVUVFaU9UWlRnRkZLV2xJcjdXSUNkRm9jRWFqM3UwYWwrbG5qMVY1WGRnNlhheFJtVlBBaERnMD18&cppv=2

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 19qee
www.fl-y.com/ 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) / PHP/5.3.3-7+squeeze19
Resource Hash
3d65403280c4ed5291cf9698ff3c9e650d4fc4a34d8957ad0d6daff91708a5e9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

Date
Sat, 27 Nov 2021 15:09:57 GMT
Server
Apache/2.2.16 (Debian)
X-Powered-By
PHP/5.3.3-7+squeeze19
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
9134
Connection
close
Content-Type
text/html
jquery-ui-1.8.9.custom.css
www.fl-y.com/themes/blue_v2/styles/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/styles/jquery-ui-1.8.9.custom.css
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
a6c3f86b052c69af5d5bb6fa9d0a19ead45871487e3ea8e34ec5d6a8a8286c7d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:38 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f38-85f0-4b646fe582c80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
6185
screen.css
www.fl-y.com/themes/blue_v2/styles/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/styles/screen.css
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
d3c5ae27aa3a1d6e3cf66d3ada33aa7e7d4e1f6ddef9cb67d8a1d7124a786204

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:38 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f39-38e7-4b646fe582c80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3333
tabview-core.css
www.fl-y.com/themes/blue_v2/styles/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/styles/tabview-core.css
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
597fb1d1fdfebef9dc6deb9d1bbcc59bb010d60a060cc3ea8ef479c4f3a597b6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:38 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f36-2d05-4b646fe582c80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2126
data_table.css
www.fl-y.com/themes/blue_v2/styles/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/styles/data_table.css
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
f3e6ab1c041fa2c775e4e125baa560510d145a2137626e91c7b1694af6e0077a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:38 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f35-254f-4b646fe582c80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2572
jquery-1.6.1.min.js
www.fl-y.com/themes/blue_v2/js/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/js/jquery-1.6.1.min.js
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:35 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f31-164ce-4b646fe2a65c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
31940
jquery-ui-1.8.9.custom.min.js
www.fl-y.com/themes/blue_v2/js/ 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/js/jquery-ui-1.8.9.custom.min.js
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:37 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f32-3292a-4b646fe48ea40"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
51785
jquery.dataTables.min.js
www.fl-y.com/themes/blue_v2/js/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/js/jquery.dataTables.min.js
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:37 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f2e-10fe4-4b646fe48ea40"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
19275
FusionCharts.js
www.fl-y.com/js/fusionCharts/JSClass/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/js/fusionCharts/JSClass/FusionCharts.js
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
594dda6ed39b190a5341fcbb9b5be5935e7624b66247e966a55b7cbe37f38f40

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:04:29 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364ab4-34a0-4b646fa3b5140"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
4446
global.js
www.fl-y.com/themes/blue_v2/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fl-y.com/themes/blue_v2/js/global.js
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
6ceb2dbd14d506151268787dd2dcedeb08fc9354db9ba5f2000f37f670e1f4d3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2012 21:05:34 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f2f-df4-4b646fe1b2380"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1103
main_logo.jpg
www.fl-y.com/themes/blue_v2/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fl-y.com/themes/blue_v2/images/main_logo.jpg
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
01b6aaba858a4df8f2ab2caa78c42fa540606c06c88677038237d78bd91e07b6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 11 Jan 2012 22:12:47 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364f29-5153-4b647ee7dd5c0"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
20819
banner.php
view.webplexmedia.de/ 		2 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
904b43884597db6ad9d2268ff02d79b4b7eb4e79110c01463b1c02ede428db62
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:24 GMT
cache-control
no-cache
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
pleaseWait.gif
www.fl-y.com/themes/blue_v2/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fl-y.com/themes/blue_v2/images/pleaseWait.gif
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
06f4e73215c99f67d0e80eabe42be736c8c152cca7517a2208a31075faeef2c1

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 11 Jan 2012 21:05:33 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364ddd-22c0-4b646fe0be140"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
8896
body_bg_gradient.jpg
www.fl-y.com/themes/blue_v2/images/ 		474 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.fl-y.com/themes/blue_v2/images/body_bg_gradient.jpg
Requested by
Host: www.fl-y.com
URL: http://www.fl-y.com/19qee
Protocol
HTTP/1.1
Server
94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns367892.ip-94-23-28.eu
Software
Apache/2.2.16 (Debian) /
Resource Hash
8ed7b1b667fac2548eb9511e8f5c00d874e2fcc0f6bce963220e9974d9157b95

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/19qee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 27 Nov 2021 15:10:02 GMT
Last-Modified
Wed, 11 Jan 2012 22:13:20 GMT
Server
Apache/2.2.16 (Debian)
ETag
"364efd-1da-4b647f0756000"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
474
b2.php
view.webplexmedia.de/ Frame 25B1 		741 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
28afcde4afb3cb9a4e313c6dcda89313aa9652957cf29ea8ee12b48f4df49e08
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/

Response headers

server
nginx
date
Sat, 27 Nov 2021 14:57:24 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
webplvers.js
view.webplexmedia.de/js/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/js/webplvers.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fl-y.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 27 Nov 2021 14:57:24 GMT
last-modified
Tue, 31 Aug 2021 15:27:16 GMT
server
nginx
etag
"612e4a54-16b34"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
92980
x-xss-protection
1; mode=block
lg0.jpg
view.webplexmedia.de/ Frame 25B1 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://view.webplexmedia.de/lg0.jpg
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:24 GMT
last-modified
Fri, 04 Dec 2020 00:56:23 GMT
server
nginx
etag
"5fc98937-5de"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
accept-ranges
bytes
content-length
1502
x-xss-protection
1; mode=block
in4.php
view.webplexmedia.de/ Frame A9F2 		304 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
67820779487d9c426333262f93425408e148587649e29282a8314cd24afc3750
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

server
nginx
date
Sat, 27 Nov 2021 14:57:24 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
adition.js
imagesrv.adition.com/js/ Frame A9F2 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame A9F2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974813
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
a3697cda912ab0dfa502c6c2e76d95b2683112d7f291b28bcf76c00dff97829f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://view.webplexmedia.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 15:57:25 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame D285 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974813
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
7369ba38441fee31017064f2e20543c5cc9c6cd447b8b801a577acbcdfb174e6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://view.webplexmedia.de/

Response headers

content-type
text/html
server
ADITIONSERVER v1.0
date
Sat, 27 Nov 2021 15:57:25 +0100
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma
no-cache
content-encoding
gzip
pahb_n.prod.js
imagesrv.adition.com/banners/268/xml/pa_static/pb/native/ Frame D285 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Sat, 23 Oct 2021 13:24:12 GMT
etag
"3514115343-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8271
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/ Frame D285 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Sat, 23 Oct 2021 12:54:16 GMT
etag
"1780171952-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1400
prebid2.1.0.js
imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/ Frame D285 		174 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Sat, 23 Oct 2021 13:13:46 GMT
etag
"4202304516-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
48224
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame D285 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211127
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4977e03b9539aa567f88cd6faaacfd25ff1d9a7dbbdd7a14776dd6e11cb786a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ad4.adfarm1.adition.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42985
x-jsd-version
1.0.1173
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19135-FRA, cache-mxp6963-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69b-Lkvf/T1YPIWiLg3Bj4e7EqpcwFE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6b4c35764f4059dd-MXP
cdb
bidder.criteo.com/ Frame D285 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.1.0&cb=81227859439
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad4.adfarm1.adition.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ad4.adfarm1.adition.com
date
Sat, 27 Nov 2021 14:57:25 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame D285 		256 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
9c2fd1c964fb3ac9e9d34581055dacc066daa7162dd855408b3b0677ac2d46af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ad4.adfarm1.adition.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 27 Nov 2021 14:57:25 GMT
X-Proxy-Origin
37.120.204.198; 37.120.204.198; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b3cb0f98-5dd0-4d19-ab5c-24cd46706675
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ad4.adfarm1.adition.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
256
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gtx.php
view.webplexmedia.de/ Frame 1E5B 		0
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://view.webplexmedia.de/gtx.php?nc=9171f78616b1b0d7ae492d7ebf419277&sid=1061&uid=436643363&sz=4
Requested by
Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/js/webplvers.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.91.68.112 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3161774.ip-51-91-68.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
http://www.fl-y.com/

Response headers

server
nginx
date
Sat, 27 Nov 2021 14:57:25 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/ Frame AB14 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Sat, 23 Oct 2021 12:54:16 GMT
etag
"1780171952-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1400
adition.js
imagesrv.adition.com/js/ Frame AB14 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame AB14 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974821&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
6d4b3afa33df14c937de4304389d9b61f28c7d4bd35444e77b5bf6bd2d07cef0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 15:57:25 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.css
imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/ Frame C7AA 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/268/xml/pa_static/pb/styles/default/300x250_2slot/main.css
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Sat, 23 Oct 2021 12:54:16 GMT
etag
"1780171952-br"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
1400
adition.js
imagesrv.adition.com/js/ Frame C7AA 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
br
last-modified
Thu, 21 Oct 2021 06:32:42 GMT
etag
"4043560335-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8355
js
ad4.adfarm1.adition.com/ Frame C7AA 		1 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/js?wp_id=3974816&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/native/pahb_n.prod.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
5d955909988dac497c082d9f7ec77d5c4fa5abaf01452af4845c8f39bc65128f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 15:57:25 +0100
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
cache-control
max-age=600
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame AB14 		19 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974821&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974813%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D436643363%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D1061%2526size%253D4%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/96.0.4664.45%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1239781705%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=7035263994046382438&wi=74708504&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974821&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 15:57:25 +0100
server
ADITIONSERVER v1.0
etag
7035263998326407526
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner
ad4.adfarm1.adition.com/ Frame C7AA 		19 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.adfarm1.adition.com/banner?sid=3974816&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//ad4.adfarm1.adition.com/banner%3Fsid%3D3974813%26adjsver%3D3%26fvers%3D%26iframe%3D1%26ref%3D%26ro%3Dhttps%253A//view.webplexmedia.de/in4.php%253Fuid%253D436643363%2526e%253D0%2526s%253D0%2526p%253D0%2526sid%253D1061%2526size%253D4%2526referrer%253D%26uao%3DMozilla/5.0%2520%2528Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64%2529%2520AppleWebKit/537.36%2520%2528KHTML%252C%2520like%2520Gecko%2529%2520Chrome/96.0.4664.45%2520Safari/537.36%26os%3D17%26browser%3D11%26userid%3D0%26wi%3D1239781705%26ac%3D1%26screen_res%3D6%26wpt%3DH%26clickurl%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=7035263994046382438&wi=74708504&ac=NaN&gdpr=0&gdpr_pd=0&screen_res=6&prf[hb_status]=nobid&wpt=J&clickurl=
Requested by
Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=3974816&gdpr=0&gdpr_consent=&gdpr_pd=0&prf[hb_status]=nobid&clickurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad4.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/banner?sid=3974813&adjsver=3&fvers=&iframe=1&ref=&ro=https%3A//view.webplexmedia.de/in4.php%3Fuid%3D436643363%26e%3D0%26s%3D0%26p%3D0%26sid%3D1061%26size%3D4%26referrer%3D&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/96.0.4664.45%20Safari/537.36&os=17&browser=11&userid=0&wi=1239781705&ac=1&screen_res=6&wpt=H&clickurl=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Nov 2021 15:57:25 +0100
server
ADITIONSERVER v1.0
etag
7035263998326473062
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cache-control
no-cache
content-type
text/javascript
content-length
19
expires
Sat, 01 Jan 2000 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D285 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/xml/pa_static/pb/prebid/prebid2.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:25 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Nov 2021 14:57:25 GMT
syncframe
gum.criteo.com/ Frame 4E2D 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.fl-y.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1966
date
Sat, 27 Nov 2021 14:57:25 GMT
content-length
4685
publishertag.prebid.js
static.criteo.net/js/ld/ Frame D285 		83 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://ad4.adfarm1.adition.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 14:57:26 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 06:35:11 GMT
server
nginx
etag
W/"618cb99f-14b33"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 28 Nov 2021 14:57:26 GMT
sid
mug.criteo.com/ Frame 4E2D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ad4.adfarm1.adition.com&sn=ChromeSyncframe&so=0&topUrl=www.fl-y.com&lsw=1
  • https://mug.criteo.com/sid?cpp=gTadXXxGT2VEekFDRDBmSFV1R3YyQVZvM0dyNGVqYXltZktaZWttT01zVEhoREhkSHZ2amt4eHQ2M0hiMnFyTTBVMUZXcHY5OHY2Mnc4cUE0RGxYMkhjdGswV0hMTTVVK3Y5a1o0RnpFMXNQN1pkNHRyNU5GNm5pNVVocj...
430 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gTadXXxGT2VEekFDRDBmSFV1R3YyQVZvM0dyNGVqYXltZktaZWttT01zVEhoREhkSHZ2amt4eHQ2M0hiMnFyTTBVMUZXcHY5OHY2Mnc4cUE0RGxYMkhjdGswV0hMTTVVK3Y5a1o0RnpFMXNQN1pkNHRyNU5GNm5pNVVocjJwNmpFYmFjb1o3U2F1bjdweXlUazRNZjVxaE15ZXozNnlUdW14bWVWOGVsT01FQUFmOHNKdDBSK2N1R2syK1pWdkJKTnVqTkd5bzlmc1E2aGc4REVSUHhOYkZMMjQrajlnZlBCbUErUDkrZGI0T1FNZmszaGh2clYrQVpHVUVFaU9UWlRnRkZLV2xJcjdXSUNkRm9jRWFqM3UwYWwrbG5qMVY1WGRnNlhheFJtVlBBaERnMD18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4c20f9e994724da54fdfe2eaf39297573eeaf6b54e589db6a2093a99695f73b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 27 Nov 2021 14:57:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5122
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 27 Nov 2021 14:57:25 GMT
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=gTadXXxGT2VEekFDRDBmSFV1R3YyQVZvM0dyNGVqYXltZktaZWttT01zVEhoREhkSHZ2amt4eHQ2M0hiMnFyTTBVMUZXcHY5OHY2Mnc4cUE0RGxYMkhjdGswV0hMTTVVK3Y5a1o0RnpFMXNQN1pkNHRyNU5GNm5pNVVocjJwNmpFYmFjb1o3U2F1bjdweXlUazRNZjVxaE15ZXozNnlUdW14bWVWOGVsT01FQUFmOHNKdDBSK2N1R2syK1pWdkJKTnVqTkd5bzlmc1E2aGc4REVSUHhOYkZMMjQrajlnZlBCbUErUDkrZGI0T1FNZmszaGh2clYrQVpHVUVFaU9UWlRnRkZLV2xJcjdXSUNkRm9jRWFqM3UwYWwrbG5qMVY1WGRnNlhheFJtVlBBaERnMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1758
content-length
567
expires
0

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| t function| $ function| jQuery function| DP_jQuery_1638025044623 object| infosoftglobal function| getChartFromId function| updateChartXML function| FusionCharts boolean| bgFill function| setDefaultPointer function| bookmarksite function| setupTerms function| showTerms function| setupAPI function| showAPI function| destroyAPIPopup function| destroyPopup function| showHideStatsTab function| showHideTip number| milisec number| seconds function| display string| hidden string| visibilityChange number| rdy function| hVC function| isivp object| elements function| cbF

5 Cookies

Domain/Path Name / Value
www.fl-y.com/ Name: shorturl
Value: 2ubff026po5edl06erm3rbpjf1
.adfarm1.adition.com/ Name: UserID1
Value: 7035263994046382438
.adnxs.com/ Name: icu
Value: ChgI-K0uEAoYASABKAEw1Y6JjQY4AUABSAEQ1Y6JjQYYAA..
.adnxs.com/ Name: uuid2
Value: 3947922385204655341
.criteo.com/ Name: uid
Value: e7b54341-a8d6-4084-a629-61b8e5f3b7d9

2 Console Messages

Source Level URL
Text
javascript warning URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://view.webplexmedia.de/js/webplvers.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://view.webplexmedia.de/js/webplvers.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4.adfarm1.adition.com
bidder.criteo.com
cdn.jsdelivr.net
gum.criteo.com
ib.adnxs.com
imagesrv.adition.com
mug.criteo.com
static.criteo.net
view.webplexmedia.de
www.fl-y.com
178.250.0.157
178.250.0.165
217.79.188.11
217.79.188.46
2606:4700::6810:5914
2a02:2638:1::3
2a02:2638::1c
37.252.173.27
51.91.68.112
94.23.28.150
01b6aaba858a4df8f2ab2caa78c42fa540606c06c88677038237d78bd91e07b6
06f4e73215c99f67d0e80eabe42be736c8c152cca7517a2208a31075faeef2c1
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5
28afcde4afb3cb9a4e313c6dcda89313aa9652957cf29ea8ee12b48f4df49e08
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d65403280c4ed5291cf9698ff3c9e650d4fc4a34d8957ad0d6daff91708a5e9
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4c20f9e994724da54fdfe2eaf39297573eeaf6b54e589db6a2093a99695f73b0
568dd1d03aaa979a84f4bb146bc456de281b39b3877dc0a5763d77fabc6fc34a
594dda6ed39b190a5341fcbb9b5be5935e7624b66247e966a55b7cbe37f38f40
597fb1d1fdfebef9dc6deb9d1bbcc59bb010d60a060cc3ea8ef479c4f3a597b6
5d955909988dac497c082d9f7ec77d5c4fa5abaf01452af4845c8f39bc65128f
67820779487d9c426333262f93425408e148587649e29282a8314cd24afc3750
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
6ceb2dbd14d506151268787dd2dcedeb08fc9354db9ba5f2000f37f670e1f4d3
6d4b3afa33df14c937de4304389d9b61f28c7d4bd35444e77b5bf6bd2d07cef0
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
7369ba38441fee31017064f2e20543c5cc9c6cd447b8b801a577acbcdfb174e6
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
8ed7b1b667fac2548eb9511e8f5c00d874e2fcc0f6bce963220e9974d9157b95
904b43884597db6ad9d2268ff02d79b4b7eb4e79110c01463b1c02ede428db62
9c2fd1c964fb3ac9e9d34581055dacc066daa7162dd855408b3b0677ac2d46af
a3697cda912ab0dfa502c6c2e76d95b2683112d7f291b28bcf76c00dff97829f
a6c3f86b052c69af5d5bb6fa9d0a19ead45871487e3ea8e34ec5d6a8a8286c7d
a86251a703af81b32ed234353f26c1f8d497d975195a0c17817b93358c607cde
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c8a971105c9d001834b7d079ca4367c9084cda1a380a1cd1bac3a7444d668a95
d3c5ae27aa3a1d6e3cf66d3ada33aa7e7d4e1f6ddef9cb67d8a1d7124a786204
d4977e03b9539aa567f88cd6faaacfd25ff1d9a7dbbdd7a14776dd6e11cb786a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
f3e6ab1c041fa2c775e4e125baa560510d145a2137626e91c7b1694af6e0077a