urlscan.io logo urlscan.io
SecurityTrails logo

preferredfuton.com Open in urlscan Pro
2606:4700:30::681f:40e4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://preferredfuton.com/wear_rm.php
Effective URL: https://preferredfuton.com/wear_rm.php
Submission: On November 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 2606:4700:30::681f:40e4, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is preferredfuton.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 14th 2019. Valid for: a year.
This is the only time preferredfuton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:30:... 13335 (CLOUDFLAR...)
7 151.101.12.155 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.217.22.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 5
2    2606:4700:30::681f:40e4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
preferredfuton.com
7    151.101.12.155 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
hips.hearstapps.com
3    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
3    172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
Domain Requested by
7 hips.hearstapps.com preferredfuton.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 preferredfuton.com 1 redirects
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com preferredfuton.com
15 7

This site contains links to these domains. Also see Links.

Domain
www.harpersbazaar.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-14 -
2020-09-13		 a year crt.sh
hearst-hdm.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-20 -
2020-07-12		 8 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://preferredfuton.com/wear_rm.php
Frame ID: 4E2D7584F002E04C163E020C83D5E0F5
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://preferredfuton.com/wear_rm.php HTTP 301
    https://preferredfuton.com/wear_rm.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Page Statistics

15
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

477 kB
Transfer

665 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://preferredfuton.com/wear_rm.php HTTP 301
    https://preferredfuton.com/wear_rm.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wear_rm.php
preferredfuton.com/
Redirect Chain
  • http://preferredfuton.com/wear_rm.php
  • https://preferredfuton.com/wear_rm.php
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:40e4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
008710f29aef80e6dc218bb9265ccae1b289020283c40633f261baf76de238b7

Request headers

:method
GET
:authority
preferredfuton.com
:scheme
https
:path
/wear_rm.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status
200
date
Wed, 20 Nov 2019 20:54:23 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5a420de37ab79d821dd299664bb46e131574283263; expires=Fri, 20-Dec-19 20:54:23 GMT; path=/; domain=.preferredfuton.com; HttpOnly; Secure
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
538d519a0f068c62-VIE
content-encoding
br

Redirect headers

Date
Wed, 20 Nov 2019 20:54:23 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 20 Nov 2019 21:54:23 GMT
Location
https://preferredfuton.com/wear_rm.php
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
538d5199eb74cbac-VIE
b71298f1-7d53-4c3b-9058-ec3f33578e97_1502104292.jpg
hips.hearstapps.com/rover/profile_photos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/rover/profile_photos/b71298f1-7d53-4c3b-9058-ec3f33578e97_1502104292.jpg?fill=1:1&resize=80:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e246c08d7a85a7d75b048f84a19e7589ec8d55d45d1b2f2da6a69847dfbf8485

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
80:80
age
2052165
x-canonical-ops
crop=1600:1600;0,0&resize=80:80
x-source-image-dimensions
1600:1600
status
200
x-animated
0
x-cache
HIT, HIT
content-length
1819
x-served-by
cache-iad2132-IAD, cache-fra19127-FRA
x-timer
S1574283263.113843,VS0,VE1
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Mon, 28 Oct 2019 14:51:37 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
karlie-kloss-dior-show-1515063571.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/karlie-kloss-dior-show-1515063571.jpg?resize=768:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
a37b9086a2abd3b251e8b1b71392bb52e38d0ca45e5499fbb46c91ccaf83fd1a

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
768:1152
age
1063345
x-canonical-ops
crop=2000:3000;0,0&resize=768:1152
x-source-image-dimensions
2000:3000
status
200
x-animated
0
x-cache
HIT, HIT
content-length
97878
x-served-by
cache-iad2125-IAD, cache-fra19127-FRA
x-timer
S1574283263.113933,VS0,VE3
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Sat, 09 Nov 2019 01:31:57 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4927ff21f7cd817e07b55310fa0a5192d01603d42a3742d275d1cbd6001860a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"343 / 757 of 1000 / last-modified: 1574196157"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15649
x-xss-protection
0
expires
Wed, 20 Nov 2019 20:54:23 GMT
elsa-hosk-shopping-1515061868.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/elsa-hosk-shopping-1515061868.jpg?crop=1xw:1xh;center,top&resize=768:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
02465193006df6bd7e55c5be4a995cce50b04fde9e1a6cae63051208d15be195

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
768:576
age
2077683
x-canonical-ops
crop=4000:3000;0,0&resize=768:576
x-source-image-dimensions
4000:3000
status
200
x-animated
0
x-cache
HIT, HIT
content-length
67091
x-served-by
cache-iad2142-IAD, cache-fra19127-FRA
x-timer
S1574283263.113923,VS0,VE1
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Mon, 28 Oct 2019 07:46:20 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
street-style-shopping-2-1515061983.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/street-style-shopping-2-1515061983.jpg?crop=1xw:1xh;center,top&resize=768:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
735ad44c5ccb1e144d227b2b6179cadf344e507e7c66a186cb6a3e74994378d1

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
768:1152
age
1895651
x-canonical-ops
crop=2000:3000;0,0&resize=768:1152
x-source-image-dimensions
2000:3000
status
200
x-animated
0
x-cache
HIT, HIT
content-length
102528
x-served-by
cache-iad2132-IAD, cache-fra19127-FRA
x-timer
S1574283263.114075,VS0,VE1
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2019 10:20:11 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
landscape-original-fannyvestiaire-jpg-5a8eeb3c.jpg
hips.hearstapps.com/harpersbazaaruk.cdnds.net/16/13/980x490/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/harpersbazaaruk.cdnds.net/16/13/980x490/landscape-original-fannyvestiaire-jpg-5a8eeb3c.jpg?resize=300:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
42f0af06c1c596105f434f794592546237940dee70564eba470e25a45f2ae5bb

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
300:150
age
283523
x-canonical-ops
crop=980:490;0,0&resize=300:150
x-source-image-dimensions
980:490
status
200
x-animated
0
x-cache
MISS, HIT
content-length
12977
x-served-by
cache-iad2148-IAD, cache-fra19127-FRA
x-timer
S1574283263.114068,VS0,VE1
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Mon, 18 Nov 2019 02:08:59 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
0, 1
landscape-1484234727-boutiques-lead.jpg
hips.hearstapps.com/harpersbazaaruk.cdnds.net/17/02/4000x2000/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/harpersbazaaruk.cdnds.net/17/02/4000x2000/landscape-1484234727-boutiques-lead.jpg?resize=300:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2e86e94a7ad0a71a56001a18e848ecfe70bb7eab770d01e1f31886a54bd69865

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
300:150
age
1859072
x-canonical-ops
crop=4000:2000;0,0&resize=300:150
x-source-image-dimensions
4000:2000
status
200
x-animated
0
x-cache
HIT, HIT
content-length
13014
x-served-by
cache-iad2135-IAD, cache-fra19127-FRA
x-timer
S1574283263.114046,VS0,VE1
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Wed, 30 Oct 2019 20:29:51 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
street-style-shopping-1515062093.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/street-style-shopping-1515062093.jpg?crop=1xw:1xh;center,top&resize=768:*
Requested by
Host: preferredfuton.com
URL: https://preferredfuton.com/wear_rm.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.155 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e162ea15abce9c4fad859e3ddc4e2294e5bea22161f25c634005665381bd1a3a

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
x-image-dimensions
768:1152
age
3683024
x-canonical-ops
crop=2000:3000;0,0&resize=768:1152
x-source-image-dimensions
2000:3000
status
200
x-animated
0
x-cache
HIT, HIT
content-length
84702
x-served-by
cache-iad2146-IAD, cache-fra19127-FRA
x-timer
S1574283263.121883,VS0,VE1
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
expires
Wed, 09 Oct 2019 17:50:39 GMT
cache-control
max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=preferredfuton.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=preferredfuton.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019111401.js
securepubads.g.doubleclick.net/gpt/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
7aee25147e91ea27917ac5cfd8ea30fdcae0e6b1072e51a1d644dafb76ab5c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 14:12:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59644
x-xss-protection
0
expires
Wed, 20 Nov 2019 20:54:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		391 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1001325478501921&correlator=4105504411599252&output=ldjh&impl=fifs&adsid=NT&eid=21062818&vrg=2019111401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191120&iu_parts=360613911%2CRedmas2019Display&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&bc=31&abxe=1&lmt=1574283263&dt=1574283263178&dlt=1574283263087&idt=71&frm=20&biw=1585&bih=1200&oid=3&adxs=8&adys=1450&adks=2586704649&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fpreferredfuton.com%2Fwear_rm.php&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x3934&msz=336x-1&ga_vid=1037763644.1574283263&ga_sid=1574283263&ga_hid=1232233152&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
49fc63ca467f0ae0026077b580114166c7285d22503d10e8d8f15267febb0b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer
https://preferredfuton.com/wear_rm.php
Origin
https://preferredfuton.com

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
204
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://preferredfuton.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019111401.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f2.1e100.net
Software
sffe /
Resource Hash
19293620368e303e572701f2f16c940806c142dd00dcccb877b16dfcd6f59c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 20:54:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 14:12:07 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25152
x-xss-protection
0
expires
Wed, 20 Nov 2019 20:54:23 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://preferredfuton.com/wear_rm.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls

1 Cookies

Domain/Path Name / Value
.preferredfuton.com/ Name: __cfduid
Value: d5a420de37ab79d821dd299664bb46e131574283263