urlscan.io logo urlscan.io
SecurityTrails logo

way.securewebgateway.com Open in urlscan Pro
217.8.117.8  Public Scan

Go To Rescan Add Verdict Report
URL: http://way.securewebgateway.com/e.php?56690376
Submission: On August 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 6 domains to perform 24 HTTP transactions. The main IP is 217.8.117.8, located in Russian Federation and belongs to CREXFEXPEX-RUSSIA, RU. The main domain is way.securewebgateway.com.
This is the only time way.securewebgateway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 217.8.117.8 47510 (CREXFEXPE...)
1 14 160.153.244.152 21501 (GODADDY-AMS)
5 35.244.174.68 15169 (GOOGLE)
1 1 54.194.46.76 16509 (AMAZON-02)
1 52.19.158.4 16509 (AMAZON-02)
1 1 2001:41d0:301... 16276 (OVH)
1 145.239.193.53 16276 (OVH)
1 2 63.32.143.59 16509 (AMAZON-02)
1 91.199.51.211 47544 (IQPL-AS)
24 8
1    217.8.117.8 (Russian Federation)

ASN47510 (CREXFEXPEX-RUSSIA, RU)
way.securewebgateway.com
14    160.153.244.152 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-244-152.ip.secureserver.net
kr.lagendadesventesprivees.eu
ima.lagendadesventesprivees.eu
5    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ejp.rlcdn.com
1    54.194.46.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-46-76.eu-west-1.compute.amazonaws.com
crt.lagendadesventesprivees.eu
1    52.19.158.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-158-4.eu-west-1.compute.amazonaws.com
notify.adleadevent.com
1    2001:41d0:301:100:145:239:193:53 (France)

ASN16276 (OVH, FR)
squa.lagendadesventesprivees.eu
1    145.239.193.53 (France)

ASN16276 (OVH, FR)
squa.squatiki.eu
2    63.32.143.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-143-59.eu-west-1.compute.amazonaws.com
erm.lagendadesventesprivees.eu
er.cloud-media.fr
1    91.199.51.211 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-211.rev.iq.pl
links.lagendadesventesprivees.eu
Domain Requested by
12 ima.lagendadesventesprivees.eu way.securewebgateway.com
5 ejp.rlcdn.com way.securewebgateway.com
2 kr.lagendadesventesprivees.eu 1 redirects way.securewebgateway.com
1 links.lagendadesventesprivees.eu way.securewebgateway.com
1 er.cloud-media.fr way.securewebgateway.com
1 erm.lagendadesventesprivees.eu 1 redirects
1 squa.squatiki.eu way.securewebgateway.com
1 squa.lagendadesventesprivees.eu 1 redirects
1 notify.adleadevent.com way.securewebgateway.com
1 crt.lagendadesventesprivees.eu 1 redirects
1 way.securewebgateway.com
0 flex.lagendadesventesprivees.eu Failed way.securewebgateway.com
24 12

This site contains links to these domains. Also see Links.

Domain
links.lagendadesventesprivees.eu
Subject Issuer Validity Valid
kr.lagendadesventesprivees.eu
cPanel, Inc. Certification Authority		 2020-05-30 -
2020-08-28		 3 months crt.sh
ima.lagendadesventesprivees.eu
cPanel, Inc. Certification Authority		 2020-05-30 -
2020-08-28		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-14 -
2021-04-23		 a year crt.sh
*.adleadevent.com
Gandi Standard SSL CA 2		 2020-04-14 -
2021-04-17		 a year crt.sh
squa.clubdesreduc.eu
Let's Encrypt Authority X3		 2020-08-07 -
2020-11-05		 3 months crt.sh
*.cmrt.io
Amazon		 2019-10-11 -
2020-11-11		 a year crt.sh
links.lagendadesventesprivees.eu
Let's Encrypt Authority X3		 2020-07-05 -
2020-10-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://way.securewebgateway.com/e.php?56690376
Frame ID: 9489BE533CF165392E0BA4416ADED7EA
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

24
Requests

92 %
HTTPS

11 %
IPv6

6
Domains

12
Subdomains

8
IPs

5
Countries

173 kB
Transfer

169 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://kr.lagendadesventesprivees.eu/?h=856d52a1538d64f3dea9b6066d7bf85f HTTP 302
  • https://kr.lagendadesventesprivees.eu/images/css
Request Chain 19
  • https://crt.lagendadesventesprivees.eu/adtckrtg.php?ids=2443&s=3089&hash=dd3f88024c03acc95039b3acb16f2499&hash256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606 HTTP 301
  • https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3089&hash=dd3f88024c03acc95039b3acb16f2499&hash256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
Request Chain 20
  • https://squa.lagendadesventesprivees.eu/collect_v2.img.php?dmp=emdmpeasy&p=1881&s=1881&m=dd3f88024c03acc95039b3acb16f2499&email_sha256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606 HTTP 302
  • https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1881&s=1881&m=dd3f88024c03acc95039b3acb16f2499&email_sha256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
Request Chain 21
  • http://erm.lagendadesventesprivees.eu/r/dd3f88024c03acc95039b3acb16f2499/cfaae7d0-5c35-49a6-a80e-53e59d60395f HTTP 302
  • https://er.cloud-media.fr/c/dd3f88024c03acc95039b3acb16f2499/cfaae7d0-5c35-49a6-a80e-53e59d60395f

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request e.php
way.securewebgateway.com/ 		38 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Server
217.8.117.8 , Russian Federation, ASN47510 (CREXFEXPEX-RUSSIA, RU),
Reverse DNS
Software
nginx /
Resource Hash
936aaafa9a0b322138a7e04901c39a6f6e2cfa22415806cb59371618badd72b6

Request headers

Host
way.securewebgateway.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Date
Sat, 08 Aug 2020 23:52:50 GMT
Server
nginx
Transfer-Encoding
chunked
css
kr.lagendadesventesprivees.eu/images/
Redirect Chain
  • https://kr.lagendadesventesprivees.eu/?h=856d52a1538d64f3dea9b6066d7bf85f
  • https://kr.lagendadesventesprivees.eu/images/css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kr.lagendadesventesprivees.eu/images/css
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
/
Resource Hash

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

location
images/css
Date
Sat, 08 Aug 2020 23:52:36 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
XwtqwzakaRes.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/XwtqwzakaRes.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
518373b217011218cc1a4abd6b6439365e219c27189eacc30bedd4a064024d83

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:46 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1181
Content-Type
image/png
Ht6CSicf5vcT.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/Ht6CSicf5vcT.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
835a2ed2893621c232a4239317916515878fbe85e1ad41d3cc12376e4f423457

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
20890
Content-Type
image/png
5vwwauWIl3Xy.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/5vwwauWIl3Xy.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
1dafe3667df0a9cdc2c47c475c37281cb11968e4c85ca9fbcc8326390e846151

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:45 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
22917
Content-Type
image/png
GuK0U9E04GSp.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/GuK0U9E04GSp.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
cbe1b1eab1ea20159f5467842cf1c38e1da012949ee34889c902b165a8156164

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:48 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
26588
Content-Type
image/png
LQpZBhmNN0jo.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/LQpZBhmNN0jo.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
ac6f699dc322777bdf565667076b03c422c657a894d2c3e8be0528d1fcfa4025

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:49 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
28908
Content-Type
image/png
WUs7BbNRLSIW.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/WUs7BbNRLSIW.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
26aa52c7f3d7debac5abe5bbddbd19df2b87b55b32f83648f8e6b7821119eb15

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:47 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
26169
Content-Type
image/png
tv1zKSn9a3y8.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/tv1zKSn9a3y8.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
312c498c393aa96ebef607c1bf4857cf3aeeb5f6a6df9ec2b3c9f10943b4965f

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:45 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1602
Content-Type
image/png
crGZQ3e3M7b2.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/crGZQ3e3M7b2.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
27ccacdfe613a1b57de3b3db952400e7de2451f44450d578be820ef6f2ada4bf

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1658
Content-Type
image/png
QlJQF3qOKXqR.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		753 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/QlJQF3qOKXqR.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
f8526bb564dea5278082b275b3cf3d8b6600a2455b6901a02ed151c3cb1f1414

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:46 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
753
Content-Type
image/png
0yhGZeUPw5pk.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/0yhGZeUPw5pk.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
af42db5e5a9c2df2c35271f680f28019f77d9334eff1ce9b4030feb427a6a044

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:48 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
1598
Content-Type
image/png
U0pnHDZP8pxj.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		416 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/U0pnHDZP8pxj.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
827718f8a7e25bfa856834d12966a42586821f5191085e3cf7f359e522b781ed

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:43 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
416
Content-Type
image/png
zFE8fwhMjmMS.png
ima.lagendadesventesprivees.eu/24SPdpC2OOTA/ 		582 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ima.lagendadesventesprivees.eu/24SPdpC2OOTA/zFE8fwhMjmMS.png
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.153.244.152 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE),
Reverse DNS
ip-160-153-244-152.ip.secureserver.net
Software
Apache /
Resource Hash
86e0db3bbd545753a835bc7458e3a017864552ce845d85f17a064592f8e88296

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Last-Modified
Wed, 06 May 2020 13:26:44 GMT
Server
Apache
Connection
close
Accept-Ranges
bytes
Content-Length
582
Content-Type
image/png
709062.gif
ejp.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejp.rlcdn.com/709062.gif?m=dd3f88024c03acc95039b3acb16f2499&n=1
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
709062.gif
ejp.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejp.rlcdn.com/709062.gif?m=dd3f88024c03acc95039b3acb16f2499&n=2
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
709062.gif
ejp.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejp.rlcdn.com/709062.gif?m=dd3f88024c03acc95039b3acb16f2499&n=3
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
709062.gif
ejp.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejp.rlcdn.com/709062.gif?m=dd3f88024c03acc95039b3acb16f2499&n=4
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
709062.gif
ejp.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ejp.rlcdn.com/709062.gif?m=dd3f88024c03acc95039b3acb16f2499&n=5
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
pixel.php
flex.lagendadesventesprivees.eu/tags/ 		0
0
adtckrtg.php
notify.adleadevent.com/
Redirect Chain
  • https://crt.lagendadesventesprivees.eu/adtckrtg.php?ids=2443&s=3089&hash=dd3f88024c03acc95039b3acb16f2499&hash256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
  • https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3089&hash=dd3f88024c03acc95039b3acb16f2499&hash256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
43 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3089&hash=dd3f88024c03acc95039b3acb16f2499&hash256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.158.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-158-4.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 / Express
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Server
nginx/1.10.3
X-Powered-By
Express
ETag
W/"2b-2eaaa083"
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://notify.adleadevent.com/adtckrtg.php?ids=2443&s=3089&hash=dd3f88024c03acc95039b3acb16f2499&hash256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
Date
Sun, 09 Aug 2020 00:06:18 GMT
Server
nginx/1.4.6 (Ubuntu)
Connection
keep-alive
Content-Length
193
Content-Type
text/html
collect_v2.img.php
squa.squatiki.eu/
Redirect Chain
  • https://squa.lagendadesventesprivees.eu/collect_v2.img.php?dmp=emdmpeasy&p=1881&s=1881&m=dd3f88024c03acc95039b3acb16f2499&email_sha256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
  • https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1881&s=1881&m=dd3f88024c03acc95039b3acb16f2499&email_sha256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
43 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1881&s=1881&m=dd3f88024c03acc95039b3acb16f2499&email_sha256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Cache-Control
no-store, no-cache
Transfer-Encoding
chunked
Content-Type
image/gif
X-IPLB-Instance
24041
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"

Redirect headers

Location
https://squa.squatiki.eu/collect_v2.img.php?dmp=emdmpeasy&p=1881&s=1881&m=dd3f88024c03acc95039b3acb16f2499&email_sha256=514953847bac76cd508ee8fc0bbe8d627584927d262b76d09469a73097b53606
Date
Sat, 08 Aug 2020 23:52:36 GMT
Content-Type
text/html
Content-Length
142
Strict-Transport-Security
max-age=31536000
X-IPLB-Instance
25256
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
cfaae7d0-5c35-49a6-a80e-53e59d60395f
er.cloud-media.fr/c/dd3f88024c03acc95039b3acb16f2499/
Redirect Chain
  • http://erm.lagendadesventesprivees.eu/r/dd3f88024c03acc95039b3acb16f2499/cfaae7d0-5c35-49a6-a80e-53e59d60395f
  • https://er.cloud-media.fr/c/dd3f88024c03acc95039b3acb16f2499/cfaae7d0-5c35-49a6-a80e-53e59d60395f
35 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://er.cloud-media.fr/c/dd3f88024c03acc95039b3acb16f2499/cfaae7d0-5c35-49a6-a80e-53e59d60395f
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.143.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-143-59.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 08 Aug 2020 23:52:36 GMT
x-content-type-options
nosniff
server
awselb/2.0
content-length
35
content-type
image/gif

Redirect headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
X-Content-Type-Options
nosniff
Server
awselb/2.0
Content-Type
text/html;charset=utf-8
Location
https://er.cloud-media.fr/c/dd3f88024c03acc95039b3acb16f2499/cfaae7d0-5c35-49a6-a80e-53e59d60395f
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
7ee23cf3
links.lagendadesventesprivees.eu/o/2zj/cfyTbk_NIIP-Jh-evlXTYQ/g1vQ/F/ 		43 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.lagendadesventesprivees.eu/o/2zj/cfyTbk_NIIP-Jh-evlXTYQ/g1vQ/F/7ee23cf3
Requested by
Host: way.securewebgateway.com
URL: http://way.securewebgateway.com/e.php?56690376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
91.199.51.211 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
91-199-51-211.rev.iq.pl
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://way.securewebgateway.com/e.php?56690376
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 08 Aug 2020 23:52:36 GMT
Cache-Control
no-cache, max-age=0
Transfer-Encoding
chunked
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
flex.lagendadesventesprivees.eu
URL
http://flex.lagendadesventesprivees.eu/tags/pixel.php?h=dd3f88024c03acc95039b3acb16f2499&source=601

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crt.lagendadesventesprivees.eu
ejp.rlcdn.com
er.cloud-media.fr
erm.lagendadesventesprivees.eu
flex.lagendadesventesprivees.eu
ima.lagendadesventesprivees.eu
kr.lagendadesventesprivees.eu
links.lagendadesventesprivees.eu
notify.adleadevent.com
squa.lagendadesventesprivees.eu
squa.squatiki.eu
way.securewebgateway.com
flex.lagendadesventesprivees.eu
145.239.193.53
160.153.244.152
2001:41d0:301:100:145:239:193:53
217.8.117.8
35.244.174.68
52.19.158.4
54.194.46.76
63.32.143.59
91.199.51.211
1dafe3667df0a9cdc2c47c475c37281cb11968e4c85ca9fbcc8326390e846151
26aa52c7f3d7debac5abe5bbddbd19df2b87b55b32f83648f8e6b7821119eb15
27ccacdfe613a1b57de3b3db952400e7de2451f44450d578be820ef6f2ada4bf
312c498c393aa96ebef607c1bf4857cf3aeeb5f6a6df9ec2b3c9f10943b4965f
518373b217011218cc1a4abd6b6439365e219c27189eacc30bedd4a064024d83
827718f8a7e25bfa856834d12966a42586821f5191085e3cf7f359e522b781ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835a2ed2893621c232a4239317916515878fbe85e1ad41d3cc12376e4f423457
86e0db3bbd545753a835bc7458e3a017864552ce845d85f17a064592f8e88296
936aaafa9a0b322138a7e04901c39a6f6e2cfa22415806cb59371618badd72b6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac6f699dc322777bdf565667076b03c422c657a894d2c3e8be0528d1fcfa4025
af42db5e5a9c2df2c35271f680f28019f77d9334eff1ce9b4030feb427a6a044
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cbe1b1eab1ea20159f5467842cf1c38e1da012949ee34889c902b165a8156164
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8526bb564dea5278082b275b3cf3d8b6600a2455b6901a02ed151c3cb1f1414