cur.lv Open in urlscan Pro
94.23.50.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cur.lv/liaxj
Submission: On April 11 via automatic, source phishtank (April 11th 2017, 12:32:53 am UTC)

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 94.23.50.33, located in France and belongs to OVH, FR. The main domain is cur.lv.

This is the only time cur.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	94.23.50.33 94.23.50.33	16276 (OVH) (OVH)
2	176.9.124.239 176.9.124.239	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a00:1450:400... 2a00:1450:400e:803::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a00:1450:400... 2a00:1450:400e:802::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
22	6

9 94.23.50.33 (France)

ASN16276 (OVH, FR)
PTR: ns301358.ip-94-23-50.eu

cur.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
coinurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.124.239 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.124.9.176.clients.your-server.de

schetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:802::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googleapis.com fonts.googleapis.com ajax.googleapis.com	67 KB
5	cur.lv cur.lv	8 KB
4	coinurl.com coinurl.com	39 KB
2	gstatic.com fonts.gstatic.com	33 KB
2	schetu.net schetu.net	199 B
0	paidonlinesites.com Failed paidonlinesites.com Failed
22	6

	Domain	Requested by
6	fonts.googleapis.com	cur.lv
5	cur.lv	cur.lv
4	coinurl.com	cur.lv
2	fonts.gstatic.com	ajax.googleapis.com
2	ajax.googleapis.com	cur.lv
2	schetu.net	cur.lv
0	paidonlinesites.com Failed	cur.lv
22	7

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 4 frames:

Primary Page: http://cur.lv/liaxj
Frame ID: 15428.1
Requests: 2 HTTP requests in this frame

Frame: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Frame ID: 15428.2
Requests: 8 HTTP requests in this frame

Frame: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Frame ID: 15428.3
Requests: 11 HTTP requests in this frame

Frame: http://paidonlinesites.com/?utm_reqid=uMm3F5afSllR96zp
Frame ID: 15428.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

22
Requests

0 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

147 kB
Transfer

685 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 9

http://www.paidonlinesites.com/?utm_reqid=uMm3F5afSllR96zp
http://paidonlinesites.com/?utm_reqid=uMm3F5afSllR96zp

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request liaxj Show response
cur.lv/ 1 KB
662 B 103ms
13ms Document
text/html 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cur.lv/liaxj
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 91fd4cad099c1df9dc189793ab0cac010d7b01dfc91dd795902b0d61bac25dd7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Apr 2015 12:55:15 GMT
Server: nginx/1.6.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK Cookie set h Show response
schetu.net/ 96 B
96 B 4ms
3ms Script
application/x-javascript 176.9.124.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://schetu.net/h?cid=coinurl&a=t&r=
Requested by: Host: cur.lv
URL: http://cur.lv/liaxj
Protocol: HTTP/1.1
Server: 176.9.124.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.124.9.176.clients.your-server.de
Software: nginx/1.8.0 /
Resource Hash: abab7e6434c7b98f138e2adadca5917c3a32849e82bc206d2baf15125b240c40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: schetu.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://cur.lv/liaxj
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/liaxj
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Connection: keep-alive
Server: nginx/1.8.0
Set-Cookie: UID=1x3F1F4AF92D7D33E6A41C5BE77DFA978CA6F1A8C376CFA05A212C5EA6C156FD1737393236333431; expires=Wed, 11-Apr-2018 00:32:13 GMT; domain=.schetu.net ft=1;
Content-Type: application/x-javascript;
Content-Length: 96
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK redirect_curlv.php Show response
cur.lv/ Frame 1542 3 KB
1 KB 61ms
60ms Document
text/html 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Requested by: Host: cur.lv
URL: http://cur.lv/liaxj
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 / PHP/5.5.9-1ubuntu4.7
Resource Hash: 78d5b7394f7a1c71e43c39a34aece05f5ab6f61f106eafaa34f4ca17006bc40b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://cur.lv/liaxj
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://cur.lv/liaxj
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Server: nginx/1.6.2
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.7
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK coinurl-head.min.css
coinurl.com/bootstrap/css/ Frame 1542 165 KB
28 KB 28ms
14ms Stylesheet
text/css 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/css/coinurl-head.min.css
Requested by: Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 362bb022c18c611a523b2d76f6fe1d37930fbd57128c77edf0d6cc1719fce521

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2015 13:28:45 GMT
Server: nginx/1.6.2
ETag: "56166f8d-71f7"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 29175
Expires: Tue, 18 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 1542 2 KB
538 B 31ms
18ms Stylesheet
text/css 2a00:1450:400e:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

7a75cbbf3492f08b51f8c2368710ecc8d2d17785ffef8bea18cbaa5585c6b7f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 00:32:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 1542 380 B
299 B 32ms
20ms Stylesheet
text/css 2a00:1450:400e:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Boogaloo

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

a10e309491a990e0cf7f3169ed1a904ee79e4ce73efd5ab5f883fa84590b88ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 00:32:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 1542 1 KB
453 B 32ms
19ms Stylesheet
text/css 2a00:1450:400e:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Economica:700,400italic

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

65400d0c6873b50d5c1915aa4347c795dab5892399f37801a7f97b70424c2ca9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 00:32:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 1542 91 KB
33 KB 25ms
12ms Script
text/javascript 2a00:1450:400e:803::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=

Protocol

HTTP/1.1

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ajax.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Mon, 03 Apr 2017 15:08:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 638646
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33621
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Apr 2018 15:08:07 GMT

GET
H/1.1 200
OK coinurl-head.min.js Show response
coinurl.com/bootstrap/js/ Frame 1542 40 KB
10 KB 27ms
13ms Script
application/javascript 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/js/coinurl-head.min.js
Requested by: Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: acdaf355b3c36c342e100366b5c79f13a64af94ef1172742b7de2a674a80969e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2013 05:45:44 GMT
Server: nginx/1.6.2
ETag: "5268b408-2988"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 10632
Expires: Tue, 18 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK ntop.php Show response
cur.lv/ Frame 1542 13 KB
4 KB 19ms
18ms Document
text/html 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Requested by: Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 / PHP/5.5.9-1ubuntu4.7
Resource Hash: a90f7bcb3312a6fdd81a9e6a12b0d37069eaf58df24c1d984d16c9c6cd74cd72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:14 GMT
Content-Encoding: gzip
Server: nginx/1.6.2
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.7
Transfer-Encoding: chunked
Content-Type: text/html

GET

/
paidonlinesites.com/ Frame 1542
Redirect Chain

http://www.paidonlinesites.com/?utm_reqid=uMm3F5afSllR96zp
http://paidonlinesites.com/?utm_reqid=uMm3F5afSllR96zp

0
0

GET
H/1.1 200
OK sDGTilo5QRsfWu6Yc11AXg.woff2
fonts.gstatic.com/s/ubuntu/v9/ Frame 1542 33 KB
33 KB 12ms
12ms Font
font/woff2 2a00:1450:400e:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v9/sDGTilo5QRsfWu6Yc11AXg.woff2

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f45623eb171e70f29951c2e7cda720214d4ff0f12444610e83149ad74448be3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://cur.lv
Accept-Encoding: gzip, deflate, sdch
Host: fonts.gstatic.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Ubuntu
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Ubuntu
Origin: http://cur.lv

Response headers

Date: Fri, 10 Mar 2017 20:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Feb 2016 02:45:50 GMT
Server: sffe
Age: 2692326
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Timing-Allow-Origin: *
Content-Length: 33756
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Mar 2018 20:40:07 GMT

GET
H/1.1 200
OK coinurl-head.min.css
coinurl.com/bootstrap/css/ Frame 1542 165 KB
0 28ms
14ms Stylesheet
text/css 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/css/coinurl-head.min.css
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 362bb022c18c611a523b2d76f6fe1d37930fbd57128c77edf0d6cc1719fce521

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2015 13:28:45 GMT
Server: nginx/1.6.2
ETag: "56166f8d-71f7"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 29175
Expires: Tue, 18 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 1542 2 KB
0 31ms
18ms Stylesheet
text/css 2a00:1450:400e:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

7a75cbbf3492f08b51f8c2368710ecc8d2d17785ffef8bea18cbaa5585c6b7f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 00:32:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 1542 380 B
0 32ms
20ms Stylesheet
text/css 2a00:1450:400e:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Boogaloo

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

a10e309491a990e0cf7f3169ed1a904ee79e4ce73efd5ab5f883fa84590b88ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 00:32:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 1542 1 KB
0 32ms
19ms Stylesheet
text/css 2a00:1450:400e:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Economica:700,400italic

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

65400d0c6873b50d5c1915aa4347c795dab5892399f37801a7f97b70424c2ca9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 00:32:13 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 1542 91 KB
33 KB 12ms
12ms Script
text/javascript 2a00:1450:400e:803::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ajax.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Mon, 03 Apr 2017 15:08:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 638646
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33621
X-XSS-Protection: 1; mode=block
Expires: Tue, 03 Apr 2018 15:08:07 GMT

GET
H/1.1 200
OK coinurl-head.min.js Show response
coinurl.com/bootstrap/js/ Frame 1542 40 KB
0 27ms
13ms Script
application/javascript 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/js/coinurl-head.min.js
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: acdaf355b3c36c342e100366b5c79f13a64af94ef1172742b7de2a674a80969e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=liaxj&ticket=Tx9E776048B11E43D7BB3229D7B8842AAEB273C14127B472A77A6F297287F1AE0F34383434343432&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2013 05:45:44 GMT
Server: nginx/1.6.2
ETag: "5268b408-2988"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 10632
Expires: Tue, 18 Apr 2017 00:32:13 GMT

GET
H/1.1 200
OK coinurl_32.png
cur.lv/images/ Frame 1542 2 KB
2 KB 18ms
17ms Image
image/png 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cur.lv/images/coinurl_32.png
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 22002e685c661ee9c503e5c4dce1bdef1780797d95dbf5166ff34adb316e733f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:14 GMT
Last-Modified: Wed, 20 Mar 2013 07:14:16 GMT
Server: nginx/1.6.2
ETag: "514961c8-706"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1798

GET
H/1.1 200
OK sDGTilo5QRsfWu6Yc11AXg.woff2
fonts.gstatic.com/s/ubuntu/v9/ Frame 1542 33 KB
0 12ms
12ms Font
font/woff2 2a00:1450:400e:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v9/sDGTilo5QRsfWu6Yc11AXg.woff2

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

HTTP/1.1

Server

2a00:1450:400e:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f45623eb171e70f29951c2e7cda720214d4ff0f12444610e83149ad74448be3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://cur.lv
Accept-Encoding: gzip, deflate, sdch
Host: fonts.gstatic.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Ubuntu
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Fri, 10 Mar 2017 20:40:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Feb 2016 02:45:50 GMT
Server: sffe
Age: 2692326
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Timing-Allow-Origin: *
Content-Length: 33756
X-XSS-Protection: 1; mode=block
Expires: Sat, 10 Mar 2018 20:40:07 GMT

GET
H/1.1 200
OK Cookie set h Show response
schetu.net/ Frame 1542 103 B
103 B 2ms
2ms Script
application/x-javascript 176.9.124.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://schetu.net/h?s=curlv_top_cb&cid=coinurl&a=t
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Protocol: HTTP/1.1
Server: 176.9.124.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.124.9.176.clients.your-server.de
Software: nginx/1.8.0 /
Resource Hash: d2ba7a524e0fade3ccc7222176da4556c2e384f6b0465869de02b6d24e2589b9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: schetu.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Cookie: UID=1x3F1F4AF92D7D33E6A41C5BE77DFA978CA6F1A8C376CFA05A212C5EA6C156FD1737393236333431; ft=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:13 GMT
Connection: keep-alive
Server: nginx/1.8.0
Set-Cookie: ft=;
Content-Length: 103
Content-Type: application/x-javascript;

GET
H/1.1 200
OK ev
cur.lv/ Frame 1542 43 B
54 B 15ms
15ms Image
image/gif 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cur.lv/ev?t=TxED49AE2E7369B2C3420D3AE9F641EB63470D987B463427382C71000314182FFE13AE05F6647BC61F34&reqid=uMm3F5afSllR96zp&answ=91
Requested by: Host: cur.lv
URL: http://cur.lv/liaxj
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 / PHP/5.5.9-1ubuntu4.7
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1VsXEjLhtuXxeVZq7Mvjog2RgRo587nDMeI4h%2FtV0GnglgkEwFv9aNsoKhA2H1nPvCzFUQ5Qot%2FJdccE20lbUcPCMrXmCYKGd9DMcuYcX4JcPEd5%2BDDQ8ZN19Yqa1YPbMMdrP%2FvfrCkF%2B65mXZu4CQngcrtpv%2BYHBPcMA7oHheMBp2QMPZK4AlCDfhXNoXAfgLYQ9gZEekzI2LZhIl6WIrFitZvvAIwwKpS9jPJyIHKSpozGzVvcBZxv7Kw5eMS3LWOwgxBlk96vpBJztBrdWwnRuU52FHLV4NiTgEI18f6qtAvPwQ9r%2FlV8ysyWXzdbzb0avj1sIrHYz1OmxTosHz9OsvKxegjmfc9385LMP3IKfEZZbDidLsC%2BDhR6TrFlulWF9vhjpDmTzMsL%2BlQYdaIHm2kxA92I%2B1AOqsxxkcWn8mPzf0DktNUgUHG0nWrKxkYPT3bgX9CzQESyJgBgFHPaZ6pZA2bdQO70dw%2BDxi1T
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36

Response headers

Date: Tue, 11 Apr 2017 00:32:14 GMT
Server: nginx/1.6.2
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.7
Transfer-Encoding: chunked
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paidonlinesites.com
URL: http://paidonlinesites.com/?utm_reqid=uMm3F5afSllR96zp

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
coinurl.com
cur.lv
fonts.googleapis.com
fonts.gstatic.com
paidonlinesites.com
schetu.net
paidonlinesites.com
176.9.124.239
2a00:1450:400e:802::2003
2a00:1450:400e:802::200a
2a00:1450:400e:803::200a
94.23.50.33
22002e685c661ee9c503e5c4dce1bdef1780797d95dbf5166ff34adb316e733f
362bb022c18c611a523b2d76f6fe1d37930fbd57128c77edf0d6cc1719fce521
65400d0c6873b50d5c1915aa4347c795dab5892399f37801a7f97b70424c2ca9
78d5b7394f7a1c71e43c39a34aece05f5ab6f61f106eafaa34f4ca17006bc40b
7a75cbbf3492f08b51f8c2368710ecc8d2d17785ffef8bea18cbaa5585c6b7f6
91fd4cad099c1df9dc189793ab0cac010d7b01dfc91dd795902b0d61bac25dd7
a10e309491a990e0cf7f3169ed1a904ee79e4ce73efd5ab5f883fa84590b88ac
a90f7bcb3312a6fdd81a9e6a12b0d37069eaf58df24c1d984d16c9c6cd74cd72
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abab7e6434c7b98f138e2adadca5917c3a32849e82bc206d2baf15125b240c40
acdaf355b3c36c342e100366b5c79f13a64af94ef1172742b7de2a674a80969e
d2ba7a524e0fade3ccc7222176da4556c2e384f6b0465869de02b6d24e2589b9
f45623eb171e70f29951c2e7cda720214d4ff0f12444610e83149ad74448be3e
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

cur.lv Open in urlscan Pro 94.23.50.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

22 Requests

0 %HTTPS

60 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

147 kBTransfer

685 kBSize

0 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

cur.lv Open in urlscan Pro
94.23.50.33 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

0 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

147 kB
Transfer

685 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions