rdvsecret.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359
Effective URL:
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Submission: On October 31 via api (October 31st 2024, 9:30:29 pm UTC) from US — Scanned from GB

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rdvsecret.com.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.

This is the only time rdvsecret.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.160.108.161 34.160.108.161	15169 (GOOGLE) (GOOGLE)
3	142.132.150.101 142.132.150.101	24940 (HETZNER-AS) (HETZNER-AS)
3 16	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	3.64.86.135 3.64.86.135	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	18.193.203.120 18.193.203.120	16509 (AMAZON-02) (AMAZON-02)
25	7

1 34.160.108.161 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 161.108.160.34.bc.googleusercontent.com

a2y8vytrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.132.150.101 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.150.132.142.clients.your-server.de

crazyperf.afflnx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a06:98c1:3120::3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

harem-smrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rdvsecret.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.86.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-86-135.eu-central-1.compute.amazonaws.com

ads.adextrem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.203.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-203-120.eu-central-1.compute.amazonaws.com

ads.adextrem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rdvsecret.com 2 redirects rdvsecret.com	999 KB
4	adextrem.com ads.adextrem.com	3 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	105 KB
3	afflnx.com crazyperf.afflnx.com	28 KB
2	harem-smrt.com 1 redirects harem-smrt.com	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	6 KB
1	a2y8vytrk.com 1 redirects a2y8vytrk.com	663 B
25	8

	Domain	Requested by
14	rdvsecret.com	2 redirects harem-smrt.com rdvsecret.com
4	ads.adextrem.com	rdvsecret.com ads.adextrem.com
3	code.jquery.com	rdvsecret.com
3	crazyperf.afflnx.com	crazyperf.afflnx.com
2	harem-smrt.com	1 redirects crazyperf.afflnx.com
1	ajax.googleapis.com	rdvsecret.com
1	cdnjs.cloudflare.com	harem-smrt.com
1	a2y8vytrk.com	1 redirects
25	8

This site contains links to these domains. Also see Links.

Domain
dashboard.everprofit.com

Subject Issuer	Validity	Valid
afflnx.com R10	`2024-08-22` - `2024-11-20`	3 months	crt.sh
harem-smrt.com WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
rdvsecret.com WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.adextrem.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-30`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Frame ID: E823012D0FE9028E6F523F3171E03A4D
Requests: 24 HTTP requests in this frame

Frame: https://ads.adextrem.com/push/ifp.php?slot=4
Frame ID: E20840ED2FA19A3F768993366F70289E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rencontre Sexuelle

Page URL History Show full URLs

http://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359 HTTP 307
https://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359 HTTP 302
https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&s... Page URL
https://harem-smrt.com/offers/?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail= Page URL
https://harem-smrt.com/offers/index.php?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32... HTTP 302
https://rdvsecret.com/offer/?id=1&lp=0&affid=ofc&source=&clickid=101792888&mail= HTTP 302
https://rdvsecret.com/plancul/1/lp1.php?pt=auto&id=1&lp=0&affid=ofc&source=&clickid=101792888&mail= HTTP 302
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=1... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

25
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

1171 kB
Transfer

1600 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://dashboard.everprofit.com/affiliate/signup
Title: Affiliation

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359 HTTP 307
https://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359 HTTP 302
https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource= Page URL
https://harem-smrt.com/offers/?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail= Page URL
https://harem-smrt.com/offers/index.php?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail=&r=1&ua=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&ua_pm=Linux&fw=1600&fh=1200&wdw_d={%22name%22:%22%22,%22status%22:%22%22,%22closed%22:false,%22length%22:0,%22origin%22:%22https://harem-smrt.com%22,%22innerWidth%22:1600,%22innerHeight%22:1200,%22scrollX%22:0,%22pageXOffset%22:0,%22scrollY%22:0,%22pageYOffset%22:0,%22screenX%22:130,%22screenY%22:130,%22outerWidth%22:1600,%22outerHeight%22:1285,%22devicePixelRatio%22:1,%22screenLeft%22:130,%22screenTop%22:130,%22isSecureContext%22:true,%22crossOriginIsolated%22:false,%22originAgentCluster%22:true,%22credentialless%22:false,%22fhe%22:%22Europe/London%22,%22prop%22:%22prop%22,%22TEMPORARY%22:0,%22PERSISTENT%22:1}&ngt_d={%22vendorSub%22:%22%22,%22productSub%22:%2220030107%22,%22vendor%22:%22Google%20Inc.%22,%22maxTouchPoints%22:0,%22scheduling%22:{},%22userActivation%22:{},%22doNotTrack%22:null,%22geolocation%22:{},%22connection%22:{},%22plugins%22:{%220%22:{%220%22:{},%221%22:{}},%221%22:{%220%22:{},%221%22:{}},%222%22:{%220%22:{},%221%22:{}},%223%22:{%220%22:{},%221%22:{}},%224%22:{%220%22:{},%221%22:{}}},%22mimeTypes%22:{%220%22:{},%221%22:{}},%22pdfViewerEnabled%22:true,%22webkitTemporaryStorage%22:{},%22webkitPersistentStorage%22:{},%22windowControlsOverlay%22:{},%22hardwareConcurrency%22:12,%22cookieEnabled%22:true,%22appCodeName%22:%22Mozilla%22,%22appName%22:%22Netscape%22,%22appVersion%22:%225.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36%22,%22platform%22:%22Linux%20x86_64%22,%22product%22:%22Gecko%22,%22userAgent%22:%22Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36%22,%22language%22:%22en-GB%22,%22languages%22:[%22en-US%22,%22en%22],%22onLine%22:true,%22webdriver%22:false,%22deprecatedRunAdAuctionEnforcesKAnonymity%22:false,%22protectedAudience%22:{},%22storageBuckets%22:{},%22clipboard%22:{},%22credentials%22:{},%22keyboard%22:{},%22managed%22:{},%22mediaDevices%22:{},%22storage%22:{},%22serviceWorker%22:{},%22virtualKeyboard%22:{},%22wakeLock%22:{},%22deviceMemory%22:8,%22userAgentData%22:{%22brands%22:[],%22mobile%22:false,%22platform%22:%22%22},%22login%22:{},%22ink%22:{},%22mediaCapabilities%22:{},%22hid%22:{},%22locks%22:{},%22gpu%22:{},%22mediaSession%22:{},%22permissions%22:{},%22presentation%22:{},%22usb%22:{},%22xr%22:{},%22serial%22:{}}&hs_d={%22length%22:2,%22scrollRestoration%22:%22auto%22,%22state%22:null}&sc_d={%22availWidth%22:1600,%22availHeight%22:1200,%22width%22:1600,%22height%22:1200,%22colorDepth%22:24,%22pixelDepth%22:24,%22availLeft%22:0,%22availTop%22:0,%22orientation%22:{},%22onchange%22:null,%22isExtended%22:false}&fhe_d=Europe/London&plg_d=[%22PDF%20Viewer%22,%22Chrome%20PDF%20Viewer%22,%22Chromium%20PDF%20Viewer%22,%22Microsoft%20Edge%20PDF%20Viewer%22,%22WebKit%20built-in%20PDF%22] HTTP 302
https://rdvsecret.com/offer/?id=1&lp=0&affid=ofc&source=&clickid=101792888&mail= HTTP 302
https://rdvsecret.com/plancul/1/lp1.php?pt=auto&id=1&lp=0&affid=ofc&source=&clickid=101792888&mail= HTTP 302
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359 HTTP 307
https://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359 HTTP 302
https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

4abb8c2c4bd7d Show response
crazyperf.afflnx.com/c/
Redirect Chain

http://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359
https://a2y8vytrk.com/9w598/3qqg7/0.6717745332203359
https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=

59 KB
25 KB

417ms
120ms

Document
text/html

142.132.150.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.150.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 7062ae104a3116171eda063410c311f7756d346b8489492950c88f2f505f31cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Oct 2024 21:30:17 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding

Redirect headers

accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156
content-type: text/html; charset=utf-8
date: Thu, 31 Oct 2024 21:30:16 GMT
location: https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=
server: nginx
vary: Origin
via: 1.1 google
x-eflow-request-id: 649b13c9-83ac-469b-8eb8-b39bf284d3c6

GET
H/1.1 204
No Content favicon.ico
crazyperf.afflnx.com/ 0
107 B 114ms
113ms Other
text/plain 142.132.150.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://crazyperf.afflnx.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.150.132.142.clients.your-server.de
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=

Response headers

Date: Thu, 31 Oct 2024 21:30:17 GMT
Server: openresty
Connection: keep-alive

GET
H/1.1 200
OK click.php
crazyperf.afflnx.com/ 113 B
2 KB 83ms
83ms XHR
text/html 142.132.150.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://crazyperf.afflnx.com/click.php?forceFallback=&fp=JTVCJTdCJTIya2V5JTIyJTNBJTIydXNlckFnZW50JTIyJTJDJTIydmFsdWUlMjIlM0ElMjJNb3ppbGxhJTJGNS4wJTIwKFgxMSUzQiUyMExpbnV4JTIweDg2XzY0KSUyMEFwcGxlV2ViS2l0JTJGNTM3LjM2JTIwKEtIVE1MJTJDJTIwbGlrZSUyMEdlY2tvKSUyMENocm9tZSUyRjEzMC4wLjAuMCUyMFNhZmFyaSUyRjUzNy4zNiUyMiU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMndlYmRyaXZlciUyMiUyQyUyMnZhbHVlJTIyJTNBZmFsc2UlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJsYW5ndWFnZSUyMiUyQyUyMnZhbHVlJTIyJTNBJTIyZW4tR0IlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJjb2xvckRlcHRoJTIyJTJDJTIydmFsdWUlMjIlM0EyNCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmRldmljZU1lbW9yeSUyMiUyQyUyMnZhbHVlJTIyJTNBOCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmhhcmR3YXJlQ29uY3VycmVuY3klMjIlMkMlMjJ2YWx1ZSUyMiUzQTEyJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyc2NyZWVuUmVzb2x1dGlvbiUyMiUyQyUyMnZhbHVlJTIyJTNBJTVCMTYwMCUyQzEyMDAlNUQlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJhdmFpbGFibGVTY3JlZW5SZXNvbHV0aW9uJTIyJTJDJTIydmFsdWUlMjIlM0ElNUIxNjAwJTJDMTIwMCU1RCU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMnRpbWV6b25lT2Zmc2V0JTIyJTJDJTIydmFsdWUlMjIlM0EwJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIydGltZXpvbmUlMjIlMkMlMjJ2YWx1ZSUyMiUzQSUyMkV1cm9wZSUyRkxvbmRvbiUyMiU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMnNlc3Npb25TdG9yYWdlJTIyJTJDJTIydmFsdWUlMjIlM0F0cnVlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIybG9jYWxTdG9yYWdlJTIyJTJDJTIydmFsdWUlMjIlM0F0cnVlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyaW5kZXhlZERiJTIyJTJDJTIydmFsdWUlMjIlM0F0cnVlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyYWRkQmVoYXZpb3IlMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyb3BlbkRhdGFiYXNlJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmNwdUNsYXNzJTIyJTJDJTIydmFsdWUlMjIlM0ElMjJub3QlMjBhdmFpbGFibGUlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJwbGF0Zm9ybSUyMiUyQyUyMnZhbHVlJTIyJTNBJTIyTGludXglMjB4ODZfNjQlMjIlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJwbHVnaW5zJTIyJTJDJTIydmFsdWUlMjIlM0ElNUIlNUIlMjJQREYlMjBWaWV3ZXIlMjIlMkMlMjJQb3J0YWJsZSUyMERvY3VtZW50JTIwRm9ybWF0JTIyJTJDJTVCJTVCJTIyYXBwbGljYXRpb24lMkZwZGYlMjIlMkMlMjJwZGYlMjIlNUQlMkMlNUIlMjJ0ZXh0JTJGcGRmJTIyJTJDJTIycGRmJTIyJTVEJTVEJTVEJTJDJTVCJTIyQ2hyb21lJTIwUERGJTIwVmlld2VyJTIyJTJDJTIyUG9ydGFibGUlMjBEb2N1bWVudCUyMEZvcm1hdCUyMiUyQyU1QiU1QiUyMmFwcGxpY2F0aW9uJTJGcGRmJTIyJTJDJTIycGRmJTIyJTVEJTJDJTVCJTIydGV4dCUyRnBkZiUyMiUyQyUyMnBkZiUyMiU1RCU1RCU1RCUyQyU1QiUyMkNocm9taXVtJTIwUERGJTIwVmlld2VyJTIyJTJDJTIyUG9ydGFibGUlMjBEb2N1bWVudCUyMEZvcm1hdCUyMiUyQyU1QiU1QiUyMmFwcGxpY2F0aW9uJTJGcGRmJTIyJTJDJTIycGRmJTIyJTVEJTJDJTVCJTIydGV4dCUyRnBkZiUyMiUyQyUyMnBkZiUyMiU1RCU1RCU1RCUyQyU1QiUyMk1pY3Jvc29mdCUyMEVkZ2UlMjBQREYlMjBWaWV3ZXIlMjIlMkMlMjJQb3J0YWJsZSUyMERvY3VtZW50JTIwRm9ybWF0JTIyJTJDJTVCJTVCJTIyYXBwbGljYXRpb24lMkZwZGYlMjIlMkMlMjJwZGYlMjIlNUQlMkMlNUIlMjJ0ZXh0JTJGcGRmJTIyJTJDJTIycGRmJTIyJTVEJTVEJTVEJTJDJTVCJTIyV2ViS2l0JTIwYnVpbHQtaW4lMjBQREYlMjIlMkMlMjJQb3J0YWJsZSUyMERvY3VtZW50JTIwRm9ybWF0JTIyJTJDJTVCJTVCJTIyYXBwbGljYXRpb24lMkZwZGYlMjIlMkMlMjJwZGYlMjIlNUQlMkMlNUIlMjJ0ZXh0JTJGcGRmJTIyJTJDJTIycGRmJTIyJTVEJTVEJTVEJTVEJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyd2ViZ2xWZW5kb3JBbmRSZW5kZXJlciUyMiUyQyUyMnZhbHVlJTIyJTNBJTIySW50ZWwlMjBJbmMufkludGVsJTIwSXJpcyUyME9wZW5HTCUyMEVuZ2luZSUyMiU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmhhc0xpZWRMYW5ndWFnZXMlMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyaGFzTGllZFJlc29sdXRpb24lMjIlMkMlMjJ2YWx1ZSUyMiUzQWZhbHNlJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyaGFzTGllZE9zJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMmhhc0xpZWRCcm93c2VyJTIyJTJDJTIydmFsdWUlMjIlM0FmYWxzZSU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMnRvdWNoU3VwcG9ydCUyMiUyQyUyMnZhbHVlJTIyJTNBJTVCMCUyQ2ZhbHNlJTJDZmFsc2UlNUQlN0QlMkMlN0IlMjJrZXklMjIlM0ElMjJmb250cyUyMiUyQyUyMnZhbHVlJTIyJTNBJTVCJTIyQW5kYWxlJTIwTW9ubyUyMiUyQyUyMkFyaWFsJTIyJTJDJTIyQXJpYWwlMjBCbGFjayUyMiUyQyUyMkNvbWljJTIwU2FucyUyME1TJTIyJTJDJTIyQ291cmllciUyMiUyQyUyMkNvdXJpZXIlMjBOZXclMjIlMkMlMjJHZW9yZ2lhJTIyJTJDJTIySGVsdmV0aWNhJTIyJTJDJTIySW1wYWN0JTIyJTJDJTIyVGltZXMlMjIlMkMlMjJUaW1lcyUyME5ldyUyMFJvbWFuJTIyJTJDJTIyVHJlYnVjaGV0JTIwTVMlMjIlMkMlMjJWZXJkYW5hJTIyJTVEJTdEJTJDJTdCJTIya2V5JTIyJTNBJTIyYXVkaW8lMjIlMkMlMjJ2YWx1ZSUyMiUzQSUyMjEyNC4wNDM0NzUyNzUxNjA3NCUyMiU3RCUyQyU3QiUyMmtleSUyMiUzQSUyMl9faGFzaCUyMiUyQyUyMnZhbHVlJTIyJTNBJTIyMDExYTU5YzVmZDJiZTk3ZDE4M2M3MmIwNzc3MjRhZjMlMjIlN0QlNUQ%3D
Requested by: Host: crazyperf.afflnx.com
URL: https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.150.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Referer: https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Thu, 31 Oct 2024 21:30:17 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding, Accept-Encoding
Server: openresty
Connection: keep-alive

GET
H3 200 / Show response
harem-smrt.com/offers/ 1 KB
1 KB 216ms
101ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harem-smrt.com/offers/?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail=
Requested by: Host: crazyperf.afflnx.com
URL: https://crazyperf.afflnx.com/c/4abb8c2c4bd7d?lp=100?sub1=&ext_click_id=f4cff9039b4740fc8fbf84bdd286cee4&sub6=7&subsource=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7d4f56881b9089650b515db51eec4dc50d49b444e87f230937302a6ca062968

Request headers

Referer: https://crazyperf.afflnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-Prefers-Color-Scheme, Sec-CH-Viewport-Width, Sec-CH-DPR, Sec-CH-Width
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8db6bed74d05beb9-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 31 Oct 2024 21:30:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeZatqpzl3ycX65o7wckM2zuaIXK9xn5j3dkZhn3YACom021O8lb9xNJySClciNTFV%2BkI7QdZnZNHsDo9Rqs1AbazS7ch4H0o6H6vjGcTQ0dIOHUFV7Obbor3gT6ors0kfFUb9O3HKLj1cImnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=31653&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4450&delivery_rate=17347&cwnd=12000&unsent_bytes=0&cid=b0ba6ea99172ed81&ts=112&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H3 200 platform.min.js Show response
cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/ 14 KB
6 KB 201ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/platform/1.3.6/platform.min.js

Requested by

Host: harem-smrt.com
URL: https://harem-smrt.com/offers/?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://harem-smrt.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5f006e5f-38b2"
age: 616268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vt2LUAcV59jw0qnjyIsfAO4pV0uIOYpxHtGF2MwhdZ34HlxEIo2smo7BjEJ9YfOU3lEmovqZzBIlrCTFdUo0yTC3kMQwlgNlps1sSfIQSKZayygqm0eCm9ynl3SM%2FwjdqRRYeafUAjHlRTBeyRJrOwdM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 21:30:18 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 31 Oct 2024 21:30:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 04 Jul 2020 11:56:15 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8db6bed90d0163df-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5648
server: cloudflare

GET
H3

200

Primary Request lp15.php Show response
rdvsecret.com/plancul/1/
Redirect Chain

https://harem-smrt.com/offers/index.php?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail=&r=1&ua=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gec...
https://rdvsecret.com/offer/?id=1&lp=0&affid=ofc&source=&clickid=101792888&mail=
https://rdvsecret.com/plancul/1/lp1.php?pt=auto&id=1&lp=0&affid=ofc&source=&clickid=101792888&mail=
https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

18 KB
6 KB

1223ms
1222ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Requested by: Host: harem-smrt.com
URL: https://harem-smrt.com/offers/?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb6fbecf0fe0555f9529f5608831ea7af02fd1f17ac6e04ae7d37914dfa7cf8c

Request headers

Referer: https://harem-smrt.com/offers/?id=39&affid=7&source=&clickid=403a4f8dad1f8869af55442592f32629&mail=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-dpr: 1
sec-ch-prefers-color-scheme: light
sec-ch-viewport-width: 1600

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8db6bedd4deb63bf-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 31 Oct 2024 21:30:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiyOJVF%2BPlXgA%2F4bpUf6meGIP7g336iCNMeAj8h4j3oeUpK0WsgC66XiKhs6hH8C%2BQ90lXI%2BTbE9brDY7s4HJnHm519OLCbQKOpxOhqVbDjmzuUHN15C%2B%2B2N5Xu2JYhsGf%2FK%2FY%2BYjxLfuOHa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=51564&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5736&recv_bytes=5461&delivery_rate=23872&cwnd=12000&unsent_bytes=0&cid=813dcd0f7b746167&ts=1438&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8db6bedcbd7663bf-LHR
content-type: text/html; charset=UTF-8
date: Thu, 31 Oct 2024 21:30:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHghElsu2xXUBeg2VsHt0QDnyodfad278XV0odT0H8JcaxqNhzWbGCXugD9bQouuB8sqQU9NubKKDOnNu9yGfFY0M2pHG%2F%2Fwu3PaTw4YQZNXPSiFLMHi2k4yjA20s2ZuQCLjU4UGWp9cMvw9"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=54060&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4898&recv_bytes=4971&delivery_rate=461&cwnd=12000&unsent_bytes=0&cid=813dcd0f7b746167&ts=210&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 200 style.css
rdvsecret.com/plancul/1/lp15/ 11 KB
2 KB 125ms
109ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdvsecret.com/plancul/1/lp15/style.css?v=6723f6ec3a2aa
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed9a94b515a5c841ce4518d354a88d6cea607390fe8c6a21fe303ecac227f66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "2c0b-5cb7c0f8d1d9b-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5v1y41saYF5GFreLUtU40qgkPZp2%2F%2BqWui1VdbPsH4rxejLPKxTkYdBvJvW%2BVN1S61dKHM83tZQ0CHNOraHoGlbnQSrAxwS1VejGPdfBMcLmgSJWtLolqWmWTUCUqy2g2rysP6Ax8V0wLj8"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48705&sent=53&recv=25&lost=0&retrans=0&sent_bytes=48513&recv_bytes=7505&delivery_rate=225166&cwnd=24000&unsent_bytes=0&cid=813dcd0f7b746167&ts=1580&x=1", cfExtPri, cfHdrFlush;dur=11
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: text/css
last-modified: Wed, 08 Sep 2021 13:43:00 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee52f1c63bf-LHR
accept-ranges: bytes
content-length: 1815
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 233ms
79ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/

Response headers

content-encoding: gzip
age: 108675
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:19:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:19:05 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30211
x-xss-protection: 0
server: sffe

GET
H3 200 javascriptje.js Show response
rdvsecret.com/plancul/1/lp15/ 85 KB
31 KB 147ms
131ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdvsecret.com/plancul/1/lp15/javascriptje.js?v=569
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f2e5a530422e3d146eb368c71b08d5a6efd0f52d8dc9f366993ee8d6eb4f98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "15597-60174ac7b8c4b-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2F4wdlH8gAoL0N3DVD1AnWcZ7iCTK4dqW4VoOy8qhg4bs8K1%2FbMcMMBg33p3mwzb1IJfqTWtVioOINaVieBb6QuNtZyjNYV3SttHh6F%2B7fPyJ3%2BWJlJ97BOkFAQh2WHo1Z87ZUIuGMF4CvuF"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33091&sent=94&recv=35&lost=0&retrans=0&sent_bytes=96513&recv_bytes=7935&delivery_rate=892687&cwnd=48000&unsent_bytes=0&cid=813dcd0f7b746167&ts=1601&x=1", cfExtPri, cfHdrFlush;dur=16
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: application/javascript
last-modified: Thu, 27 Jul 2023 09:34:41 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee53f2c63bf-LHR
accept-ranges: bytes
content-length: 30570
server: cloudflare

GET
H/1.1 200
OK detect.js Show response
ads.adextrem.com/ 78 B
826 B 238ms
46ms Script
application/javascript 3.64.86.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/detect.js
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.86.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-86-135.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/

Response headers

Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
ETag: "4e-559751641a5c0-gzip"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91
Date: Thu, 31 Oct 2024 21:30:20 GMT
Content-Type: application/javascript
Last-Modified: Mon, 18 Sep 2017 11:31:43 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H3 200 bg2.jpg
rdvsecret.com/plancul/1/lp15/ 130 KB
131 KB 66ms
51ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg2.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "208cf-5957c2d79e5c0"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nidLMLEuKGwyOJpBtDnAdkbxCmUx6SVVdJYeVhA1j61stAHaL3ChIc1clmFzBimJ3XZF2AOfpxjOIxO4yN2s1nsu2u6gSUfLatq1uQgYTcQY2FQtmKUm6b4Aui%2BdA%2F7wrzujTQWpmG8yeLGI"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44259&sent=23&recv=20&lost=0&retrans=0&sent_bytes=12513&recv_bytes=7290&delivery_rate=5352&cwnd=12000&unsent_bytes=0&cid=813dcd0f7b746167&ts=1535&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:55 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee53f2e63bf-LHR
accept-ranges: bytes
content-length: 133327
server: cloudflare

GET
H3 200 bg3.jpg
rdvsecret.com/plancul/1/lp15/ 159 KB
159 KB 88ms
78ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg3.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "27a8f-5957c2d6aa380"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8djdxwK2GfOBBjdxLTV66qpaTZmiO4%2BZTNm0M9r6OH4oOJq0wV9eIxJ%2BNIQ1yK8XVnNaqYFbkq9otUyg%2BjMhCtezj4KoNDea6hjH%2BA%2FJrlBHiQ3lvfNfjno7WUNMvBC41GrG3m19U3Q1DIso"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44259&sent=33&recv=20&lost=0&retrans=0&sent_bytes=24513&recv_bytes=7290&delivery_rate=5352&cwnd=12000&unsent_bytes=0&cid=813dcd0f7b746167&ts=1554&x=1", cfExtPri, cfHdrFlush;dur=10
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:54 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee53f3663bf-LHR
accept-ranges: bytes
content-length: 162447
server: cloudflare

GET
H3 200 bg4.jpg
rdvsecret.com/plancul/1/lp15/ 125 KB
126 KB 48ms
48ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg4.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "1f352-5957c2d6aa380"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gDj1YrwtVPHsAYJ3bLgSbw4mDSeq7%2B3Lf%2F8inn6%2BIX%2FXN1bw1b0EcDbie2QaXLGRvXg5GGyHDo7B8j4bZLA6Zhf5jpLu2yRiO2Kt28Bwu3ilP0JsrhWFNcatMxWL%2FGFQADpMLmI9nXHS1DvG"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34733&sent=328&recv=89&lost=18&retrans=18&sent_bytes=372453&recv_bytes=10824&delivery_rate=1282057&cwnd=115919&unsent_bytes=0&cid=813dcd0f7b746167&ts=1753&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:54 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee698d963bf-LHR
accept-ranges: bytes
content-length: 127826
server: cloudflare

GET
H3 200 bg5.jpg
rdvsecret.com/plancul/1/lp15/ 113 KB
114 KB 53ms
53ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg5.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "1c5c3-5957c2d5b6140"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNIHbeM4%2F4g4hxDFsPdnN3p6PkLa1YUiChLInqHzPrAPkgtLXFvUWsx5L3im4%2FyhZa%2F%2F3i8RiXioSvmHD3gEAAINyWL57tll6BG9X7OE25XgTv%2BZvZjh5CIBcDWKDdnz4D4eI%2BeJBr645Yx4"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34733&sent=426&recv=90&lost=18&retrans=18&sent_bytes=488397&recv_bytes=11267&delivery_rate=1282057&cwnd=115919&unsent_bytes=0&cid=813dcd0f7b746167&ts=1771&x=1", cfExtPri, cfHdrFlush;dur=12
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee6b8f263bf-LHR
accept-ranges: bytes
content-length: 116163
server: cloudflare

GET
H3 200 bg6.jpg
rdvsecret.com/plancul/1/lp15/ 164 KB
164 KB 48ms
48ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg6.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "28ea7-5957c2d5b6140"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7RuJEt4SYBlmuILievHlQ0TxN9laS8%2Fqgs6RMDokYeH01wagEgMF0mq3eU9WQEK%2B%2BNcjOTrMrAo6SBZU8OvxrLIIv9XEf7ffcWjemI%2B0Wa5vp123SCV0oaNtkw0CrkecFcDIIqNCnsfGCeK"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30991&sent=541&recv=111&lost=18&retrans=18&sent_bytes=623324&recv_bytes=12615&delivery_rate=2020746&cwnd=117119&unsent_bytes=0&cid=813dcd0f7b746167&ts=1834&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee7197863bf-LHR
accept-ranges: bytes
content-length: 167591
server: cloudflare

GET
H3 200 bg7.jpg
rdvsecret.com/plancul/1/lp15/ 124 KB
124 KB 70ms
69ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg7.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "1ee3c-5957c2d5b6140"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H8pfgG570BlpbrEXFGw%2FzqeZAc6KWCXo5EFeTsb77z8QJV6l%2B%2FFRF%2Fu0ZYJ8OW7bRnvTuuqefJe0DsUl%2B%2FFSvQw2gcQV1UihTjf44k2TwRH0uCj5EaE6jLXappCa7ihU4ssoxMg0lCBMbrG6"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30640&sent=634&recv=115&lost=18&retrans=18&sent_bytes=734660&recv_bytes=13970&delivery_rate=4101936&cwnd=117119&unsent_bytes=0&cid=813dcd0f7b746167&ts=1853&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:53 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee7399663bf-LHR
accept-ranges: bytes
content-length: 126524
server: cloudflare

GET
H3 200 bg1.jpg
rdvsecret.com/plancul/1/lp15/ 109 KB
109 KB 69ms
69ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/bg1.jpg
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "1b333-5957c2d6aa380"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FhdDWdLOZnhVa4tkmfmHB5JXn2i2NYGLJN7TfFTIA5jREyObaKTz1KoEThrSVfcEawRaBhtnnrOIvyTNYEVJJzK44mIs%2BrgqBmrNVetB9hJ9Hybnf7gBLPwABB85iDfL6AcL2s3TZoeuLxQ0"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30108&sent=634&recv=116&lost=18&retrans=18&sent_bytes=734660&recv_bytes=14016&delivery_rate=2782741&cwnd=117119&unsent_bytes=0&cid=813dcd0f7b746167&ts=1853&x=1", cfExtPri, cfHdrFlush;dur=10
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2019 09:10:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee7399a63bf-LHR
accept-ranges: bytes
content-length: 111411
server: cloudflare

GET
H3 200 secured-website.png
rdvsecret.com/plancul/1/lp15/ 29 KB
30 KB 69ms
69ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rdvsecret.com/plancul/1/lp15/secured-website.png
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41ba3dae709e1a8984377fab99ded7d1aebba4afa08b73ab8137fc647a87509

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cf-cache-status: HIT
etag: "73a2-5957c2d79e5c0"
age: 3894
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ay1rfU%2BI6ySl90MZIHKc6j1TzxuklEV03G%2Bl9czX%2FJgRpPEBgRqI0YISGuqSTUtT8fY8%2BWTDYhpFX%2B%2B%2BQHolcW8sPLEbe0iXDne%2F7X8Px8KcuATxj20vb0s36NQI%2B5BZ%2Fobwrjn6L0QE4Ybu"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30108&sent=634&recv=116&lost=18&retrans=18&sent_bytes=734660&recv_bytes=14016&delivery_rate=2782741&cwnd=117119&unsent_bytes=0&cid=813dcd0f7b746167&ts=1853&x=1", cfExtPri, cfHdrFlush;dur=12
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2019 09:10:55 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8db6bee7399b63bf-LHR
accept-ranges: bytes
content-length: 29602
server: cloudflare

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 191ms
47ms Stylesheet
text/css 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-8c85"
age: 2906047
x-cache: HIT, HIT
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 2, 41236
x-served-by: cache-lga21981-LGA, cache-lhr-egll1980057-LHR
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730410221.824359,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8323
server: nginx

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 211ms
70ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-15d9d"
age: 4361678
x-cache: HIT, HIT
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 173858, 238743
x-served-by: cache-lga21931-LGA, cache-lhr-egll1980057-LHR
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730410221.824456,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30875
server: nginx

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
67 KB 177ms
36ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-3dee4"
age: 3070602
x-cache: HIT, HIT
date: Thu, 31 Oct 2024 21:30:20 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 68, 61619
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga13623-LGA, cache-lhr-egll1980057-LHR
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730410221.824269,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67751
server: nginx

GET
H/1.1 200
OK detect.php Show response
ads.adextrem.com/ 34 B
206 B 43ms
42ms Script
text/html 3.64.86.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/detect.php
Requested by: Host: ads.adextrem.com
URL: https://ads.adextrem.com/detect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.86.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-86-135.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://rdvsecret.com/

Response headers

Content-Length: 34
Date: Thu, 31 Oct 2024 21:30:20 GMT
Content-Type: text/html; charset=UTF-8
Server: Apache/2.4.10 (Debian)
Connection: keep-alive

GET
H/1.1 200
OK loader.php Show response
ads.adextrem.com/push/ 4 KB
2 KB 43ms
42ms Script
text/html 3.64.86.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/push/loader.php
Requested by: Host: rdvsecret.com
URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.86.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-86-135.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Content-Length: 1561
Date: Thu, 31 Oct 2024 21:30:20 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: Apache/2.4.10 (Debian)

GET
H/1.1 200
OK ifp.php
ads.adextrem.com/push/ Frame E208 0
0 226ms
41ms Document
text/html 18.193.203.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adextrem.com/push/ifp.php?slot=4
Requested by: Host: ads.adextrem.com
URL: https://ads.adextrem.com/push/loader.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.203.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-203-120.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.10 (Debian) /
Resource Hash

Request headers

Referer: https://rdvsecret.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1077
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Oct 2024 21:30:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding

GET
H3 404 favicon.ico
rdvsecret.com/ 196 B
808 B 101ms
101ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rdvsecret.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lt4LEZ4LD%2BZ%2BUpIQFLYRLrcIfxl7Jkc8RtpKSnxXY7ATF%2FjkCYPe6YvyB7yvNA3C3MKB7r4K8Pv5LEnjxRKNcl3tEnDN7yTqvr8ocY5gs868X2Fv64DJ3rNcbkiMHU4Qfo3y0VQfXrO9YR%2Bs"}],"group":"cf-nel","max_age":604800}
cf-ray: 8db6beebcf4b63bf-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=34367&sent=928&recv=164&lost=18&retrans=18&sent_bytes=1071941&recv_bytes=17029&delivery_rate=2613866&cwnd=121919&unsent_bytes=0&cid=813dcd0f7b746167&ts=2646&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 31 Oct 2024 21:30:21 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
a2y8vytrk.com/	1970-01-21 00:41:36	Name: uniqueClick_3qqg7 Value: 8f5a8e80-8d22-4b63-8637-c6cb6d049a39:1730410216
a2y8vytrk.com/	1970-01-21 02:49:46	Name: transaction_id Value: f4cff9039b4740fc8fbf84bdd286cee4
crazyperf.afflnx.com/	1969-12-31 23:59:59	Name: CF Value: QWkRJAcE0wmDumjhwDxJKA__
.afflnx.com/	1970-01-21 00:41:36	Name: s Value: Z7kqkj1f7Rb1xDBET9Dm9%2Bk5HKDKB62RW6dNljMpm9MexDMFT11NwCULZwSIF3XS9NvsPsbnxtlUtQBDcNLP2iB%2BJvkRH5tb%2FTdQQiKjzPSVStViBrIk%2BFbAoLPgXlgGQap24g0pzmCf4OnKo7PU76ZoOH9rSYmFSkRNgbfhC2HyrmKQ5TUimjSHpGctsAxdo32y1yCHs3VJD8q8AVkfcyuS5wWvSCDtR1FvY6nQ7uDQnnNJr3MFDLf2YRvxtZoEIgxfIf3a7BQ412KsfD7h%2B%2F1J0noIZ45s0eW5H2FUCLQmlwDsakbIzRVkZTuPYIJ%2BcQpYxhd6Gtz2VHTnTC7swmAxcfgKU6Ji2xn1A0ER21Kmf3He52T1cW3HuOp0GFmelYjh6OJat3VjjoVeIvfihzOJ5uIrxT3VCWsbk2k5BFuT2yjYNa630NSZvHm%2Fd7n7DhsIDcw%2FRiy0pfUOXjqE9AQ3wzyCH3pDttqwy3RLPlGMtF4v4zTbukWl3Tkf70Mrb9V3mToASMPIjecyJFoigYUPh1n76OZ4xSKco%2ByhHeUHE9wcgpRCgxqvJ0DCHXa2TWMcwhAC2epcXtZiO8LlkU%2BQ0lhmeV4ybz0yELoHU3TWKh3DqS1mxCaoQNdhCs6g8d4gcNJB87dwItSU137hKFV%2FnYIYZKulrymnq8Z9d%2FbxncZPHDr%2BJ9AAO5uZjA8tT0ZpPVbERxd3DRjvZ1EwlWyALUMWqXc01cbhu8F99w3V9yk628h9yj5njPZrHReEiBgIANZoTMPZ87HVF6QcUEqmvAtbkYU26UWCDYEMvJltOZHmYQc1YH7xjcdbwLgCd5bj8ZNOBMtWA115PQ%2BaRrNrWvosHGshqj%2Bdb8j6%2BnTA0g93PMpmTeHIwkVx%2FKZXYx4ZZwjI5A9oY5zE9pInRzwoLroID0kMeO4Phgh0fiLVeq8Tp2m6Y%2BYj3gULALoWUkxsNtGyOj%2FALEPHiN2sS%2BiM4KPMP2oEmC%2BK6TY1UWxs0Phiz1G%2BiWPxv3DexCNCsafY2vgYJRfDTHmK3SJCyOUqUww36TQUAsQx2ZVvpH3UwH6q%2BqR%2BgdhUs08xhW1cNSYxqml9I8OC1ej4rxNZaJ4jk%2BoGI6RHFO3hxdFn%2FFZuG1KqEEOD8xO5pG%2BN5kIU4Jhrm1viqs9w%2BkbzRh7Qr3EqHOZj71RPUWdNcPiFn%2B9aMOKK68Bipcjtw7vDOGOOYkeP8H9%2BHhuCHfU9MbcpeEOqaPtsTJsJ7VQwgNv5M6YHuze4VXWVUimDgZrAodcZZh37MgpBrqXrzf2is%2ByO7HK89nnPLLf%2BYHDVFEGQu8vIuS%2FTxK7OjU%2BhFCqWPm%2FYVTol5qPlhVQhGdxwZixGTVcb8PQPjpEIkddWQV7K0yeqi6gQ%2BNR19hdUrJLmNT6AvBmWBOMXhtNqczpH6ejN6CGPL0%2Boy4oU8LtFhXurwaNBGeZRWS5GgrMnU4yGqhQuie3e%2BFdWnIIbZA34Ak6lmaD5tm2%2BgBHuyGactEb5mlDetITSEflG3o9aKcdEmTo2ZSHDiHMR8Wj6rTJkKRyRyY5gJsbx3NCux8F5%2F7oTYTBUxQT8GmW4qi%2BoPhzpl60ywgLDUCQlJqzdkyg%2BrFDGBGHP9mGMxs43ZlREEgrw7%2BK6eGn6Xc2p6uK7MNIhXzvJzS0GWrVO5wP8%2BiuN7YfBXhZ9C2izOtHsQfFEJzESvZQO0HMf2GFxC0KbcprBcBIW7TJMGCmC%2Fyj%2BQ5AXP1yc7iCmQQ9gz1S6CQ%3D%3D
rdvsecret.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8iipd3ft2cblnfc9pvhrai6m12
ads.adextrem.com/	1970-01-21 00:40:11	Name: AWSELBCORS Value: 671BC5111EC8C439EC6ECDAADF42C2FCC39A19517218077FA7C3489EE5CC3E54EC44B822F2F5F60AFCADD93926CF44860692B62F1C08EFBA74D747333303EC0C50738518D3
rdvsecret.com/	1970-01-21 01:23:22	Name: fw Value: 1600
rdvsecret.com/	1970-01-21 01:23:22	Name: fh Value: 1200
rdvsecret.com/	1970-01-21 01:23:22	Name: fua Value: Mozilla/5.0 (X11
.ads.adextrem.com/	1970-01-21 00:50:15	Name: fp2 Value: dde8050d2a42038eb20dfe8ba6302dcb

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ads.adextrem.com/detect.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.adextrem.com/detect.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.adextrem.com/detect.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://rdvsecret.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://rdvsecret.com/plancul/1/lp15.php?pt=auto&lp=15&id=1&affid=ofc&source=pasdesource&clickid=101792888&mail=# Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2y8vytrk.com
ads.adextrem.com
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
crazyperf.afflnx.com
harem-smrt.com
rdvsecret.com
142.132.150.101
18.193.203.120
2606:4700::6811:190e
2a00:1450:4001:809::200a
2a04:4e42:200::649
2a06:98c1:3120::3
3.64.86.135
34.160.108.161
1fab08ee7301c1c5676fa683c923e47681d2b1ec4fd396045937e8fb6befa7c8
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
49c3133c07bd12eb6c5ffd36387360ef096eebc91c7368857d4536d76fdcb804
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
6ab2b9bf505bf16efda449af810081478279b4b4151996c66cfccdbc8cd33175
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7062ae104a3116171eda063410c311f7756d346b8489492950c88f2f505f31cc
735588a14f972f7e22d7b469f181fe41a1a0e09be1fc92758ad4a701499fa56c
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
888a3e263a4a1bf5acf5a294acd7f3118510721531590ce74093b1bfcb65adc2
8b9ea8752caa6b5eb8b322494a98677a062c9e3175c254280b72a0133a567943
8c039b6e245af3041933a2e283eb929be6c05618616e34ef2b8e3ca2bb368007
90b4a9f1b17ddc4b057d11881f1fbc130b95ce03bde77539ae1600040bb22cb8
a6f2e5a530422e3d146eb368c71b08d5a6efd0f52d8dc9f366993ee8d6eb4f98
b7d4f56881b9089650b515db51eec4dc50d49b444e87f230937302a6ca062968
bcc7d74ee2454721d5da6c1c44c57e46bf0d9e1e1dc570afe0293492d5005d77
d41ba3dae709e1a8984377fab99ded7d1aebba4afa08b73ab8137fc647a87509
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61803fe337b62ec88013f93ba451a76854a55b86eda08de01550fbf87087a14
eed9a94b515a5c841ce4518d354a88d6cea607390fe8c6a21fe303ecac227f66
f5e39f90aee9a60deea10b6cd3707803db58a0a45e5a3894eaad194d617ce780
fb6fbecf0fe0555f9529f5608831ea7af02fd1f17ac6e04ae7d37914dfa7cf8c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

rdvsecret.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

7 IPs

2 Countries

1171 kBTransfer

1600 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

10 Cookies

4 Console Messages

Indicators

rdvsecret.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

1171 kB
Transfer

1600 kB
Size

10
Cookies

25 HTTP transactions
0 data transactions