urlscan.io logo urlscan.io
SecurityTrails logo

bnsz.xyz Open in urlscan Pro
107.180.114.239  Public Scan

Go To Rescan Add Verdict Report
URL: https://bnsz.xyz/carrefour-29/crushare/
Submission Tags: falconsandbox
Submission: On October 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 40 HTTP transactions. The main IP is 107.180.114.239, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is bnsz.xyz.
TLS certificate: Issued by R10 on August 20th 2024. Valid for: 3 months.
This is the only time bnsz.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 107.180.114.239 26496 (AS-26496-...)
9 199.232.192.193 54113 (FASTLY)
2 172.66.47.36 13335 (CLOUDFLAR...)
2 185.66.200.220 201702 (SKHOSTING-EU)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 2a04:4e42::649 54113 (FASTLY)
1 2 23.43.85.20 20940 (AKAMAI-ASN1)
2 142.251.41.3 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.130 16276 (OVH)
3 2606:4700:21:... 13335 (CLOUDFLAR...)
2 23.34.59.30 20940 (AKAMAI-ASN1)
1 172.64.153.173 13335 (CLOUDFLAR...)
1 67.202.105.33 32748 (STEADFAST)
1 67.202.105.34 32748 (STEADFAST)
1 108.138.128.28 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.64.152.89 13335 (CLOUDFLAR...)
4 5 35.244.154.8 396982 (GOOGLE-CL...)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
1 2 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
40 22
1    107.180.114.239 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 239.114.180.107.host.secureserver.net
bnsz.xyz
9    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
2    172.66.47.36 (United States)

ASN13335 (CLOUDFLARENET, US)
od-jsc.pages.dev
2    185.66.200.220 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
udbaa.com
3    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    23.43.85.20 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-43-85-20.deploy.static.akamaitechnologies.com
img1.wsimg.com
2    142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net
fonts.gstatic.com
1    2606:4700:10::ac42:8476 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net
s4.histats.com
3    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
2    23.34.59.30 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-34-59-30.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
1    67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net
de.tynt.com
1    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
1    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
5    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
rc.rlcdn.com
idsync.rlcdn.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
9 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8556
4 MB
5 rlcdn.com
rc.rlcdn.com — Cisco Umbrella Rank: 3837
idsync.rlcdn.com — Cisco Umbrella Rank: 462
1 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 19153
ic.tynt.com — Cisco Umbrella Rank: 15804
de.tynt.com — Cisco Umbrella Rank: 1465
9 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 14258
t.dtscout.com — Cisco Umbrella Rank: 12321
4 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
6 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
901 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 751
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 516
665 B
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 4484
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12259
s4.histats.com — Cisco Umbrella Rank: 12449
5 KB
2 gstatic.com
fonts.gstatic.com
48 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10296
21 KB
2 udbaa.com
udbaa.com — Cisco Umbrella Rank: 640585
990 B
2 pages.dev
od-jsc.pages.dev — Cisco Umbrella Rank: 842149
2 KB
1 33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 37866
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 13050
601 B
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1011
19 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
33 KB
1 bnsz.xyz
bnsz.xyz
12 KB
0 simpli.fi Failed
i.simpli.fi Failed
0 yahoo.com Failed
ups.analytics.yahoo.com Failed
40 21
Domain Requested by
9 i.imgur.com bnsz.xyz
4 rc.rlcdn.com 4 redirects
3 www.facebook.com bnsz.xyz
2 px.ads.linkedin.com 1 redirects bnsz.xyz
2 pippio.com 1 redirects bnsz.xyz
2 us-u.openx.net 2 redirects
2 pxdrop.lijit.com e.dtscout.com
pxdrop.lijit.com
2 t.dtscout.com e.dtscout.com
2 fonts.gstatic.com od-jsc.pages.dev
2 img1.wsimg.com 1 redirects bnsz.xyz
2 udbaa.com bnsz.xyz
udbaa.com
2 od-jsc.pages.dev bnsz.xyz
1 idsync.rlcdn.com bnsz.xyz
1 cdn-tc.33across.com de.tynt.com
1 t.dtscdn.com e.dtscout.com
1 tags.crwdcntrl.net e.dtscout.com
1 de.tynt.com cdn.tynt.com
1 ic.tynt.com bnsz.xyz
1 cdn.tynt.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
1 s10.histats.com bnsz.xyz
1 code.jquery.com bnsz.xyz
1 bnsz.xyz
0 i.simpli.fi Failed bnsz.xyz
0 ups.analytics.yahoo.com Failed bnsz.xyz
40 26

This site contains no links.

Subject Issuer Validity Valid
www.bnsz.xyz
R10		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
od-jsc.pages.dev
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
banners.udbaa.com
R10		 2024-08-15 -
2024-11-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
s10.histats.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
histats.com
R11		 2024-08-06 -
2024-11-04		 3 months crt.sh
dtscout.com
WE1		 2024-09-10 -
2024-12-09		 3 months crt.sh
cert2-prod.aut.a24365.net
R10		 2024-10-04 -
2025-01-02		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
dtscdn.com
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh

This page contains 5 frames:

Primary Page: https://bnsz.xyz/carrefour-29/crushare/
Frame ID: 63D8142E3064BFEBBDEB6C9089A9CFA8
Requests: 36 HTTP requests in this frame

Frame: https://udbaa.com/bnr_xload.php?section=newk1&pub=886613&format=300x250&ga=g&xt=172899124616704&xtt=2377048&dateStr=10/15/2024%2001:20:46
Frame ID: 80E80147D769FC71249F80297716ED34
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01728991247CAC4DEDA06087E8530
Frame ID: D41F4A43293418D1712E9137EF4FD1F0
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1568.844&cid=c026&cls=sync
Frame ID: B212B75A76D78EBC9B8AC8A0BF6F3FFD
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 89145BF2FE199D60649AF0D9DC910D56
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CRE 29 1 - SHARE

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

83 %
HTTPS

27 %
IPv6

21
Domains

26
Subdomains

22
IPs

4
Countries

4149 kB
Transfer

4389 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Request Chain 31
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01728991247CAC4DEDA06087E8530 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2a916b51bf3e90ea3dcd9042c8bd21b2&gdpr=1 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
Request Chain 34
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1728991248792.1 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=608fe027-7fb6-4f2f-b406-ed1b930f0b6d
Request Chain 36
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1728991248792.4 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2
Request Chain 38
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1728991248792.6 HTTP 307
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCJGgubgGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&rand=04239966 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&rand=04239966&expected_cookie=df707dcc-264b-4b17-96a1-e7bdacf0e8a4

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bnsz.xyz/carrefour-29/crushare/ 		50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.114.239 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
239.114.180.107.host.secureserver.net
Software
Apache /
Resource Hash
bdc582fa7ee195e9ba35d3e72343d47c49a3481397f7cb8400bfc80c269356cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
11991
content-type
text/html
date
Tue, 15 Oct 2024 11:20:44 GMT
etag
"2560204-c558-6247ee72eb9ab-br"
last-modified
Tue, 15 Oct 2024 07:28:43 GMT
server
Apache
vary
Accept-Encoding
M7V75Do.png
i.imgur.com/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/M7V75Do.png
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
bf4a1c482b18f9b46f7a0a7ea32656093b050d63ee4c1bcbb7427a52706d346c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"d584a43b9feb74437735417ea0086223"
age
3087707
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
Kmw596p8Co0iSg4koLpq7_QJpeicUsa18UVmn4Qa-2Os7MpWnxW3ng==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/png
last-modified
Fri, 16 Aug 2024 20:24:13 GMT
x-cache-hits
263, 3
x-served-by
cache-iad-kiad7000027-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.214975,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
11403
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
css2.css
od-jsc.pages.dev/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://od-jsc.pages.dev/css2.css?family=Poppins:wght@500;700&display=swap
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"ea2f2b6f152177bb4346aa8b89e3c5d9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRHK6kNoKnV1jXEjwgaZb8xN1PeOJecjTG3MuL4OE3QkPQM1u5%2FwdQw8MoCZdiDAcTXgr9ycAnJphIEKrJ1sGlJ5ULo%2FnQRQGCjhUC4O%2FyJXJZFthlErPj92vqGP6k0yaeMu"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d2f6bf2486c7c23-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
droidarabicnaskh.css
od-jsc.pages.dev/ 		1 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://od-jsc.pages.dev/droidarabicnaskh.css
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.47.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"4c47ee2aa08d75c53fbb400d0a2bd286"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDkrlkMtaKfGf7m5fdtHPFCesRPx9fFpC8zxrXwlWNw2%2B6MVUq7PcjdUrmvuygxJoaIvvW7v9v3Z1I8Fw7m5Cs8oVAGNKAc8ioQUVn1bXMSs21fu4H3oejext5b9YnFtyClA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8d2f6bf2486d7c23-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
00we3LI.png
i.imgur.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/00we3LI.png
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e988fe08759ab79543cfd638c4342d25f5541aec0b19f418bbc680ec1bd26d7f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"a9933720d75052eb51d811c21c87e94f"
age
2420254
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
pKitd4jgVuaWJ1av0bIvxkHfUluUZMHB_SwFCrKAewH7fPiArURRBg==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/png
last-modified
Sun, 08 May 2022 20:11:22 GMT
x-cache-hits
387, 2
x-served-by
cache-iad-kiad7000100-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.215128,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
6005
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
IVTl8PA.png
i.imgur.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/IVTl8PA.png
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
134133f20e51ce748626f8a9edf82f122e72d2765bf3fd2e37a1d0bca0813383
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"fd91a1f3c65c45759362979830b04667"
age
248213
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
mcaMYNKrB3eEbFfRUpBCR5cO4bSSQtxo7EsZWrroXBqXMBsu4_eDLQ==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/png
last-modified
Fri, 16 Aug 2024 23:12:13 GMT
x-cache-hits
8, 2
x-served-by
cache-iad-kiad7000089-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.215167,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
19577
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
r8DQjea.gif
i.imgur.com/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/r8DQjea.gif
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
983163f971593bcd09b71971f8cee6905a2bb8bfc104c68e1c8dacf69b308b08
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"7a05593d9b060d27822658a98327b755"
age
412731
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
lyl0Rx36bpeouqMIO3oidvElQZD6XI_PxrgYErfGCxNVWodfTFypRQ==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/gif
last-modified
Fri, 16 Aug 2024 23:18:25 GMT
x-cache-hits
51, 0
x-served-by
cache-iad-kjyo7100064-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.214962,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
3697349
x-amz-cf-pop
IAD55-P6
server
cat factory 1.0
x-amz-server-side-encryption
AES256
fOiNt8E.gif
i.imgur.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/fOiNt8E.gif
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
42856a1066ecd5b234eab4f25eb60a835383cb304881a13d3a969d40da9d8502
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"604903f0d3d37153512868fa199ce1bb"
age
1382298
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
DQzOaq6XAxHYEcojIy8HlJW-e3AljJqy1UGfTRoO-YuuIwqxoXSveg==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/gif
last-modified
Sun, 29 Sep 2024 11:22:28 GMT
x-cache-hits
5, 2
x-served-by
cache-iad-kiad7000029-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.215149,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
32319
x-amz-cf-pop
IAD55-P7
server
cat factory 1.0
x-amz-server-side-encryption
AES256
bnr.php
udbaa.com/ 		736 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udbaa.com/bnr.php?section=newk1&pub=886613&format=300x250&ga=g
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash
fe2e5b5ee01d8ddcfd16c09df801239f8778c322f64a287b88cdd103db813036

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

x-robots-tag
noindex, nofollow, noarchive, nosnippet
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Tue, 15 Oct 2024 11:20:46 GMT
date
Tue, 15 Oct 2024 11:20:46 GMT
content-type
application/javascript
last-modified
Tue, 15 Oct 2024 11:20:46 GMT
server
nginx
/
www.facebook.com/reaction/image/1635855486666999/ 		815 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/1635855486666999/?size=20&scale=1
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 04:35:02 +0000
date
Mon, 07 Oct 2024 04:35:02 GMT
content-type
image/png
x-fb-debug
2tjbph100KOkd3H1Aw5Ao1Tua4KXWxvfHgIxxXthVKnqSUR0xDnqIWzNzBwOe0jBbnFAK9NZrZzh6BoGnJE/UA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
815
x-xss-protection
0
/
www.facebook.com/reaction/image/1678524932434102/ 		816 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/1678524932434102/?size=20&scale=1
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 15:39:18 +0000
date
Tue, 08 Oct 2024 15:39:18 GMT
content-type
image/png
x-fb-debug
K8zJjplnt/XCtn+5PsHlnaS4ujJqNDP4cMzw0eeU2GL/MYyBDASbF4ejVbKqc9QydDcC8JOUNUEcr9wo2xbJyQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
816
x-xss-protection
0
/
www.facebook.com/reaction/image/613557422527858/ 		1 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/reaction/image/613557422527858/?size=20&scale=1
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 16:47:45 +0000
date
Sun, 06 Oct 2024 16:47:45 GMT
content-type
image/png
x-fb-debug
ziYElEobneb8xgiMXi1CWubSh3e0/jVmMnKW+xKJvBqnW0eHkqNS92fl8LUcPnKSEAor3U2XLWNgNZganUzSnA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
public, max-age=1209600
cross-origin-opener-policy
same-origin-allow-popups
pragma
public
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
content-length
1179
x-xss-protection
0
k2t2VPm.jpg
i.imgur.com/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/k2t2VPm.jpg
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
ed11bf6576d4baffbe96af61bfc030bad4fc5a05a5e40b24927cf5036f1b6888
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"f2b70fe2cd70243345fd7a53d288891d"
age
3395875
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
A1b6t39EZXYCY7B0Dt8a6Ug9lT4Lk8wUmRBRtpOoBU3cHSL2-0o7xg==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/jpeg
last-modified
Tue, 02 Jan 2024 08:41:58 GMT
x-cache-hits
263, 2
x-served-by
cache-iad-kjyo7100098-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.257845,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
77899
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
AZiyQnM.jpeg
i.imgur.com/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/AZiyQnM.jpeg
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e698c3bc4e4e3e39bd8b66115af57acd116c54e3864559e60c131241850a2f95
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"95b773841448bc01b51c7fa8ce9b02ef"
age
981524
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
0v-Y6Zq8KiNeKZO9k_Mb98hmqJvm0DeV5RXcLFbLqqaKyc2oMxtyJQ==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/jpeg
last-modified
Sat, 30 Dec 2023 22:37:43 GMT
x-cache-hits
27, 2
x-served-by
cache-iad-kjyo7100116-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.257827,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
88223
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
H5Oxc1G.jpeg
i.imgur.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/H5Oxc1G.jpeg
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
4dd54c505638b72d4dba56c63070e5f206b5c91e2e6debf192a67ddbdcb803e8
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"2bf2b904a7f576dc31fce6a61acab504"
age
1204033
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
u8BKJc8DXKavqpdINqITNuDsO-jSrFipiHQzy-EnyLcj04phFUy-Fw==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/jpeg
last-modified
Sat, 30 Dec 2023 22:38:12 GMT
x-cache-hits
30, 2
x-served-by
cache-iad-kiad7000154-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.257885,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
31477
x-amz-cf-pop
IAD61-P5
server
cat factory 1.0
x-amz-server-side-encryption
AES256
WvALXki.jpeg
i.imgur.com/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/WvALXki.jpeg
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d09c6fab8e31836fdb5c3c9102ba5caba3e00d9a78c04f4f7629489b7ebd1eda
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

etag
"e900965d434231948db1b0ae1fa57356"
age
2434895
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
P2P_NmqHZhvfiN97r_N_OvyKM-YYxi0GIx6tVR8y0nQTSD7KobmvJg==
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
image/jpeg
last-modified
Sat, 30 Dec 2023 22:40:10 GMT
x-cache-hits
104, 2
x-served-by
cache-iad-kiad7000044-IAD, cache-lax-kwhp1940072-LAX
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1728991245.280864,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
content-length
112751
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

content-encoding
gzip
etag
W/"28feccc0-1762a"
age
3023413
x-cache
HIT, HIT
date
Tue, 15 Oct 2024 11:20:45 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
33951, 13441
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21983-LGA, cache-bur-kbur8200130-BUR
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1728991245.285870,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
33202
server
nginx
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
105 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Server
23.43.85.20 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-43-85-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

content-encoding
gzip
x-amz-meta-version
0.4.7
etag
"6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id
4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires
Tue, 15 Oct 2024 11:50:45 GMT
date
Tue, 15 Oct 2024 11:20:45 GMT
last-modified
Tue, 24 Sep 2024 20:55:06 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-id-2
mfKOFBR9eX4pmjDNgoAho79C33s5KsWEsle9BzS9WrJL6hZ5gG7bcly9CTZu7HmBIeV/kdxuU3w=
cache-control
max-age=1800
timing-allow-origin
*
x-amz-request-id
HMFB295P88AEH463
accept-ranges
bytes
access-control-allow-origin
*
content-length
20968
x-amz-server-side-encryption
AES256

Redirect headers

expires
Wed, 15 Oct 2025 11:20:45 GMT
cache-control
max-age=31536000
location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length
0
access-control-allow-origin
*
date
Tue, 15 Oct 2024 11:20:45 GMT
timing-allow-origin
*
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: od-jsc.pages.dev
URL: https://od-jsc.pages.dev/css2.css?family=Poppins:wght@500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bnsz.xyz
Referer
https://od-jsc.pages.dev/

Response headers

age
514298
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 12:29:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 12:29:07 GMT
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
bnr_xload.php
udbaa.com/ Frame 80E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://udbaa.com/bnr_xload.php?section=newk1&pub=886613&format=300x250&ga=g&xt=172899124616704&xtt=2377048&dateStr=10/15/2024%2001:20:46
Requested by
Host: udbaa.com
URL: https://udbaa.com/bnr.php?section=newk1&pub=886613&format=300x250&ga=g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.220 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.220.skhosting.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://bnsz.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type
text/html; charset=UTF-8
date
Tue, 15 Oct 2024 11:20:47 GMT
expires
Tue, 15 Oct 2024 11:20:47 GMT
last-modified
Tue, 15 Oct 2024 11:20:47 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow, noarchive, nosnippet
DroidNaskh-Bold.woff2
fonts.gstatic.com/ea/droidarabicnaskh/v7/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2
Requested by
Host: od-jsc.pages.dev
URL: https://od-jsc.pages.dev/droidarabicnaskh.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f3.1e100.net
Software
sffe /
Resource Hash
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://bnsz.xyz
Referer
https://od-jsc.pages.dev/

Response headers

content-encoding
gzip
age
500315
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 16:22:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 16:22:11 GMT
last-modified
Wed, 13 Aug 2014 16:50:04 GMT
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
41271
x-xss-protection
0
server
sffe
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:8476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
42311
cf-ray
8d2f6bfd4a1d7ea2-LAX
accept-ranges
bytes
content-length
4547
date
Tue, 15 Oct 2024 11:20:46 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
0.php
s4.histats.com/stats/ 		382 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4878818&@f16&@g1&@h1&@i1&@j1728991246978&@k0&@l1&@mCRE%2029%201%20-%20SHARE&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:55348170&@b3:1728991247&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534298.ip-149-56-240.net
Software
/
Resource Hash
cc187748a136110136448a5e79f232556ac54c21c14195a4def289dbf72673f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

Content-Length
382
Date
Tue, 15 Oct 2024 11:20:57 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
/
e.dtscout.com/e/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4878818&@f16&@g1&@h1&@i1&@j1728991246978&@k0&@l1&@mCRE%2029%201%20-%20SHARE&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:55348170&@b3:1728991247&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36726069c1310fe56c3639936a25772eb625e49fc793f100a1453f0ffc6a0f91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmXk3ZkfbrxWuPRJo2b0YCDT3WlAidHzO9OQOvfM6MUQBzakzXS1J1LBDWdLth1WEdUJAu1%2FA9MDM8xMFpRoGn6AhdolXvQW96PPDAjHurZ%2B7XYOClRZR7OKohqWH2TuasNsI92Hz3Jc1D4%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.238
cf-ray
8d2f6c017ce55245-LAX
expires
Tue, 15 Oct 2024 11:20:46 GMT
date
Tue, 15 Oct 2024 11:20:47 GMT
content-type
application/javascript
x-s
ger1
server
cloudflare
/
t.dtscout.com/idg/ Frame D41F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=51A01728991247CAC4DEDA06087E8530
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bnsz.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8d2f6c04ccdfdb8e-LAX
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 15 Oct 2024 11:20:48 GMT
expires
Tue, 15 Oct 2024 11:20:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyVJ5Fgh4OVfdmgZJhnGBE8YyoM4ixxDHZ4SgiRjR0FZ%2B4%2BroBBnXHSgi49yFOFUM5AEuwLkwUHco9ePcAhrWaxPkhR2Q7KTkvJkPQHViEaeEz%2BQMMAhCk48F4Mo8ee%2FxsrPMR0vAaI9Uvo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
t.dhj
pxdrop.lijit.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=bnsz.xyz&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5249fd3d85092a20d3b1ee857f3eb0d615e7e43a96c4075b8a2a311141753b39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Tue, 15 Oct 2024 12:20:48 GMT
Content-Length
1397
Date
Tue, 15 Oct 2024 11:20:48 GMT
Content-Type
text/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed192-4c00"
age
78622
cf-ray
8d2f6c04ddf2091a-LAX
expires
Fri, 18 Oct 2024 11:20:48 GMT
date
Tue, 15 Oct 2024 11:20:48 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
vary
Accept-Encoding
server
cloudflare
/
t.dtscout.com/pv/ 		51 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=bnsz.xyz&_ss=3l6j7pp7e0&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4zh2&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63e5b8f015f46a6c9e2f1d357c96eb46deae74027efd5429662eab7c073870c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BfJ0IumZbW1vvqiPe3vGOWCzY5W9ctYUFouyM%2FB6qmfxJvszyHIGUx6RCw7fmgsmYmceJdy%2BdGbafxLDGIxLqFswEda7QC4vQxFna78vs%2B5gfhfi95OpLOyt8NtlcLhq9vhSFFKez%2BfS5E%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.139
cf-ray
8d2f6c03eed05245-LAX
expires
Tue, 15 Oct 2024 11:20:47 GMT
date
Tue, 15 Oct 2024 11:20:48 GMT
content-type
application/javascript
server
cloudflare
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1728991248230&dn=AFWU&iso=0&pu=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&t=CRE%2029%201%20-%20SHARE&chmob=0
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/carrefour-29/crushare/

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag
"4bc8846c-23"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges
bytes
content-length
35
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Tue, 15 Oct 2024 11:20:48 GMT
content-type
image/gif
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
v2
de.tynt.com/deb/ 		894 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
52adf3295826bc9e30de4d6c6760696fcb8d668586da12a086c35d006fb48290

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/carrefour-29/crushare/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
894
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Tue, 15 Oct 2024 11:20:48 GMT
content-type
application/javascript
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2afd7a7856345176e1c9c378191ae043"
age
3699
via
1.1 8cade7b1319c32b4f7e5477c5302d6c8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
_OHhnIDx6Y1bo879G9G9K33H1EZ8dFI_1BHpwddsm_v9voj8jKRdUg==
date
Tue, 15 Oct 2024 10:19:10 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
/
t.dtscdn.com/widget/ 		0
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=51A01728991247CAC4DEDA06087E8530&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7J5NBMwsZRtQpzwJ8ub1FRYvnxNzvvDIhEf1W%2FFro%2FhMegdwqJ7xP9CiiS30KxKX%2FgnOA7Y29ac%2BN7XpjzbSFYH5Mu4d%2BX7mPRqng9bNGjla7GTv3Vytec9ovihcR%2FmD02KoZAF3nSgVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
1.44
cf-ray
8d2f6c082e881001-LAX
expires
Tue, 15 Oct 2024 10:21:09 GMT
date
Tue, 15 Oct 2024 11:20:48 GMT
content-type
application/javascript; charset=UTF-8
x-server
web12.ny1.dtscdn.com
server
cloudflare
cms
ups.analytics.yahoo.com/ups/58679/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A01728991247CAC4DEDA06087E8530
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=2a916b51bf3e90ea3dcd9042c8bd21b2&gdpr=1
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
0
0
t_.htm
pxdrop.lijit.com/a/ Frame B212 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1568.844&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=bnsz.xyz&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-34-59-30.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://bnsz.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Tue, 15 Oct 2024 11:20:48 GMT
Expires
Tue, 22 Oct 2024 11:20:48 GMT
X-Robots-Tag
noindex, nofollow
lotame-sync.html
cdn-tc.33across.com/ Frame 8914 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fbnsz.xyz%2Fcarrefour-29%2Fcrushare%2F%23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://bnsz.xyz/carrefour-29/crushare/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
38613
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
8d2f6c0aa8ed2f4a-LAX
content-encoding
gzip
content-type
text/html
date
Tue, 15 Oct 2024 11:20:49 GMT
etag
W/"651ed192-157"
expires
Fri, 18 Oct 2024 11:20:49 GMT
last-modified
Thu, 05 Oct 2023 15:09:06 GMT
server
cloudflare
vary
Accept-Encoding
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1728991248792.1
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=608fe027-7fb6-4f2f-b406-ed1b930f0b6d
42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=608fe027-7fb6-4f2f-b406-ed1b930f0b6d
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/carrefour-29/crushare/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Tue, 15 Oct 2024 11:20:49 GMT
content-type
image/gif

Redirect headers

location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=608fe027-7fb6-4f2f-b406-ed1b930f0b6d
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 15 Oct 2024 11:20:48 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
server
OXGW/0.0.0
dpx
i.simpli.fi/ 		0
0
sync
pippio.com/api/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1728991248792.4
  • https://pippio.com/api/sync?pid=5324&_=2
42 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&_=2
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/carrefour-29/crushare/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Tue, 15 Oct 2024 11:20:49 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 15 Oct 2024 11:20:49 GMT
dpx
i.simpli.fi/ 		0
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1728991248792.6
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCJGgubgGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&rand=04239966
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&rand=04239966&expected_cookie=df707dcc-264b-4b17-96a1-e7bdacf0e8a4
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&rand=04239966&expected_cookie=df707dcc-264b-4b17-96a1-e7bdacf0e8a4
Requested by
Host: bnsz.xyz
URL: https://bnsz.xyz/carrefour-29/crushare/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bnsz.xyz/carrefour-29/crushare/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 743EEB4E4BB14901A56288BD6C54F8B5 Ref B: LAX311000110029 Ref C: 2024-10-15T11:20:49Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYkgiVDAZzsmO0XVsDrFw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 15 Oct 2024 11:20:49 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
location
/db_sync?pid=10339&puuid=204d06e31c9872db5ab0eb21e6e956fcc338e337041537d973c046639939de89791426b5417dce21&rand=04239966&expected_cookie=df707dcc-264b-4b17-96a1-e7bdacf0e8a4
x-msedge-ref
Ref A: 5CB9DBD5C32D4BC5A72D24CFC8746AC2 Ref B: LAX311000110029 Ref C: 2024-10-15T11:20:49Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYkgiVA8GV/pa5Mglhz5A==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 15 Oct 2024 11:20:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
Domain
i.simpli.fi
URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1728991248792.2&ref=
Domain
i.simpli.fi
URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1728991248792.5&ref=

Verdicts & Comments Add Verdict or Comment

251 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 number| qs object| date string| dateStr function| $ function| jQuery number| likes number| comments number| shares string| text1 string| text2 string| text3 string| error string| cpa string| cpa1 string| cpa2 string| saved string| share string| tiaoban string| hour number| minute number| second string| mytime string| tb object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_g function| lt3825_ha object| lt3825_ object| lt3825_ma object| lt3825_na object| lt3825_p object| lt3825_Ma object| lt3825_6 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_h function| lt3825_ga function| lt3825_ia function| lt3825_i function| lt3825_ja function| lt3825_j function| lt3825_k function| lt3825_l function| lt3825_m function| lt3825_n function| lt3825_ka function| lt3825_la function| lt3825_o function| lt3825_q function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_ra function| lt3825_oa function| lt3825_pa function| lt3825_x function| lt3825_qa function| lt3825_y function| lt3825_z function| lt3825_B function| lt3825_C function| lt3825_r function| lt3825_D function| lt3825_E function| lt3825_sa function| lt3825_ta function| lt3825_ua function| lt3825_F function| lt3825_va function| lt3825_wa function| lt3825_G function| lt3825_H function| lt3825_xa function| lt3825_I function| lt3825_J function| lt3825_K function| lt3825_ya function| lt3825_za function| lt3825_M function| lt3825_Aa function| lt3825_N function| lt3825_L function| lt3825_Ba function| lt3825_Ca function| lt3825_Da function| lt3825_Ea function| lt3825_Fa function| lt3825_O function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_P function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_Qa function| lt3825_Ra function| lt3825_Sa function| lt3825_Ta function| lt3825_Ua function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_Ya function| lt3825_Q function| lt3825_R function| lt3825_Za function| lt3825_S function| lt3825_T function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_5a function| lt3825_2a function| lt3825_6a function| lt3825_4a function| lt3825_3a function| lt3825_Y function| lt3825_8a function| lt3825_9a function| lt3825_7a function| lt3825_$a function| lt3825__ function| lt3825_cb function| lt3825_eb function| lt3825_db function| lt3825_gb function| lt3825_bb function| lt3825_ab function| lt3825_Z function| lt3825_fb function| lt3825_2 function| lt3825_ib function| lt3825_kb function| lt3825_0 function| lt3825_jb function| lt3825_3 function| lt3825_1 function| lt3825_hb function| lt3825_lb function| lt3825_mb function| lt3825_qb function| lt3825_nb function| lt3825_ob function| lt3825_pb function| lt3825_rb function| lt3825_tb function| lt3825_sb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_xb function| lt3825_4 function| lt3825_5 function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_Bb function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_Gb function| lt3825_Hb function| lt3825_7 function| lt3825_Kb function| lt3825_Lb function| lt3825_Jb function| lt3825_Ib function| lt3825_Nb function| lt3825_Mb function| lt3825_Pb function| lt3825_Ob function| lt3825_Qb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_Ub function| lt3825_Vb function| lt3825_Xb function| lt3825__b function| lt3825_Zb function| lt3825_Wb function| lt3825_2b function| lt3825_Yb function| lt3825_0b function| lt3825_4b function| lt3825_3b function| lt3825_5b function| lt3825_1b function| lt3825_6b function| lt3825_7b function| lt3825_8b function| lt3825_8 function| lt3825_9b function| lt3825_$b function| lt3825_ac function| lt3825_bc function| lt3825_cc function| lt3825_9 function| lt3825_dc function| lt3825_ec function| lt3825_fc function| lt3825_gc function| lt3825_hc function| lt3825_ic function| lt3825_jc function| lt3825_$ function| lt3825_kc function| lt3825_nc function| lt3825_mc function| lt3825_oc function| lt3825_lc

38 Cookies

Domain/Path Name / Value
vmghh.space/148bcf03fc/bb6bac9292 Name: total_impressions
Value: 1
.bnsz.xyz/ Name: _tccl_visitor
Value: 18dc62fc-d66e-414d-baaf-dcd70ed4df80
.bnsz.xyz/ Name: _tccl_visit
Value: 18dc62fc-d66e-414d-baaf-dcd70ed4df80
.bnsz.xyz/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-10-15T11:20:46.735Z
bnsz.xyz/ Name: HstCfa4878818
Value: 1728991246978
bnsz.xyz/ Name: HstCla4878818
Value: 1728991246978
bnsz.xyz/ Name: HstCmu4878818
Value: 1728991246978
bnsz.xyz/ Name: HstPn4878818
Value: 1
bnsz.xyz/ Name: HstPt4878818
Value: 1
bnsz.xyz/ Name: HstCnv4878818
Value: 1
bnsz.xyz/ Name: HstCns4878818
Value: 1
.udbaa.com/ Name: used_ad2937601
Value: 1
.udbaa.com/ Name: total_impressions
Value: 1
.udbaa.com/ Name: cpa_673873
Value: 300x250_223516297_0
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: df
Value: 1728991247
.dtscout.com/ Name: l
Value: 51A01728991247CAC4DEDA06087E8530
.lijit.com/ Name: lijitAcc3PC
Value: 1
.bnsz.xyz/ Name: __dtsu
Value: 51A01728991247CAC4DEDA06087E8530
vmghh.space/ Name: used_ad2937601
Value: 1
.tynt.com/ Name: uid
Value: B8HSyGcOUBAIqsqFf0mL2g==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%220c1ae001bf%22%2C%22f%22%3A3%2C%22ts%22%3A1728991248792%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1728991248792%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1728991248792%7D%5D
.dtscdn.com/ Name: uid
Value: 51A01728991247CAC4DEDA06087E8530
.onaudience.com/ Name: cookie
Value: ccb7289769ee35aa
.onaudience.com/ Name: done_redirects161
Value: 1
.rlcdn.com/ Name: rlas3
Value: 4y6FJnrQ0Nd31uBxLTbOA5bxA5EYAi3FYilSELRxZK8=
.rlcdn.com/ Name: pxrc
Value: CJGgubgGEgUI6AcQABIFCOhHEAA=
.openx.net/ Name: i
Value: e6e5a018-1b76-46b8-b1a9-a500ceb35948|1728991249
.pippio.com/ Name: didts
Value: 1728991249
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: did
Value: rXyfJFJaz71g-Wy9
.pippio.com/ Name: pxrc
Value: CJGgubgGEgYIgr0rEAA=
.linkedin.com/ Name: li_sugr
Value: df707dcc-264b-4b17-96a1-e7bdacf0e8a4
.linkedin.com/ Name: bcookie
Value: "v=2&f8e470c8-0795-4190-81b1-4c6c6c63aff5"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2903:u=1:x=1:i=1728991249:t=1729077649:v=2:sig=AQEEZiJUW95iu3vaWiyWkD9sTjMpU6p3"
.onaudience.com/ Name: done_redirects252
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: a36670d28da1558d30ff62ba4a00df8d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnsz.xyz
cdn-tc.33across.com
cdn.tynt.com
code.jquery.com
de.tynt.com
e.dtscout.com
fonts.gstatic.com
i.imgur.com
i.simpli.fi
ic.tynt.com
idsync.rlcdn.com
img1.wsimg.com
od-jsc.pages.dev
pippio.com
px.ads.linkedin.com
pxdrop.lijit.com
rc.rlcdn.com
s10.histats.com
s4.histats.com
t.dtscdn.com
t.dtscout.com
tags.crwdcntrl.net
udbaa.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
i.simpli.fi
ups.analytics.yahoo.com
107.178.254.65
107.180.114.239
108.138.128.28
142.251.41.3
149.56.240.130
172.64.152.89
172.64.153.173
172.66.47.36
185.66.200.220
199.232.192.193
23.34.59.30
23.43.85.20
2606:4700:10::ac42:8476
2606:4700:20::681a:c3c
2606:4700:21::8d65:780b
2620:1ec:21::14
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::649
34.98.64.218
35.244.154.8
67.202.105.33
67.202.105.34
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
134133f20e51ce748626f8a9edf82f122e72d2765bf3fd2e37a1d0bca0813383
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397
36726069c1310fe56c3639936a25772eb625e49fc793f100a1453f0ffc6a0f91
39d8ba5c57b637434d21319acfa9fe2029cc88839cab8a4767b8854c60339921
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
42856a1066ecd5b234eab4f25eb60a835383cb304881a13d3a969d40da9d8502
4dd54c505638b72d4dba56c63070e5f206b5c91e2e6debf192a67ddbdcb803e8
5249fd3d85092a20d3b1ee857f3eb0d615e7e43a96c4075b8a2a311141753b39
52adf3295826bc9e30de4d6c6760696fcb8d668586da12a086c35d006fb48290
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
7b7cc49ed4945a43ca361ca9e327cd907f5520cec87858b820e02a6db6d55779
81d62c74016d8779cb91019934882095ad606798f3f32327fa4dadf9d023a4d5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842be935d39dcb195e58cafdaf280ac1088b22e48538b4946fe4fb18e9852706
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
983163f971593bcd09b71971f8cee6905a2bb8bfc104c68e1c8dacf69b308b08
a63e5b8f015f46a6c9e2f1d357c96eb46deae74027efd5429662eab7c073870c
bdc582fa7ee195e9ba35d3e72343d47c49a3481397f7cb8400bfc80c269356cf
bf4a1c482b18f9b46f7a0a7ea32656093b050d63ee4c1bcbb7427a52706d346c
cc187748a136110136448a5e79f232556ac54c21c14195a4def289dbf72673f7
d09c6fab8e31836fdb5c3c9102ba5caba3e00d9a78c04f4f7629489b7ebd1eda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e698c3bc4e4e3e39bd8b66115af57acd116c54e3864559e60c131241850a2f95
e988fe08759ab79543cfd638c4342d25f5541aec0b19f418bbc680ec1bd26d7f
ed11bf6576d4baffbe96af61bfc030bad4fc5a05a5e40b24927cf5036f1b6888
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe2e5b5ee01d8ddcfd16c09df801239f8778c322f64a287b88cdd103db813036