cur.lv Open in urlscan Pro
94.23.50.33 Public Scan

URL:
http://cur.lv/15hiug
Submission: On May 10 via manual (May 10th 2017, 1:14:46 pm UTC) from NO

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 94.23.50.33, located in France and belongs to OVH, FR. The main domain is cur.lv.

This is the only time cur.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	94.23.50.33 94.23.50.33	16276 (OVH) (OVH)
2	176.9.124.239 176.9.124.239	24940 (HETZNER-AS) (HETZNER-AS)
6	2607:f8b0:400... 2607:f8b0:4004:802::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2607:f8b0:400... 2607:f8b0:4004:804::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2607:f8b0:400... 2607:f8b0:4004:802::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
21	6

9 94.23.50.33 (France)

ASN16276 (OVH, FR)
PTR: ns301358.ip-94-23-50.eu

cur.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
coinurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.124.239 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.239.124.9.176.clients.your-server.de

schetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:802::200a (United States)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:804::200a (United States)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:802::2003 (United States)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
5	cur.lv cur.lv	8 KB
4	coinurl.com coinurl.com	39 KB
2	schetu.net schetu.net	195 B
1	gstatic.com fonts.gstatic.com	39 KB
0	paidonlinesites.com Failed paidonlinesites.com Failed
21	6

	Domain	Requested by
6	fonts.googleapis.com	cur.lv
5	cur.lv	cur.lv
4	coinurl.com	cur.lv
2	ajax.googleapis.com	cur.lv
2	schetu.net	cur.lv
1	fonts.gstatic.com	ajax.googleapis.com
0	paidonlinesites.com Failed	cur.lv
21	7

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 4 frames:

Primary Page: http://cur.lv/15hiug
Frame ID: 3009.1
Requests: 2 HTTP requests in this frame

Frame: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Frame ID: 3009.2
Requests: 8 HTTP requests in this frame

Frame: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Frame ID: 3009.3
Requests: 10 HTTP requests in this frame

Frame: http://paidonlinesites.com/?utm_reqid=uk4quPI48TX1O1in
Frame ID: 3009.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

21
Requests

0 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

120 kB
Transfer

684 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 9

http://www.paidonlinesites.com/?utm_reqid=uk4quPI48TX1O1in
http://paidonlinesites.com/?utm_reqid=uk4quPI48TX1O1in

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 15hiug Show response
cur.lv/ 1 KB
662 B 27ms
13ms Document
text/html 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cur.lv/15hiug
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 91fd4cad099c1df9dc189793ab0cac010d7b01dfc91dd795902b0d61bac25dd7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: ?
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:09 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Apr 2015 12:55:15 GMT
Server: nginx/1.6.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK Cookie set h Show response
schetu.net/ 96 B
96 B 4ms
3ms Script
application/x-javascript 176.9.124.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://schetu.net/h?cid=coinurl&a=t&r=
Requested by: Host: cur.lv
URL: http://cur.lv/15hiug
Protocol: HTTP/1.1
Server: 176.9.124.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.124.9.176.clients.your-server.de
Software: nginx/1.8.0 /
Resource Hash: 9863aaf626b9aa4849cf45df52c06571b97b3a297e101d9250e8313ce251c821

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: schetu.net
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://cur.lv/15hiug
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/15hiug
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Connection: keep-alive
Server: nginx/1.8.0
Set-Cookie: UID=1x25F30C35C95469BB65B1E0EEE0CF335D3D90606A4E2B83700BE462F325863C1638353732333231; expires=Thu, 10-May-2018 13:14:05 GMT; domain=.schetu.net ft=1;
Content-Type: application/x-javascript;
Content-Length: 96
P3P: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK redirect_curlv.php Show response
cur.lv/ Frame 3009 3 KB
1 KB 52ms
52ms Document
text/html 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Requested by: Host: cur.lv
URL: http://cur.lv/15hiug
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 / PHP/5.5.9-1ubuntu4.7
Resource Hash: 3d196c94ee54d22a2690a985792028bdf2443188097241f4d913cb85674d5ddf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: ?
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://cur.lv/15hiug
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://cur.lv/15hiug
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:09 GMT
Content-Encoding: gzip
Server: nginx/1.6.2
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.7
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK coinurl-head.min.css
coinurl.com/bootstrap/css/ Frame 3009 165 KB
28 KB 28ms
13ms Stylesheet
text/css 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/css/coinurl-head.min.css
Requested by: Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 362bb022c18c611a523b2d76f6fe1d37930fbd57128c77edf0d6cc1719fce521

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2015 13:28:45 GMT
Server: nginx/1.6.2
ETag: "56166f8d-71f7"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 29175
Expires: Wed, 17 May 2017 13:14:09 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 3009 195 B
176 B 194ms
102ms Stylesheet
text/css 2607:f8b0:4004:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

a9a10bdbc6bc1bb55361c3b2bdb1292806eb22de594db96f347fa28b84f9a362

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Wed, 10 May 2017 13:14:06 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 3009 249 B
208 B 195ms
103ms Stylesheet
text/css 2607:f8b0:4004:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Boogaloo

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

f6b399bc5a6dd2ab6c03988682070beef06dbb4964b046c6adc9f12016668fad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Wed, 10 May 2017 13:14:06 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 3009 514 B
296 B 196ms
103ms Stylesheet
text/css 2607:f8b0:4004:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Economica:700,400italic

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

244312205561d598134b057ef317410863859a465485483ec3f0a4990835368e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Wed, 10 May 2017 13:14:06 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 3009 91 KB
33 KB 185ms
92ms Script
text/javascript 2607:f8b0:4004:804::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=

Protocol

HTTP/1.1

Server

2607:f8b0:4004:804::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ajax.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Tue, 09 May 2017 20:47:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 59168
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33621
X-XSS-Protection: 1; mode=block
Expires: Wed, 09 May 2018 20:47:58 GMT

GET
H/1.1 200
OK coinurl-head.min.js Show response
coinurl.com/bootstrap/js/ Frame 3009 40 KB
10 KB 28ms
14ms Script
application/javascript 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/js/coinurl-head.min.js
Requested by: Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: acdaf355b3c36c342e100366b5c79f13a64af94ef1172742b7de2a674a80969e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2013 05:45:44 GMT
Server: nginx/1.6.2
ETag: "5268b408-2988"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 10632
Expires: Wed, 17 May 2017 13:14:09 GMT

GET
H/1.1 200
OK ntop.php Show response
cur.lv/ Frame 3009 13 KB
4 KB 17ms
17ms Document
text/html 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Requested by: Host: cur.lv
URL: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 / PHP/5.5.9-1ubuntu4.7
Resource Hash: 594032c91629fdc1342152bf5f6ffbeee316ef3cb76f526ae4e6d88db77d4fd0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: ?
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:10 GMT
Content-Encoding: gzip
Server: nginx/1.6.2
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.7
Transfer-Encoding: chunked
Content-Type: text/html

GET

/
paidonlinesites.com/ Frame 3009
Redirect Chain

http://www.paidonlinesites.com/?utm_reqid=uk4quPI48TX1O1in
http://paidonlinesites.com/?utm_reqid=uk4quPI48TX1O1in

0
0

GET
H/1.1 200
OK 2Q-AW1e_taO6pHwMXcXW5w.ttf
fonts.gstatic.com/s/ubuntu/v9/ Frame 3009 71 KB
39 KB 184ms
92ms Font
font/ttf 2607:f8b0:4004:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ubuntu/v9/2Q-AW1e_taO6pHwMXcXW5w.ttf

Requested by

Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::2003 , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

018048f68908674312b64a80e111fa2612234a80062db41540ca9e4385a4c0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: http://cur.lv
Accept-Encoding: gzip, deflate, sdch
Host: fonts.gstatic.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://fonts.googleapis.com/css?family=Ubuntu
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Ꙭ
Referer: http://fonts.googleapis.com/css?family=Ubuntu
Origin: http://cur.lv

Response headers

Date: Fri, 24 Mar 2017 10:45:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Feb 2016 02:45:49 GMT
Server: sffe
Age: 4069746
Vary: Accept-Encoding
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 39954
X-XSS-Protection: 1; mode=block
Expires: Sat, 24 Mar 2018 10:45:00 GMT

GET
H/1.1 200
OK coinurl-head.min.css
coinurl.com/bootstrap/css/ Frame 3009 165 KB
0 28ms
13ms Stylesheet
text/css 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/css/coinurl-head.min.css
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 362bb022c18c611a523b2d76f6fe1d37930fbd57128c77edf0d6cc1719fce521

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Wed, 10 May 2017 13:14:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Oct 2015 13:28:45 GMT
Server: nginx/1.6.2
ETag: "56166f8d-71f7"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 29175
Expires: Wed, 17 May 2017 13:14:09 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 3009 195 B
0 194ms
102ms Stylesheet
text/css 2607:f8b0:4004:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

a9a10bdbc6bc1bb55361c3b2bdb1292806eb22de594db96f347fa28b84f9a362

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Wed, 10 May 2017 13:14:06 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 3009 249 B
0 195ms
103ms Stylesheet
text/css 2607:f8b0:4004:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Boogaloo

Requested by

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

f6b399bc5a6dd2ab6c03988682070beef06dbb4964b046c6adc9f12016668fad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Wed, 10 May 2017 13:14:06 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ Frame 3009 514 B
0 196ms
103ms Stylesheet
text/css 2607:f8b0:4004:802::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Economica:700,400italic

Requested by

Protocol

HTTP/1.1

Server

2607:f8b0:4004:802::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

244312205561d598134b057ef317410863859a465485483ec3f0a4990835368e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: fonts.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: text/css,*/*;q=0.1
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Content-Encoding: gzip
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Wed, 10 May 2017 13:14:06 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame 3009 91 KB
0 185ms
92ms Script
text/javascript 2607:f8b0:4004:804::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Protocol

HTTP/1.1

Server

2607:f8b0:4004:804::200a , United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ajax.googleapis.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Tue, 09 May 2017 20:47:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 59168
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 33621
X-XSS-Protection: 1; mode=block
Expires: Wed, 09 May 2018 20:47:58 GMT

GET
H/1.1 200
OK coinurl-head.min.js Show response
coinurl.com/bootstrap/js/ Frame 3009 40 KB
0 28ms
14ms Script
application/javascript 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://coinurl.com/bootstrap/js/coinurl-head.min.js
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: acdaf355b3c36c342e100366b5c79f13a64af94ef1172742b7de2a674a80969e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: coinurl.com
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://cur.lv/redirect_curlv.php?code=15hiug&ticket=Tx4CB7CE4222F08387639B79AAA34A877EDCDFEBE36BC53585A90484F2FACDD07D30323039343539&r=
Connection: keep-alive
Cache-Control: no-cache

Response headers

Date: Wed, 10 May 2017 13:14:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2013 05:45:44 GMT
Server: nginx/1.6.2
ETag: "5268b408-2988"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 10632
Expires: Wed, 17 May 2017 13:14:09 GMT

GET
H/1.1 200
OK coinurl_32.png
cur.lv/images/ Frame 3009 2 KB
2 KB 13ms
13ms Image
image/png 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cur.lv/images/coinurl_32.png
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 /
Resource Hash: 22002e685c661ee9c503e5c4dce1bdef1780797d95dbf5166ff34adb316e733f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:10 GMT
Last-Modified: Wed, 20 Mar 2013 07:14:16 GMT
Server: nginx/1.6.2
ETag: "514961c8-706"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1798

GET
H/1.1 200
OK Cookie set h Show response
schetu.net/ Frame 3009 99 B
99 B 3ms
2ms Script
application/x-javascript 176.9.124.239
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://schetu.net/h?s=curlv_top_cb&cid=coinurl&a=t
Requested by: Host: cur.lv
URL: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Protocol: HTTP/1.1
Server: 176.9.124.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.239.124.9.176.clients.your-server.de
Software: nginx/1.8.0 /
Resource Hash: 15275686f38f11b42658a2f309d007a177d0d8d58dade8f43b3f46c4c04f4e15

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: schetu.net
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: */*
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Cookie: UID=1x25F30C35C95469BB65B1E0EEE0CF335D3D90606A4E2B83700BE462F325863C1638353732333231; ft=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:06 GMT
Connection: keep-alive
Server: nginx/1.8.0
Set-Cookie: ft=;
Content-Length: 99
Content-Type: application/x-javascript;

GET
H/1.1 200
OK ev
cur.lv/ Frame 3009 43 B
54 B 15ms
14ms Image
image/gif 94.23.50.33
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cur.lv/ev?t=Tx98DED2484C68E6F48B6DF7AC793BF1CADCDFEBE36BC5358568B53D4289F28B3D32353433343931&reqid=uk4quPI48TX1O1in&answ=133
Requested by: Host: cur.lv
URL: http://cur.lv/15hiug
Protocol: HTTP/1.1
Server: 94.23.50.33 , France, ASN16276 (OVH, FR),
Reverse DNS: ns301358.ip-94-23-50.eu
Software: nginx/1.6.2 / PHP/5.5.9-1ubuntu4.7
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cur.lv
Accept-Language: en-US,en;q=0.8
User-Agent: ?
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://cur.lv/ntop.php?s=35CU2AMUfxBjrER8M2Wx1U6vZpEmXSOOfG3DT6CDl4koW%2FviylO5We5ECDwgOGhvjG4mwWst74W8TO2nTv0tbQ7mmp5aUFjmvZ5MpA%2FC1ZZIaLSW9pF2wojarFSc8kfrX3x4gJP4ZdTQWi0d46JiujQQDkpY84ukx2GcKR4e9cGlwkIXv8SdJ7CYl9bgzSh1vRq%2BPWwisdjZPUcSxty%2B7lVy80hwL%2FTMRALBX4ku0ehNSsdhRImGFZLchtmoAVtv%2B4HOGTiIb00Wn9jj3xCH1MHh%2B6tYm3Y%2BEyEkOiDI%2FXhGxwZmym8HXH7KcNt%2FwfQXiF7X%2B5DjN9kToS7xzGld8cQtuvyIh7Mqfr2Nwk%2Bp8VE2FOOQ1l1S0rve4pMa6Kmz%2BedZUo4sTj4Os1dBGhVps89Vy3sTVQuitAvPwQ9r%2FlUHs5kAK6RDwEQtCfm5XveC6ygsaXt4bXsLvKdW%2F7Qeuw%3D%3D
User-Agent: Ꙭ

Response headers

Date: Wed, 10 May 2017 13:14:10 GMT
Server: nginx/1.6.2
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.7
Transfer-Encoding: chunked
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paidonlinesites.com
URL: http://paidonlinesites.com/?utm_reqid=uk4quPI48TX1O1in

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
coinurl.com
cur.lv
fonts.googleapis.com
fonts.gstatic.com
paidonlinesites.com
schetu.net
paidonlinesites.com
176.9.124.239
2607:f8b0:4004:802::2003
2607:f8b0:4004:802::200a
2607:f8b0:4004:804::200a
94.23.50.33
018048f68908674312b64a80e111fa2612234a80062db41540ca9e4385a4c0eb
15275686f38f11b42658a2f309d007a177d0d8d58dade8f43b3f46c4c04f4e15
22002e685c661ee9c503e5c4dce1bdef1780797d95dbf5166ff34adb316e733f
244312205561d598134b057ef317410863859a465485483ec3f0a4990835368e
362bb022c18c611a523b2d76f6fe1d37930fbd57128c77edf0d6cc1719fce521
3d196c94ee54d22a2690a985792028bdf2443188097241f4d913cb85674d5ddf
594032c91629fdc1342152bf5f6ffbeee316ef3cb76f526ae4e6d88db77d4fd0
91fd4cad099c1df9dc189793ab0cac010d7b01dfc91dd795902b0d61bac25dd7
9863aaf626b9aa4849cf45df52c06571b97b3a297e101d9250e8313ce251c821
a9a10bdbc6bc1bb55361c3b2bdb1292806eb22de594db96f347fa28b84f9a362
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acdaf355b3c36c342e100366b5c79f13a64af94ef1172742b7de2a674a80969e
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f6b399bc5a6dd2ab6c03988682070beef06dbb4964b046c6adc9f12016668fad

cur.lv Open in urlscan Pro 94.23.50.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

21 Requests

0 %HTTPS

60 %IPv6

6 Domains

7 Subdomains

6 IPs

3 Countries

120 kBTransfer

684 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

cur.lv Open in urlscan Pro
94.23.50.33 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

0 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

120 kB
Transfer

684 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions