Submitted URL: https://facture.azurewebsites.net/
Effective URL: https://webshanksus.lat/
Submission: On December 17 via manual from ES — Scanned from CA

Summary

This website contacted 23 IPs in 4 countries across 23 domains to perform 34 HTTP transactions. The main IP is 45.138.16.245, located in Warsaw, Poland and belongs to services-1337-gmbh 1337 Services GmbH, DE. The main domain is webshanksus.lat.
TLS certificate: Issued by E5 on December 15th 2024. Valid for: 3 months.
This is the only time webshanksus.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.228.84.37 8075 (MICROSOFT...)
2 172.67.8.141 13335 (CLOUDFLAR...)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
1 2606:4700:21:... 13335 (CLOUDFLAR...)
1 23.212.251.26 20940 (AKAMAI-AS...)
2 18.116.191.133 16509 (AMAZON-02)
1 172.67.167.79 13335 (CLOUDFLAR...)
1 104.18.12.146 13335 (CLOUDFLAR...)
2 3.167.69.97 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 148.113.153.93 16276 (OVH OVH SAS)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 2 2001:4998:60:... 14196 (YAHOO-CHA)
1 23.212.251.25 20940 (AKAMAI-AS...)
2 67.202.105.33 32748 (STEADFAST)
2 23.212.251.8 20940 (AKAMAI-AS...)
2 3 18.214.43.89 14618 (AMAZON-AES)
3 4 68.67.179.153 29990 (ASN-APPNEX)
2 2 52.223.40.198 16509 (AMAZON-02)
1 1 67.202.105.23 32748 (STEADFAST)
1 35.244.154.8 396982 (GOOGLE-CL...)
4 6 52.54.69.117 14618 (AMAZON-AES)
4 4 64.233.180.155 15169 (GOOGLE)
1 1 67.202.105.22 32748 (STEADFAST)
2 45.138.16.245 210558 (services-...)
1 52.45.239.128 14618 (AMAZON-AES)
1 172.67.163.146 13335 (CLOUDFLAR...)
1 3.167.69.51 16509 (AMAZON-02)
34 23
Apex Domain
Subdomains
Transfer
6 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1141
3 KB
4 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
3 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
4 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
22 KB
4 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 30951
t.sharethis.com — Cisco Umbrella Rank: 7050
5 KB
4 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 12485
5 KB
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 7841
2 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 19954
ic.tynt.com — Cisco Umbrella Rank: 16377
de.tynt.com — Cisco Umbrella Rank: 1582
12 KB
2 webshanksus.lat
webshanksus.lat
31 KB
2 33across.com
dp2.33across.com — Cisco Umbrella Rank: 15644
dp1.33across.com — Cisco Umbrella Rank: 5746
1019 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
1 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194
ups.analytics.yahoo.com — Cisco Umbrella Rank: 548
535 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 40516
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2657
908 B
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 4260
2 KB
2 amung.us
widgets.amung.us — Cisco Umbrella Rank: 31231
whos.amung.us — Cisco Umbrella Rank: 22332
4 KB
2 azurewebsites.net
facture.azurewebsites.net
932 B
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 20623
670 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 476
440 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 13358
760 B
1 dtsan.net
p.dtsan.net — Cisco Umbrella Rank: 35838
4 KB
0 krxd.net Failed
usermatch.krxd.net Failed
0 bluekai.com Failed
tags.bluekai.com Failed
34 23
Domain Requested by
6 ps.eyeota.net 4 redirects facture.azurewebsites.net
4 cm.g.doubleclick.net 4 redirects
4 secure.adnxs.com 3 redirects facture.azurewebsites.net
4 t.dtscout.com widgets.amung.us
t.dtscout.com
3 map.go.affec.tv 2 redirects facture.azurewebsites.net
3 tags.crwdcntrl.net t.dtscout.com
tags.crwdcntrl.net
2 webshanksus.lat
2 match.adsrvr.org 2 redirects
2 t.sharethis.com pd.sharethis.com
t.sharethis.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 pd.sharethis.com t.dtscout.com
facture.azurewebsites.net
2 pxdrop.lijit.com t.dtscout.com
pxdrop.lijit.com
2 facture.azurewebsites.net
1 a.dtssrv.com t.dtscout.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 dp1.33across.com 1 redirects
1 idsync.rlcdn.com facture.azurewebsites.net
1 dp2.33across.com 1 redirects
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com facture.azurewebsites.net
1 ups.analytics.yahoo.com facture.azurewebsites.net
1 cms.analytics.yahoo.com 1 redirects
1 t.dtscdn.com t.dtscout.com
1 cdn.tynt.com widgets.amung.us
1 p.dtsan.net t.dtscout.com
1 whos.amung.us widgets.amung.us
1 widgets.amung.us facture.azurewebsites.net
0 usermatch.krxd.net Failed facture.azurewebsites.net
0 tags.bluekai.com Failed de.tynt.com
34 30

This site contains no links.

Subject Issuer Validity Valid
*.azurewebsites.net
Microsoft Azure RSA TLS Issuing CA 04
2024-10-16 -
2025-10-11
a year crt.sh
amung.us
WE1
2024-11-02 -
2025-01-31
3 months crt.sh
dtscout.com
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
cert2-prod.aut.a24365.net
R11
2024-12-16 -
2025-03-16
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-21 -
2025-05-20
a year crt.sh
dtsan.net
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-05 -
2025-09-30
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
dtscdn.com
WE1
2024-11-04 -
2025-02-02
3 months crt.sh
cert1-prod.aut.a24365.net
R11
2024-11-04 -
2025-02-02
3 months crt.sh
webshanksus.lat
E5
2024-12-15 -
2025-03-15
3 months crt.sh
dtssrv.com
WE1
2024-11-13 -
2025-02-11
3 months crt.sh

This page contains 6 frames:

Primary Page: https://webshanksus.lat/
Frame ID: 434F3C60F2F8212EE3D45BB176790EA9
Requests: 30 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301734426130EFAA2D261F52030284
Frame ID: 2FD363D6CE3E6A46C06204EFE772719B
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1620.860&cid=c026&cls=sync
Frame ID: BFE73C6038F3AB2E03FDA963E398A3CB
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212922080322059&ret=html&random=1734426132
Frame ID: DD04ACC288D8D9F33B6010363EC61EDC
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=C
Frame ID: C0E4C3431CDB44E658294A1FC6C8778F
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: C1E3F6C3ADE052244DD8F9766112668E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://facture.azurewebsites.net/ Page URL
  2. https://webshanksus.lat/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Page Statistics

34
Requests

76 %
HTTPS

14 %
IPv6

23
Domains

30
Subdomains

23
IPs

4
Countries

89 kB
Transfer

158 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://facture.azurewebsites.net/ Page URL
  2. https://webshanksus.lat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301734426130EFAA2D261F52030284 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=16fe8330e0ef0a232e022211d686cc86&gdpr=0 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
Request Chain 19
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1734426131388.4&r=true HTTP 302
  • https://tags.bluekai.com/site/27519?id=212922080322059&ret=html&random=1734426132
Request Chain 20
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&ts=1734426131388.1 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D67613e1348b9ef00014cfaf5%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D67613e1348b9ef00014cfaf5%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/5904384482642579873?ch=67613e1348b9ef00014cfaf5&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/db3d0d4c-d486-4176-a57a-d3162c2f2b4c?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 21
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&random=1734426131388.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&random=1734426131388.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2eb92972-a4ab-4b2b-a818-447f137ea9e3%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2eb92972-a4ab-4b2b-a818-447f137ea9e3%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2f3bc690-9ca3-4460-a01f-8acdbc3ad132&ttd_puid=2eb92972-a4ab-4b2b-a818-447f137ea9e3%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad
Request Chain 22
  • https://dp2.33across.com/ps/?pid=1205&rand=1734426131388.3&r=true HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212696383148155
Request Chain 23
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.5&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.5&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOiGAGtUSgFAZ2_j7RPzBtA&google_cver=1
Request Chain 24
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&random=1734426131388.6&pu=https%3A%2F%2Ffacture.azurewebsites.net%2F&r=true HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212921758661406&seg_code=33x&random=1734426131 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212921758661406%26seg_code%3D33x%26random%3D1734426131
Request Chain 25
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.7&cat=33across HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.7&cat=33across HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBv-NzCyetdCUSbHZjROpBA&google_cver=1

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
facture.azurewebsites.net/
504 B
582 B
Document
General
Full URL
https://facture.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.84.37 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash
f1df3d35ba67abbe5a764d83001ae2c8c9a485a312afffea5c093490e1ce18b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 17 Dec 2024 09:02:10 GMT
ETag
W/"675f74b2-1f8"
Last-Modified
Mon, 16 Dec 2024 00:30:42 GMT
Server
nginx/1.26.1
Transfer-Encoding
chunked
small.js
widgets.amung.us/
8 KB
4 KB
Script
General
Full URL
https://widgets.amung.us/small.js
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"676078e1-2170"
age
3379
expires
Wed, 18 Dec 2024 08:05:51 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Dec 2024 09:02:10 GMT
content-type
application/x-javascript
last-modified
Mon, 16 Dec 2024 19:00:49 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=86400
cf-ray
8f35bb960978aae8-YYZ
access-control-allow-origin
*
server
cloudflare
/
t.dtscout.com/i/
8 KB
4 KB
Script
General
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6a9e1aea6e5ac73aa1117bab1bcbcb4d6caaabeae54acce2cf50999583c1d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7WalQ9Plf97nzhdDqiAi%2FKI%2FuX7URdQm5beu3DcOkC0ZwEMkA%2FpT3A%2FR10Hg2Mo2tZj3rCtQQHbZ8ha36z9gtZRGaD4VR1W%2Fq6rjZadLOVW0XUXbLfgJlaDSHYfK32h1ZrcY8YlArfWo60%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.237
cf-ray
8f35bb96aac6a296-YUL
expires
Tue, 17 Dec 2024 09:02:09 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=18219&min_rtt=18019&rtt_var=3905&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4021&recv_bytes=2262&delivery_rate=210928&cwnd=254&unsent_bytes=0&cid=db8b853b0a325ca4&ts=51&x=0"
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
application/javascript
x-s
mtl3
server
cloudflare
/
whos.amung.us/pingjs/
25 B
209 B
Script
General
Full URL
https://whos.amung.us/pingjs/?k=inst02&t=&c=s&x=https%3A%2F%2Ffacture.azurewebsites.net%2F&y=&a=0&d=0.373&v=27&r=3824
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89424f8ab19e9a0e6e51b0b4d366a27afb06760573358d2f5208776276abf73f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8f35bb96a9c1aae8-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=3,i=?0
/
t.dtscout.com/idg/ Frame 2FD3
0
0
Document
General
Full URL
https://t.dtscout.com/idg/?su=4C301734426130EFAA2D261F52030284
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://facture.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8f35bb973d53a2f2-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 17 Dec 2024 09:02:11 GMT
expires
Tue, 17 Dec 2024 09:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6rfJ7sU8mvNawKXbpx6nncX5WqP4KY3VzIlj6xyzWidJnW8MkRObch04IRUrm2KwFrp4fRjTlJfZO6Dm%2BR3tCnOdrZF0GLJv%2Bgy5HBnzD%2FhnTGHJlBltvO7BoKh9Zc1QLaa%2BkT1jy1CO2I%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=18195&min_rtt=18111&rtt_var=2986&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4000&recv_bytes=2440&delivery_rate=211295&cwnd=253&unsent_bytes=0&cid=12e940ffb9800001&ts=51&x=0"
vary
accept-encoding
t.dhj
pxdrop.lijit.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=facture.azurewebsites.net&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.26 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
936731633f68e7bfa46daa86c910871fb673c6a15cb654d9de2dbe7268075d3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Tue, 17 Dec 2024 10:02:11 GMT
Content-Length
1395
Date
Tue, 17 Dec 2024 09:02:11 GMT
Content-Type
text/javascript
dtscout
pd.sharethis.com/pd/
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.191.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-191-133.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
dc83cc20f52a4cb0cddc2327a4576420bc2c957804b1c7bd23110007b5998830
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Date
Tue, 17 Dec 2024 09:02:11 GMT
Content-Type
application/javascript
Connection
keep-alive
dtsa.js
p.dtsan.net/
9 KB
4 KB
Script
General
Full URL
https://p.dtsan.net/dtsa.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"670f478e-25f4"
age
24
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDetkNEjwljkAmLDEAmfLhDGMXppK4LAjiGhZNwxlW9BJa8b9mJy0dVMwy8yWpyRsDBxr24HdwDzWVh78sO9vryVJQmvGo36ns15%2BGNocy%2FgHGyunu388K6cYJRYJw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25146&min_rtt=25129&rtt_var=9457&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4146&recv_bytes=4235&delivery_rate=125057&cwnd=12000&unsent_bytes=0&cid=cfce8a9cfa17f5f1&ts=46&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 04:56:46 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f35bb972836abd0-YYZ
server
cloudflare
/
t.dtscout.com/pv/
51 B
532 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=facture.azurewebsites.net&_ss=380vd8wzpr&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ca&_pl=d&_cbid=ejo0&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e70fd56417653fb63aa1c65cc0c6474cc0aa53542cec5f9bc8407aef025521

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAO6Krk9qhZC8%2FJG7E2BmJppyfARYGvcG%2FrWtQ3B7si7cCkRFn3YYom9JD5xBglhz5UniEh9rLAVh4ByKJ3aAkULb0m9LNW0HF%2BLo55QlqyM1tiHIw3ZAMqUI%2FQv24V5a9E4ys%2BYz5vXChg%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.148
cf-ray
8f35bb96fafaa296-YUL
expires
Tue, 17 Dec 2024 09:02:10 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=19875&min_rtt=18019&rtt_var=3981&sent=15&recv=18&lost=0&retrans=0&sent_bytes=8343&recv_bytes=2446&delivery_rate=414421&cwnd=257&unsent_bytes=0&cid=db8b853b0a325ca4&ts=103&x=0"
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
application/javascript
server
cloudflare
tc.js
cdn.tynt.com/
26 KB
9 KB
Script
General
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed18d-66a6"
age
8989
cf-ray
8f35bb977e5736aa-YYZ
expires
Fri, 20 Dec 2024 09:02:11 GMT
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
439 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
62 KB
19 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-97.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2afd7a7856345176e1c9c378191ae043"
age
5034
via
1.1 43f27522b495b3528b34cc370e352bba.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mbKBjNLGN-3R8N6usWqYMvjwNAPN_6MAxb396obFkYGu3Rgu1edRMQ==
date
Tue, 17 Dec 2024 07:38:55 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
/
t.dtscdn.com/widget/
0
760 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=4C301734426130EFAA2D261F52030284&nid=0&p=2114454483&t=480&s=1600x1200x24&u=https%3A%2F%2Ffacture.azurewebsites.net%2F&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHKqq8lGlSYGpPKhl3vrHVz01u4jlh3fzgMqbSZGXkjWpTehxOmihrS4ujNiEx3yztGr9tnd7e0YErW3o358aAbfdg5A1largIb7aQ%2FJHiG%2BwUn01EIMF496OWrDJkxS%2F72Ibg5JY5ns%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.98
cf-ray
8f35bb97fc4b33f5-YUL
expires
Tue, 17 Dec 2024 08:04:30 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=18218&min_rtt=18085&rtt_var=3119&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2287&delivery_rate=214368&cwnd=254&unsent_bytes=0&cid=bd3d754947df9ad9&ts=57&x=0"
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
application/javascript; charset=UTF-8
x-server
web13.ny1.dtscdn.com
server
cloudflare
cms
ups.analytics.yahoo.com/ups/58679/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C301734426130EFAA2D261F52030284
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=16fe8330e0ef0a232e022211d686cc86&gdpr=0
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
0
131 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
H2
Server
2001:4998:60:807::2 , United States, ASN14196 (YAHOO-CHA, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Tue, 17 Dec 2024 09:02:12 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
cache-control
no-store
location
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
content-length
257
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
text/html
content-language
en
server
ATS
t_.htm
pxdrop.lijit.com/a/ Frame BFE7
0
0
Document
General
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1620.860&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=facture.azurewebsites.net&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.25 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://facture.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Tue, 17 Dec 2024 09:02:11 GMT
Expires
Tue, 24 Dec 2024 09:02:11 GMT
X-Robots-Tag
noindex, nofollow
p
ic.tynt.com/b/
35 B
648 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!inst02&lm=0&ts=1734426131207&dn=TC&iso=0&pu=https%3A%2F%2Ffacture.azurewebsites.net%2F&t=facture.azurewebsites.net&chmob=0
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag
"4bc8846c-23"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges
bytes
content-length
35
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 17 Dec 2024 09:02:11 GMT
content-type
image/gif
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
t.dhj
t.sharethis.com/1/k/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.4393553757083053&stid=ZGCAA2dhPhMAAAAITsfeAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e38192f4148884481fea7adcc0b115d8a60a0e2fb02bb4c472c5bc002d4c4fa
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Tue, 17 Dec 2024 10:02:11 GMT
Content-Length
1383
Date
Tue, 17 Dec 2024 09:02:11 GMT
Content-Type
text/javascript
dtscout
pd.sharethis.com/pd/
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Ffacture.azurewebsites.net%2F&event_source=dtscout&rnd=0.4393553757083053&exptid=ZGCAA2dhPhMAAAAITsfeAw%3D%3D&fcmp=false
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.191.133 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-191-133.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Tue, 17 Dec 2024 09:02:11 GMT
Content-Type
image/gif
Connection
keep-alive
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=w!inst02&dn=TC&cc=1&chmob=0&r=&pu=https%3A%2F%2Ffacture.azurewebsites.net%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
90f7ba50e8a64dc4679a9fd48df9859c70261d5a14a198ca78586539e8fda3d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1446
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Tue, 17 Dec 2024 09:02:10 GMT
content-type
application/javascript
27519
tags.bluekai.com/site/ Frame DD04
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1734426131388.4&r=true
  • https://tags.bluekai.com/site/27519?id=212922080322059&ret=html&random=1734426132
0
0

db3d0d4c-d486-4176-a57a-d3162c2f2b4c
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&ts=1734426131388.1
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D67613e1348b9ef00014cfaf5%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D67613e1348b9ef00014cfaf5%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/5904384482642579873?ch=67613e1348b9ef00014cfaf5&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/db3d0d4c-d486-4176-a57a-d3162c2f2b4c?ttd_puid=&gdpr=0&gdpr_consent=
0
561 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/db3d0d4c-d486-4176-a57a-d3162c2f2b4c?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
H2
Server
18.214.43.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-43-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

date
Tue, 17 Dec 2024 09:02:12 GMT
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

location
https://map.go.affec.tv/map/ttd/db3d0d4c-d486-4176-a57a-d3162c2f2b4c?ttd_puid=&gdpr=0&gdpr_consent=
content-length
229
date
Tue, 17 Dec 2024 09:02:12 GMT
server
Kestrel
v2
usermatch.krxd.net/um/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&random=1734426131388.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&random=1734426131388.2&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2eb92972-a4ab-4b2b-a818-447f137ea9e3%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2eb92972-a4ab-4b2b-a818-447f137ea9e3%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=2f3bc690-9ca3-4460-a01f-8acdbc3ad132&ttd_puid=2eb92972-a4ab-4b2b-a818-447f137ea9e3%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
0
0

405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1734426131388.3&r=true
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212696383148155
42 B
440 B
Image
General
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212696383148155
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Tue, 17 Dec 2024 09:02:12 GMT
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212696383148155
pragma
no-cache
referrer-policy
unsafe-url
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
0
date
Tue, 17 Dec 2024 09:02:11 GMT
server
33XP018
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.5&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.5&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOiGAGtUSgFAZ2_j7RPzBtA&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOiGAGtUSgFAZ2_j7RPzBtA&google_cver=1
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
HTTP/1.1
Server
52.54.69.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-69-117.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 17 Dec 2024 09:02:12 GMT
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEOiGAGtUSgFAZ2_j7RPzBtA&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
375
date
Tue, 17 Dec 2024 09:02:12 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&random=1734426131388.6&pu=https%3A%2F%2Ffacture.azurewebsites.net%2F&r=true
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212921758661406&seg_code=33x&random=1734426131
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212921758661406%26seg_code%3D33x%26random%3D1734426131
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212921758661406%26seg_code%3D33x%26random%3D1734426131
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
H2
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a802afde-9acd-4449-bfac-cfeaf292fc2f
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 17 Dec 2024 09:02:12 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212921758661406%26seg_code%3D33x%26random%3D1734426131
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
167.114.209.103; 167.114.209.103; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
457ed6a1-d5b3-4c6c-8d2e-e79617fc4bdc
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Tue, 17 Dec 2024 09:02:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.7&cat=33across
  • https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=CoIKSmdhPhN%2BC3S0E4hfAg%3D%3D&us_privacy=&33random=1734426131388.7&cat=33across
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjN3Y1l6WnZkN1FhYkNlR29UMHVqYkM4Q3IxdUJkVk5mR1dUdFFDX3ppNFk&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBv-NzCyetdCUSbHZjROpBA&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBv-NzCyetdCUSbHZjROpBA&google_cver=1
Requested by
Host: facture.azurewebsites.net
URL: https://facture.azurewebsites.net/
Protocol
HTTP/1.1
Server
52.54.69.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-69-117.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Tue, 17 Dec 2024 09:02:12 GMT
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=c9gd671&google_gid=CAESEBv-NzCyetdCUSbHZjROpBA&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
375
date
Tue, 17 Dec 2024 09:02:12 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
t_.htm
t.sharethis.com/a/ Frame C0E4
0
0
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1620.23405&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.4393553757083053&stid=ZGCAA2dhPhMAAAAITsfeAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.251.8 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-212-251-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://facture.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Tue, 17 Dec 2024 09:02:12 GMT
Expires
Tue, 24 Dec 2024 09:02:12 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-97.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://facture.azurewebsites.net/

Response headers

vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
access-control-allow-methods
GET
via
1.1 a12dd72d92e3f1ca9cddeb72bfc4ba56.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
jkEJ7rr3bIKZQ9C65YtcgXKV-F_gug1vpt44Q0uSJ9GgdSILsTYXfw==
date
Tue, 17 Dec 2024 09:02:13 GMT
content-type
application/json
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
Primary Request /
webshanksus.lat/
58 B
233 B
Document
General
Full URL
https://webshanksus.lat/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.138.16.245 Warsaw, Poland, ASN210558 (services-1337-gmbh 1337 Services GmbH, DE),
Reverse DNS
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
07eddbc9218d214eccacb86e885cbb2157ac1b45b54fad6a7b51fd71797f9f54

Request headers

Referer
https://facture.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
close
Content-Length
58
Content-Type
text/plain;;charset=UTF-8
Date
Tue, 17 Dec 2024 09:02:12 GMT
Server
Apache/2.4.58 (Ubuntu)
/
t.dtscout.com/pv/
0
487 B
Ping
General
Full URL
https://t.dtscout.com/pv/
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryjYMfZZjnhL0BZruF
Referer
https://facture.azurewebsites.net/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvUCfn%2BWGu9XkOBCza2%2FN05uRQtSwbeEpg6QYKNnqt2S91Zg258vNiFfdPEkJscdROnJX2qH2%2B9kUbzB1UnefEUjYIZIHE5VI%2BCoLeFOP6yfXWzP9KcsnFtQp%2BKCoF4BRqzTcMlMXbycGOc%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.088
cf-ray
8f35bb9eceeea296-YUL
expires
Tue, 17 Dec 2024 09:02:11 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=19670&min_rtt=18019&rtt_var=3395&sent=20&recv=21&lost=0&retrans=0&sent_bytes=8963&recv_bytes=3639&delivery_rate=414421&cwnd=257&unsent_bytes=0&cid=db8b853b0a325ca4&ts=1360&x=0"
date
Tue, 17 Dec 2024 09:02:12 GMT
content-type
application/javascript
server
cloudflare
favicon.ico
facture.azurewebsites.net/
555 B
350 B
Other
General
Full URL
https://facture.azurewebsites.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.228.84.37 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.26.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Tue, 17 Dec 2024 09:02:12 GMT
Content-Type
text/html
Server
nginx/1.26.1
data
bcp.crwdcntrl.net/6/
676 B
2 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.239.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-239-128.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://facture.azurewebsites.net/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://facture.azurewebsites.net
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
676
date
Tue, 17 Dec 2024 09:02:12 GMT
content-type
application/json;charset=utf-8
x-server
10.40.49.17
server
Jetty(9.4.38.v20210224)
a
a.dtssrv.com/
0
670 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=4C301734426130EFAA2D261F52030284&k=lotpano&v=3f1fa5368b1e0859e61c1b578bcaa9fb927a9100590a465c92f41a5cc47af837
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Ffacture.azurewebsites.net%2F&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://facture.azurewebsites.net/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6AetAVcIVGw4I0mFsVQKRtFvZU8S9ROw4zcuiiFPUeeKe3N0S3Pb7LEG3guONt%2BkLEroTPrGbVyfzTPV79iJLPQd26nXBRT%2BZQEA3nJzGV2LTxQ8AGHeXuWJXLzucug%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f35bba12906ac2e-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24449&min_rtt=24443&rtt_var=9178&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4151&recv_bytes=5618&delivery_rate=126692&cwnd=12000&unsent_bytes=0&cid=3681e392bda70d44&ts=55&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 09:02:12 GMT
content-type
text/html; charset=UTF-8
vary
accept-encoding
server
cloudflare
priority
u=4,i
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame C1E3
0
0
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.69.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-69-51.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://facture.azurewebsites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
65104
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Mon, 16 Dec 2024 14:57:09 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 129992dce1f07236bc0fef123684fb68.cloudfront.net (CloudFront)
x-amz-cf-id
kJqetVQkfkP3yYqFz2ZvXSq-nb5BGkpx_68yDAJMv7fZKCCTu-Vr2g==
x-amz-cf-pop
IAD61-P6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
favicon.ico
webshanksus.lat/
30 KB
30 KB
Other
General
Full URL
https://webshanksus.lat/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.138.16.245 Warsaw, Poland, ASN210558 (services-1337-gmbh 1337 Services GmbH, DE),
Reverse DNS
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
1d7c95c5eea00a8083a95810f902682f9e26e7fbb7876b022a403642d776d0c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://webshanksus.lat/

Response headers

ETag
"78ae-62885e4e15d00"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30894
Keep-Alive
timeout=5, max=100
Date
Tue, 17 Dec 2024 09:02:13 GMT
Last-Modified
Thu, 05 Dec 2024 13:29:56 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.58 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/27519?id=212922080322059&ret=html&random=1734426132
Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=tapad

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1734426130
.dtscout.com/ Name: l
Value: 4C301734426130EFAA2D261F52030284
.facture.azurewebsites.net/ Name: __dtsu
Value: 4C301734426130EFAA2D261F52030284
.lijit.com/ Name: lijitAcc3PC
Value: 1
.onaudience.com/ Name: cookie
Value: 412a6b126f10d920
.onaudience.com/ Name: done_redirects161
Value: 1
.dtscdn.com/ Name: uid
Value: 4C301734426130EFAA2D261F52030284
.sharethis.com/ Name: __stid
Value: ZGCAA2dhPhMAAAAITsfeAw==
.sharethis.com/ Name: __stidv
Value: 2
.tynt.com/ Name: uid
Value: CoIKSmdhPhN+C3S0E4hfAg==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1734426131388%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1734426131388%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1734426131388%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1734426131388%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1734426131388%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1734426131388%7D%5D
.exelator.com/ Name: EE
Value: "16fe8330e0ef0a232e022211d686cc86"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHQLC3VwtjYINUgNc0g0cjYKNXAyMjI0DDFzMIsOdnCbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6ImfHxUUpaQyLSopPBZ98%252BRYAfkUqvQ%253D%253D"
.onaudience.com/ Name: done_redirects252
Value: 1
.go.affec.tv/ Name: ck
Value: 67613e1348b9ef00014cfaf4
.go.affec.tv/ Name: oo
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1734426131946
.tapad.com/ Name: TapAd_DID
Value: 2eb92972-a4ab-4b2b-a818-447f137ea9e3
.eyeota.net/ Name: mako_uid
Value: 193d3da7e05-10380000010a4f21
.eyeota.net/ Name: SERVERID
Value: 20257~DM
.33across.com/ Name: 33x_ps
Value: u%3D212922080322059%3As1%3D1734426132002%3Ats%3D1734426132002
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rlcdn.com/ Name: rlas3
Value: y1PnExLVRyXIjLq1PUG2IQpvYsBOfHi53CSu8ovRkCs=
.adnxs.com/ Name: XANDR_PANID
Value: MBdOYsUcP6xhxCZ_9OkrNZJKh2q556fPZTQ48nfp2a6Li2bmY0Brz7ua7HkwZ_lHNumqz3wTeZRg8hNW6Bf2WYgLgl8xUS9LhlIC_zp0Fw8.
.adnxs.com/ Name: uuid2
Value: 9177262485272260567
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVI<-?kT!@wnf-Te9(>wL5L!!'aM$rPE3
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1734426132164
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8457
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTczNDQyNjEzMiwiaWQiOiI1OTA0Mzg0NDgyNjQyNTc5ODczIiwibHMiOjE3MzQ0MjYxMzJ9LCJ0dCI6eyJkdCI6MTczNDQyNjEzMSwiaWQiOiJDb0lLU21kaFBoTitDM1MwRTRoZkFnPT0iLCJscyI6MTczNDQyNjEzMX0sInRkIjp7ImR0IjoxNzM0NDI2MTMyLCJpZCI6ImRiM2QwZDRjLWQ0ODYtNDE3Ni1hNTdhLWQzMTYyYzJmMmI0YyIsImxzIjoxNzM0NDI2MTMyfSwidiI6MH0=|1734426132|73ed964f3c22428a5f529881fa62df00761ab6ea
.doubleclick.net/ Name: IDE
Value: AHWqTUnsnIDfphzWf_cUnQ4sAp8zkIwtfC1fBAmGWZtyojgFn4mEbwis7bukEVh4WLI
.adsrvr.org/ Name: TDID
Value: 2f3bc690-9ca3-4460-a01f-8acdbc3ad132
.ml314.com/ Name: pi
Value: 3649181310142906406
.exelator.com/ Name: hsk_2465
Value: "gAAAAAQAAABYKLUv%252FSBYwQIAiKRidWlkoKNoc2ukNjU2MKhkZWxpdmVyeaQ2NTYwo3ZlcgGlYm5hbWWnUzIwNFNIUqV0c2Vnc68yNjkzODUwLDI2Mzg3NzGlYmNvZGXNCaGidHPKU8np7Q%253D%253D"
.rlcdn.com/ Name: pxrc
Value: CJT8hLsGEgUI204QAA==
.facture.azurewebsites.net/ Name: lotame_domain_check
Value: facture.azurewebsites.net
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 77df623a2c749bcc700d7ff15f4ef4bd
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQMDdPSTMzMk40SjY3sUxKTjY3MEgxT0szNE0zSU0zSUphAIL0RDuRb%2F%2F%2F%2F%2BdngAHetV%2F%2FGTHu7GBk%2BM%2FIyHB6xg8E59fGKSxMUM5HWbDQ6vVPudGEJp9QRxM5v3gOur5zRw8xowkdxlR149QjNjShS5hCT1581EUT2vSnEE3k%2Frp2UzQhAFVWYQQ%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIT7QTYYABVgYGrhkgBn9QJYQqB4svagWRjA%2FrgSQAgyQF%2FA%3D%3D"
.facture.azurewebsites.net/ Name: _cc_id
Value: 77df623a2c749bcc700d7ff15f4ef4bd
.facture.azurewebsites.net/ Name: _cc_cc
Value: ACZ4nGNQMDdPSTMzMk40SjY3sUxKTjY3MEgxT0szNE0zSU0zSUphAIL0RDuRb%2F%2F%2F%2F%2BdngAHetV%2F%2FGTHu7GBk%2BM%2FIyHB6xg8E59fGKSxMUM5HWbDQ6vVPudGEJp9QRxM5v3gOur5zRw8xowkdxlR149QjNjShS5hCT1581EUT2vSnEE3k%2Frp2UzQhAFVWYQQ%3D
.facture.azurewebsites.net/ Name: _cc_aud
Value: ABR4nGNgYGBIT7QTYYABVgYGrhkgBn9QJYQqB4svagWRjA%2FrgSQAgyQF%2FA%3D%3D
.facture.azurewebsites.net/ Name: panoramaId_expiry
Value: 1734512532520
.facture.azurewebsites.net/ Name: panoramaId
Value: 3f1fa5368b1e0859e61c1b578bcaa9fb927a9100590a465c92f41a5cc47af837
.facture.azurewebsites.net/ Name: panoramaIdType
Value: panoDevice
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjO5eaih6HPPRAFOAFaBmxvdGFtZWAC

3 Console Messages

Source Level URL
Text
network error URL: https://usermatch.krxd.net/um/v2?partner=tapad
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://facture.azurewebsites.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://webshanksus.lat/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
bcp.crwdcntrl.net
cdn.tynt.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
de.tynt.com
dp1.33across.com
dp2.33across.com
facture.azurewebsites.net
ic.tynt.com
idsync.rlcdn.com
loada.exelator.com
map.go.affec.tv
match.adsrvr.org
p.dtsan.net
pd.sharethis.com
pixel.onaudience.com
ps.eyeota.net
pxdrop.lijit.com
secure.adnxs.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bluekai.com
tags.crwdcntrl.net
ups.analytics.yahoo.com
usermatch.krxd.net
webshanksus.lat
whos.amung.us
widgets.amung.us
tags.bluekai.com
usermatch.krxd.net
104.18.12.146
148.113.153.93
172.67.163.146
172.67.167.79
172.67.8.141
18.116.191.133
18.214.43.89
2001:4998:60:807::2
23.212.251.25
23.212.251.26
23.212.251.8
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2606:4700:21::8d65:780b
3.167.69.51
3.167.69.97
34.229.3.43
35.244.154.8
45.138.16.245
52.223.40.198
52.228.84.37
52.45.239.128
52.54.69.117
64.233.180.155
67.202.105.22
67.202.105.23
67.202.105.33
68.67.179.153
07eddbc9218d214eccacb86e885cbb2157ac1b45b54fad6a7b51fd71797f9f54
1d7c95c5eea00a8083a95810f902682f9e26e7fbb7876b022a403642d776d0c9
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5e38192f4148884481fea7adcc0b115d8a60a0e2fb02bb4c472c5bc002d4c4fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89424f8ab19e9a0e6e51b0b4d366a27afb06760573358d2f5208776276abf73f
90f7ba50e8a64dc4679a9fd48df9859c70261d5a14a198ca78586539e8fda3d0
936731633f68e7bfa46daa86c910871fb673c6a15cb654d9de2dbe7268075d3b
aa6a9e1aea6e5ac73aa1117bab1bcbcb4d6caaabeae54acce2cf50999583c1d9
bae0be00456ea666920477be254fdcf5104a179cc46135c316a70ddbee9f8964
dc83cc20f52a4cb0cddc2327a4576420bc2c957804b1c7bd23110007b5998830
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df92371a548b99f90afb3caeb15fdd106cbb37809b0f3f9db3db055e581ac28a
e0e70fd56417653fb63aa1c65cc0c6474cc0aa53542cec5f9bc8407aef025521
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1df3d35ba67abbe5a764d83001ae2c8c9a485a312afffea5c093490e1ce18b0
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac