urlscan.io logo urlscan.io
SecurityTrails logo

ewa.ac Open in urlscan Pro
2606:4700:30::681f:494b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ewe.ac/rdke
Effective URL: http://ewa.ac/rdke
Submission: On November 21 via manual from UA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 25 HTTP transactions. The main IP is 2606:4700:30::681f:494b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ewa.ac.
This is the only time ewa.ac was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:30:... 13335 (CLOUDFLAR...)
1 54.192.94.252 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 54.230.95.72 16509 (AMAZON-02)
2 34.193.198.22 14618 (AMAZON-AES)
4 18.235.143.232 14618 (AMAZON-AES)
1 52.216.102.149 16509 (AMAZON-02)
1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 2600:9000:20b... 16509 (AMAZON-02)
1 54.230.95.54 16509 (AMAZON-02)
25 14
1    2606:4700:30::681f:45ea (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ewe.ac
1    2606:4700:30::681f:494b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ewa.ac
1    2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
5    2606:4700:30::681f:484b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
data.ewa.ac
1    54.192.94.252 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-252.fra2.r.cloudfront.net
d3al52d8cojds7.cloudfront.net
1    2a00:1450:4001:824::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    54.230.95.72 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-72.fra2.r.cloudfront.net
boudja.com
2    34.193.198.22 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-198-22.compute-1.amazonaws.com
newspolovb.info
4    18.235.143.232 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-235-143-232.compute-1.amazonaws.com
uytestion.info
1    52.216.102.149 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s3.amazonaws.com
1    2604:9e00:1:138::12 (United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
www.maebtjn.com
1    2600:9000:20bb:ec00:1f:8001:f3c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d4ngwggzm3w7j.cloudfront.net
1    54.230.95.54 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-54.fra2.r.cloudfront.net
boudja.com
Domain Requested by
5 data.ewa.ac ewa.ac
4 uytestion.info ewa.ac
d3al52d8cojds7.cloudfront.net
4 www.google-analytics.com www.googletagmanager.com
ewa.ac
3 boudja.com d3al52d8cojds7.cloudfront.net
ewa.ac
d4ngwggzm3w7j.cloudfront.net
2 newspolovb.info d3al52d8cojds7.cloudfront.net
1 d4ngwggzm3w7j.cloudfront.net ewa.ac
1 www.maebtjn.com ajax.googleapis.com
1 s3.amazonaws.com ewa.ac
1 www.googletagmanager.com ajax.googleapis.com
1 d3al52d8cojds7.cloudfront.net ewa.ac
1 ajax.googleapis.com ewa.ac
1 ewa.ac
1 ewe.ac 1 redirects
25 13

This site contains no links.

Subject Issuer Validity Valid
*.google.com
Google Internet Authority G3		 2018-10-30 -
2019-01-22		 3 months crt.sh
boudja.com
Amazon		 2018-10-31 -
2019-11-30		 a year crt.sh

This page contains 6 frames:

Primary Page: http://ewa.ac/rdke
Frame ID: 11E2698706C937AC4E68AC594D38699B
Requests: 21 HTTP requests in this frame

Frame: https://boudja.com/V1l2MUN4OhsOMSNkGFQ0JCkZXSwhO1hYLTE2
Frame ID: B52C1F451D7341FC6EC6204CA9E256FA
Requests: 1 HTTP requests in this frame

Frame: http://newspolovb.info/SXhZU2IoGjo+XTwKNW5Hez58YSQtSzg/V3scYTANIxwqZEwqFDYmBi8KNj0WZxY8J0d7Ph8AURsqFD4BJj8jajcePGE3LBhBCDYJAxYYBVc9MDAZBgosLRktDy0xHyZ5Aj0HLwgyETclAStgGTsbKRUYCiZKHWMnPD8zGjIfFWkFLB86ODVTABQINAUuKw0RBwoSMh0veCk/HjBwSwskOHs/DWYrDRE6Ci8LHA8XNw9daxUjIjJsASolHhs6BS0oaQorBjohYyMaLiwBDw8aGgdaGygLNzQsADIkNxwybAEmfDoIPQ4MMws3NCxIDzsAHyJtGFBkKTsCDCU9FBYrETIhFg8fDww0KhotAQUzeDoANDQDHRwZUgg+PTkqMxQeEAstKgBgJAodDAJbHg8uJjceNRoSIX0gFj9TBhoyCQocKWFmJTMAAQIMIgEDJDQDHWgjCwgubGo1JBMfAgwlPRA/LwszPgpWD0kMHTMeMR8AOiE7PWMGKB0yCQsISWwqJx41HwZReS8UJAEKHjEKFQofE2QzHTUbBgwALgACLBgzHBZEIws2PRJ0ET4VBQAaHgcpGQ
Frame ID: 06746E09934C8D3A0425A0B50A0CC8A3
Requests: 1 HTTP requests in this frame

Frame: http://www.maebtjn.com/watch?key=426c8efa531764f90f746f0ec6ea09ad
Frame ID: 6955F5DAD751A46845F5F382097364D4
Requests: 1 HTTP requests in this frame

Frame: https://boudja.com/RlEyVURpMl9qNjJsXDAzNSFdOSswMxw8KiA+
Frame ID: 2E80C88447DE13D44BE0FCDA46F19FE3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: AD8DEAC4AC9AAB636175168C69186EFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ewe.ac/rdke HTTP 301
    http://ewa.ac/rdke Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^d3$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

25
Requests

24 %
HTTPS

57 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

259 kB
Transfer

640 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ewe.ac/rdke HTTP 301
    http://ewa.ac/rdke Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set rdke
ewa.ac/
Redirect Chain
  • http://ewe.ac/rdke
  • http://ewa.ac/rdke
34 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2606:4700:30::681f:494b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.28
Resource Hash
67ef19a9e010dd6ed87f632ce764e2940304c8ce93dca1f608560d9d275cd1a6

Request headers

Host
ewa.ac
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dc88aadf1fc857c627165c635ace9949b1542790497; expires=Thu, 21-Nov-19 08:54:57 GMT; path=/; domain=.ewa.ac; HttpOnly PHPSESSID=mjnjrepof4jngperl3e6b0k873; path=/; HttpOnly _csrf=c9a4c6eeba59fbf36ec2b5fc7853a11a0f554e4109d5b7385d1899f6ef14adc1a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22%BC%2C%D5%248%D7%24%16h%29%2AYl%19X%8D%D9F%DA%F9%D4b%83H%FD%21C%A5%C0%EB%E2%DB%22%3B%7D; path=/; HttpOnly
X-Powered-By
PHP/7.0.28
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding,User-Agent
Server
cloudflare
CF-RAY
47d1ef3f418463c1-FRA
Content-Encoding
gzip

Redirect headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d040f6647dc4510c7f5129b08c7b3b0761542790496; expires=Thu, 21-Nov-19 08:54:56 GMT; path=/; domain=.ewe.ac; HttpOnly
Location
http://ewa.ac/rdke
Server
cloudflare
CF-RAY
47d1ef3dd7a397d4-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 21:09:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 25 Jan 2018 15:33:24 GMT
Server
sffe
Age
647147
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30399
X-XSS-Protection
1; mode=block
Expires
Wed, 13 Nov 2019 21:09:10 GMT
seh.js
data.ewa.ac/ 		127 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://data.ewa.ac/seh.js
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2606:4700:30::681f:484b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5238304d178b302adc47ed286213359c474fc2f25a51c190bce6c57248550ba5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
data.ewa.ac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://ewa.ac/rdke
Cookie
__cfduid=dc88aadf1fc857c627165c635ace9949b1542790497
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 26 Sep 2018 22:58:15 GMT
Server
cloudflare
ETag
W/"5bac0f07-1fac4"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
47d1ef4224e897c8-FRA
Expires
Thu, 29 Nov 2018 08:54:57 GMT
a.js
data.ewa.ac/advertisement/ 		76 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
http://data.ewa.ac/advertisement/a.js
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2606:4700:30::681f:484b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61223c88aec0687de5c4a0a3d564845d5bef7a4bb2a35c70654a2dd5b3ffa03c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
data.ewa.ac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://ewa.ac/rdke
Cookie
__cfduid=dc88aadf1fc857c627165c635ace9949b1542790497
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 20 Mar 2018 07:32:58 GMT
X-Accel-Version
0.01
ETag
"4c-567d315611e80-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=691200
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47d1ef4224fe979e-FRA
Content-Length
91
Server
cloudflare
Expires
Thu, 29 Nov 2018 08:54:57 GMT
b.js
data.ewa.ac/wp-content/plugins/agreeable-button/ 		80 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
http://data.ewa.ac/wp-content/plugins/agreeable-button/b.js
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2606:4700:30::681f:484b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb4a87cc7f7191c2f47ac201c7af28e250ff0ca1309d40815caed04e1300244c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
data.ewa.ac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://ewa.ac/rdke
Cookie
__cfduid=dc88aadf1fc857c627165c635ace9949b1542790497
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 26 Mar 2018 21:11:49 GMT
X-Accel-Version
0.01
ETag
"50-5685738dcef40-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
public, max-age=691200
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47d1ef4221eb9792-FRA
Content-Length
94
Server
cloudflare
Expires
Thu, 29 Nov 2018 08:54:57 GMT
i.css
data.ewa.ac/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://data.ewa.ac/i.css
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2606:4700:30::681f:484b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
033fd51c17218a936f832d876dbfe5410828b11edcaec9f3809c9192186e57d3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
data.ewa.ac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://ewa.ac/rdke
Cookie
__cfduid=dc88aadf1fc857c627165c635ace9949b1542790497
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 20 Mar 2018 07:01:00 GMT
Server
cloudflare
ETag
W/"5ab0b1ac-78c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=691200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
47d1ef4224659774-FRA
Expires
Thu, 29 Nov 2018 08:54:57 GMT
l.png
data.ewa.ac/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://data.ewa.ac/l.png
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2606:4700:30::681f:484b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5514224901b51d070f5ffe161d4a83c7b49d1156ce3fb41f1587dfbc1aff08a4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
data.ewa.ac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://ewa.ac/rdke
Cookie
__cfduid=dc88aadf1fc857c627165c635ace9949b1542790497
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 21 Mar 2018 18:27:27 GMT
Server
cloudflare
ETag
"5ab2a40f-1a44"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=691200
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
47d1ef422471c26f-FRA
Content-Length
6724
Expires
Thu, 29 Nov 2018 08:54:57 GMT
/
d3al52d8cojds7.cloudfront.net/ 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d3al52d8cojds7.cloudfront.net/?tid=716639
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
54.192.94.252 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-252.fra2.r.cloudfront.net
Software
/
Resource Hash
d8c20455b4f54d1f1f1e0c008c891d64e6952ae982ad1832c42c70fda99297d2

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Encoding
gzip
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
39854
Via
1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
X-Amz-Cf-Id
5Ozmyst54KF7D2NOusnkfZJ3GUauYHQu0THvs8v6onpZh1yx42D1tg==
js
www.googletagmanager.com/gtag/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtag/js?id=UA-58048569-8
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:824::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
ffc16242226ec75966d4556209766658cf404742352f9e18b5b29d23376c2b25
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 21 Nov 2018 08:54:57 GMT
Content-Encoding
gzip
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
32167
X-XSS-Protection
1; mode=block
Expires
Wed, 21 Nov 2018 08:54:57 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-58048569-8
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
3617
date
Wed, 21 Nov 2018 07:54:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17404
expires
Wed, 21 Nov 2018 09:54:40 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=105737831&t=pageview&_s=1&dl=http%3A%2F%2Fewa.ac%2Frdke&ul=en-us&de=UTF-8&dt=super%20photo%20jpg%20%7C%20ERA.AC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1564670085&gjid=618566891&cid=123462843.1542790498&tid=UA-58048569-8&_gid=1676047361.1542790498&_r=1&gtm=2oubc0&z=701237440
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Nov 2018 08:54:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=105737831&t=event&_s=2&dl=http%3A%2F%2Fewa.ac%2Frdke&ul=en-us&de=UTF-8&dt=super%20photo%20jpg%20%7C%20ERA.AC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=users_id&ea=interstitial&el=x59x&_u=IEBAAUAB~&jid=&gjid=&cid=123462843.1542790498&tid=UA-58048569-8&_gid=1676047361.1542790498&gtm=2oubc0&z=1126721361
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Nov 2018 13:40:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
760456
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j72&a=105737831&t=event&_s=3&dl=http%3A%2F%2Fewa.ac%2Frdke&ul=en-us&de=UTF-8&dt=super%20photo%20jpg%20%7C%20ERA.AC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=url_id&ea=interstitial&el=x32049x&_u=IEBAAUAB~&jid=&gjid=&cid=123462843.1542790498&tid=UA-58048569-8&_gid=1676047361.1542790498&gtm=2oubc0&z=722756264
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Nov 2018 13:40:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
760456
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
V1l2MUN4OhsOMSNkGFQ0JCkZXSwhO1hYLTE2
boudja.com/ Frame B52C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://boudja.com/V1l2MUN4OhsOMSNkGFQ0JCkZXSwhO1hYLTE2
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: http://d3al52d8cojds7.cloudfront.net/?tid=716639
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.72 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-72.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
boudja.com
:scheme
https
:path
/V1l2MUN4OhsOMSNkGFQ0JCkZXSwhO1hYLTE2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://ewa.ac/rdke
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ewa.ac/rdke

Response headers

status
200
content-type
text/html
content-length
4137
date
Wed, 21 Nov 2018 08:54:58 GMT
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
p3p
CP="NID DSP ALL COR"
pragma
no-cache
set-cookie
csu=bd7a646b-4d16-4838-98b5-f003fe34809c
x-cache
Miss from cloudfront
via
1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
x-amz-cf-id
A5_jSOJNE-msVBA9lqId9mLwDbRvbkWNW0Yz7GdBRtjUGz-0MlqM7Q==
LwszPgpWD0kMHTMeMR8AOiE7PWMGKB0yCQsISWwqJx41HwZReS8UJAEKHjEKFQofE2QzHTUbBgwALgACLBgzHBZEIws2PRJ0ET4VBQAaHgcpGQ
newspolovb.info/SXhZU2IoGjo+XTwKNW5Hez58YSQtSzg/V3scYTANIxwqZEwqFDYmBi8KNj0WZxY8J0d7Ph8AURsqFD4BJj8jajcePGE3LBhBCDYJAxYYBVc9MDAZBgosLRktDy0xHyZ5Aj0HLwgyETclAStgGTsbKRUYCiZKHWMnPD8zGjIfFWkFLB86ODVTA... Frame 0674 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://newspolovb.info/SXhZU2IoGjo+XTwKNW5Hez58YSQtSzg/V3scYTANIxwqZEwqFDYmBi8KNj0WZxY8J0d7Ph8AURsqFD4BJj8jajcePGE3LBhBCDYJAxYYBVc9MDAZBgosLRktDy0xHyZ5Aj0HLwgyETclAStgGTsbKRUYCiZKHWMnPD8zGjIfFWkFLB86ODVTABQINAUuKw0RBwoSMh0veCk/HjBwSwskOHs/DWYrDRE6Ci8LHA8XNw9daxUjIjJsASolHhs6BS0oaQorBjohYyMaLiwBDw8aGgdaGygLNzQsADIkNxwybAEmfDoIPQ4MMws3NCxIDzsAHyJtGFBkKTsCDCU9FBYrETIhFg8fDww0KhotAQUzeDoANDQDHRwZUgg+PTkqMxQeEAstKgBgJAodDAJbHg8uJjceNRoSIX0gFj9TBhoyCQocKWFmJTMAAQIMIgEDJDQDHWgjCwgubGo1JBMfAgwlPRA/LwszPgpWD0kMHTMeMR8AOiE7PWMGKB0yCQsISWwqJx41HwZReS8UJAEKHjEKFQofE2QzHTUbBgwALgACLBgzHBZEIws2PRJ0ET4VBQAaHgcpGQ
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: http://d3al52d8cojds7.cloudfront.net/?tid=716639
Protocol
HTTP/1.1
Server
34.193.198.22 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-193-198-22.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Host
newspolovb.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ewa.ac/rdke
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ewa.ac/rdke

Response headers

Date
Wed, 21 Nov 2018 08:54:58 GMT
Content-Type
text/html
Content-Length
1263
Connection
keep-alive
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
VnEwZk15TlMVcAMbWCAfZERaIhUYVAIkFWQnUgAeABBqNwtnFVxTJHAFWQJwYUAGUH5vV0APKWtDCUA+IhBEEz5rQBYPIzAeDUA7a0AeVmNkRB5XayIBUQFwZ1dAEjk6TAFTeWRGCVZ5b0kBUn0
uytestion.info/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://uytestion.info/VnEwZk15TlMVcAMbWCAfZERaIhUYVAIkFWQnUgAeABBqNwtnFVxTJHAFWQJwYUAGUH5vV0APKWtDCUA+IhBEEz5rQBYPIzAeDUA7a0AeVmNkRB5XayIBUQFwZ1dAEjk6TAFTeWRGCVZ5b0kBUn0
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
18.235.143.232 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-235-143-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Wed, 21 Nov 2018 08:54:58 GMT
894cc35f82
s3.amazonaws.com/28f53cc498be70b43e40096c9ed2a82db2b85c0aceba6b1292a3c/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/28f53cc498be70b43e40096c9ed2a82db2b85c0aceba6b1292a3c/894cc35f82
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
52.216.102.149 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7895573b960c7a4a10462c07b3f1c088e21f64a24fbb08f97e2e4bcc9029be2f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ewa.ac/rdke
Origin
http://ewa.ac

Response headers

Date
Wed, 21 Nov 2018 08:54:59 GMT
x-amz-meta-pragma
no-cache
x-amz-request-id
F675CD5AC7154CC1
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length
17348
x-amz-id-2
OLlS8n1dXgjMr1A7Zw63q52VCtLiLbODT2qgFwBWNFUyu04QwT2+iMJNhTtadvT2RpHLruA6vTo=
Last-Modified
Wed, 21 Nov 2018 00:15:03 GMT
Server
AmazonS3
ETag
"194b54355956649309051df601b273e8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
http://ewa.ac
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Cookie set watch
www.maebtjn.com/ Frame 6955 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.maebtjn.com/watch?key=426c8efa531764f90f746f0ec6ea09ad
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
HTTP/1.1
Server
2604:9e00:1:138::12 , United States, ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US),
Reverse DNS
Software
nginx/1.15.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Host
www.maebtjn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://ewa.ac/rdke
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ewa.ac/rdke

Response headers

Server
nginx/1.15.1
Date
Wed, 21 Nov 2018 08:54:58 GMT
Content-Type
text/html
Content-Length
103
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
u_pl=14379220; expires=Thu, 22 Nov 2018 08:54:58 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=0; includeSubdomains
6YXEwd2teBVkTVlZABkFYWA%3D%3D
d4ngwggzm3w7j.cloudfront.net/ 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d4ngwggzm3w7j.cloudfront.net/6YXEwd2teBVkTVlZABkFYWA%3D%3D
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
2600:9000:20bb:ec00:1f:8001:f3c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
bb8ffec0c2c4019af4315c92ddc676d097a8dba243fe8361b62ac12048f30202

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Nov 2018 08:54:58 GMT
Content-Encoding
gzip
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
39854
Via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
X-Amz-Cf-Id
izVFwYLjMLE3PiP3WYNurNrc216y75jkcJKXQdpgflJd3gBs9nLq_g==
RkRCYXVOQUJqekJFRw
uytestion.info/cXZTQndeSTAxSiQcOw8iNzA5Bi8BBgoFIRMSFwgbKycVei4mMDpkAxgSbnVGR0Bge1EBHzd/RUhQIDYWBQMgf0NDUDosER5LYHtDVwBuc1lBWGF3WUBQJzIWFktiZAcFAj9/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://uytestion.info/cXZTQndeSTAxSiQcOw8iNzA5Bi8BBgoFIRMSFwgbKycVei4mMDpkAxgSbnVGR0Bge1EBHzd/RUhQIDYWBQMgf0NDUDosER5LYHtDVwBuc1lBWGF3WUBQJzIWFktiZAcFAj9/RkRCYXVOQUJqekJFRw
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
18.235.143.232 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-235-143-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Wed, 21 Nov 2018 08:54:58 GMT
popunder.gif
boudja.com/ 		35 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://boudja.com/popunder.gif
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
54.230.95.54 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-54.fra2.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 21 Nov 2018 08:54:58 GMT
content-encoding
gzip
X-Cache
Miss from cloudfront
Content-Type
image/gif
Via
1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800, immutable
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
CtJSP-JQNM98pW22yE96M9kEo8G8rR7GNunEYXPKDk-3L9gnfZVeEQ==
multi
newspolovb.info/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://newspolovb.info/multi?tid=716639&red=1&cs=Z0ZyUFdWc0RpZlAlSjJjUH9CYWdX&abt=0&v=1.0.25.1&sm=76&k=super%20photo&sts=67&prn=0&emb=0&fs=1&ref=http%3A%2F%2Fewa.ac%2Frdke&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_13_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F67.0.3396.87%20safari%2F537.36&tzd=0&uloc=&if=0&_LtRn=1542790498661&crc=1
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: http://d3al52d8cojds7.cloudfront.net/?tid=716639
Protocol
HTTP/1.1
Server
34.193.198.22 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-193-198-22.compute-1.amazonaws.com
Software
/
Resource Hash
45a4fbe10a34295bf0e63705e3abf94dcc7a7a7749baf88415a18ba1f6a629d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ewa.ac/rdke
Origin
http://ewa.ac

Response headers

Pragma
no-cache
Date
Wed, 21 Nov 2018 08:54:58 GMT
content-encoding
gzip
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
http://ewa.ac
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain
Content-Length
1771
BTkLAmRKIVBcd1x5X1h3XXEZHTgLalxLKRgjAVBoWWNfWmBcY1RVb1pn
uytestion.info/V21tWWx4Ug4qUQVdCQ0+OhlfOgEBSF8fOzksBjgVBQsOEVk9CVwtX3EZBD1RYFxbb19uSx0wCGpfVH8fIwwZLB9qW19/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://uytestion.info/V21tWWx4Ug4qUQVdCQ0+OhlfOgEBSF8fOzksBjgVBQsOEVk9CVwtX3EZBD1RYFxbb19uSx0wCGpfVH8fIwwZLB9qW19/BTkLAmRKIVBcd1x5X1h3XXEZHTgLalxLKRgjAVBoWWNfWmBcY1RVb1pn
Requested by
Host: ewa.ac
URL: http://ewa.ac/rdke
Protocol
HTTP/1.1
Server
18.235.143.232 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-235-143-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ewa.ac/rdke
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Wed, 21 Nov 2018 08:54:58 GMT
RlEyVURpMl9qNjJsXDAzNSFdOSswMxw8KiA+
boudja.com/ Frame 2E80 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://boudja.com/RlEyVURpMl9qNjJsXDAzNSFdOSswMxw8KiA+
Requested by
Host: d4ngwggzm3w7j.cloudfront.net
URL: http://d4ngwggzm3w7j.cloudfront.net/6YXEwd2teBVkTVlZABkFYWA%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.72 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-72.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
boudja.com
:scheme
https
:path
/RlEyVURpMl9qNjJsXDAzNSFdOSswMxw8KiA+
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://ewa.ac/rdke
accept-encoding
gzip, deflate
cookie
csu=bd7a646b-4d16-4838-98b5-f003fe34809c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://ewa.ac/rdke

Response headers

status
200
content-type
text/html
content-length
4137
date
Wed, 21 Nov 2018 08:54:58 GMT
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
p3p
CP="NID DSP ALL COR"
pragma
no-cache
x-cache
Miss from cloudfront
via
1.1 7c2d73d3cd46e357090188fa2946f746.cloudfront.net (CloudFront)
x-amz-cf-id
j1upKopE4VGCpUe0v87oUkII13O2dEWg9NmJXHLbjqRnNeP7ZkPK3A==
bBdDcTQLLz4SfhMRNVMqCC0XZB8AER5SCTkBJgUCdHE2ETg4J00AfWd1Qw5qISoUCn5oZQNDLSU2Awp9ZmUZWSo+fkEAfXc1TQZiYW1CAmJgZQRHLTZ+QRE8JTccCn1kd0IAdWF3SQ90YnE
uytestion.info/Q3A3TFFsT1Q/ 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
http://uytestion.info/Q3A3TFFsT1Q/bBdDcTQLLz4SfhMRNVMqCC0XZB8AER5SCTkBJgUCdHE2ETg4J00AfWd1Qw5qISoUCn5oZQNDLSU2Awp9ZmUZWSo+fkEAfXc1TQZiYW1CAmJgZQRHLTZ+QRE8JTccCn1kd0IAdWF3SQ90YnE
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: http://d3al52d8cojds7.cloudfront.net/?tid=716639
Protocol
HTTP/1.1
Server
18.235.143.232 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-235-143-232.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ewa.ac/rdke
Origin
http://ewa.ac
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
*
Date
Wed, 21 Nov 2018 08:54:58 GMT
truncated
/ Frame AD8D 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c392160b1aac399f9bc6b4c2ed7067704054653019c2f349ab250486f2707eb

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| f6AA function| r1EE string| popns object| kixxz object| kitza function| eQ function| counteR function| inIframe boolean| tech_detect function| mouseOverDetect function| mouseOutDetect function| myFunction boolean| ads_blocked function| getGoogleAnalyticsCode function| gtag object| dataLayer boolean| shopCounterGipLOe boolean| hold_click object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| m function| q function| u object| y object| z function| B function| A function| Fingerprint2 number| _765932735 number| TID object| f5X0 string| J0 string| m0 string| __DOMAIN object| A6q3 string| d3 string| r3 string| M3

7 Cookies

Domain/Path Name / Value
www.maebtjn.com/ Name: u_pl
Value: 14379220
ewa.ac/ Name: PHPSESSID
Value: mjnjrepof4jngperl3e6b0k873
.ewa.ac/ Name: _gid
Value: GA1.2.1676047361.1542790498
ewa.ac/ Name: _csrf
Value: c9a4c6eeba59fbf36ec2b5fc7853a11a0f554e4109d5b7385d1899f6ef14adc1a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22%BC%2C%D5%248%D7%24%16h%29%2AYl%19X%8D%D9F%DA%F9%D4b%83H%FD%21C%A5%C0%EB%E2%DB%22%3B%7D
.ewa.ac/ Name: _gat_gtag_UA_58048569_8
Value: 1
.ewa.ac/ Name: _ga
Value: GA1.2.123462843.1542790498
.ewa.ac/ Name: __cfduid
Value: dc88aadf1fc857c627165c635ace9949b1542790497

44 Console Messages

Source Level URL
Text
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
[object HTMLDivElement]
console-api log URL: http://data.ewa.ac/seh.js(Line 2)
Message:
console.clear

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
boudja.com
d3al52d8cojds7.cloudfront.net
d4ngwggzm3w7j.cloudfront.net
data.ewa.ac
ewa.ac
ewe.ac
newspolovb.info
s3.amazonaws.com
uytestion.info
www.google-analytics.com
www.googletagmanager.com
www.maebtjn.com
18.235.143.232
2600:9000:20bb:ec00:1f:8001:f3c0:21
2604:9e00:1:138::12
2606:4700:30::681f:45ea
2606:4700:30::681f:484b
2606:4700:30::681f:494b
2a00:1450:4001:817::200a
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
34.193.198.22
52.216.102.149
54.192.94.252
54.230.95.54
54.230.95.72
033fd51c17218a936f832d876dbfe5410828b11edcaec9f3809c9192186e57d3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
45a4fbe10a34295bf0e63705e3abf94dcc7a7a7749baf88415a18ba1f6a629d8
5238304d178b302adc47ed286213359c474fc2f25a51c190bce6c57248550ba5
5514224901b51d070f5ffe161d4a83c7b49d1156ce3fb41f1587dfbc1aff08a4
61223c88aec0687de5c4a0a3d564845d5bef7a4bb2a35c70654a2dd5b3ffa03c
67ef19a9e010dd6ed87f632ce764e2940304c8ce93dca1f608560d9d275cd1a6
7895573b960c7a4a10462c07b3f1c088e21f64a24fbb08f97e2e4bcc9029be2f
7c392160b1aac399f9bc6b4c2ed7067704054653019c2f349ab250486f2707eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
bb8ffec0c2c4019af4315c92ddc676d097a8dba243fe8361b62ac12048f30202
cb4a87cc7f7191c2f47ac201c7af28e250ff0ca1309d40815caed04e1300244c
d8c20455b4f54d1f1f1e0c008c891d64e6952ae982ad1832c42c70fda99297d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffc16242226ec75966d4556209766658cf404742352f9e18b5b29d23376c2b25