urlscan.io logo urlscan.io
SecurityTrails logo

it.fungalor.com Open in urlscan Pro
212.224.124.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://it.serpolyakov.group/
Effective URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&...
Submission: On March 22 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 8 countries across 22 domains to perform 76 HTTP transactions. The main IP is 212.224.124.112, located in Germany and belongs to DE-FIRSTCOLO www.first-colo.net, DE. The main domain is it.fungalor.com.
This is the only time it.fungalor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 75.126.101.228 36351 (SOFTLAYER)
1 185.176.221.159 39845 (LV-2CLOUD...)
1 62.149.0.222 15497 (COLOCALL ...)
1 62.149.0.249 15497 (COLOCALL ...)
1 5 87.250.251.119 13238 (YANDEX)
1 2 52.19.234.238 16509 (AMAZON-02)
1 2 212.224.124.112 44066 (DE-FIRSTC...)
47 92.223.124.254 199524 (GCORE)
3 216.58.207.74 15169 (GOOGLE)
2 91.228.153.25 44066 (DE-FIRSTC...)
1 172.217.16.194 15169 (GOOGLE)
5 5 31.172.81.160 44066 (DE-FIRSTC...)
3 6 31.172.81.172 44066 (DE-FIRSTC...)
2 2 185.33.223.215 29990 (ASN-APPNEXUS)
2 3 31.172.81.158 44066 (DE-FIRSTC...)
1 172.217.21.194 15169 (GOOGLE)
4 216.58.207.67 15169 (GOOGLE)
1 31.172.81.242 44066 (DE-FIRSTC...)
1 216.58.207.68 15169 (GOOGLE)
1 88.208.58.206 39572 (ADVANCEDH...)
2 88.208.23.73 39572 (ADVANCEDH...)
76 18
1    75.126.101.228 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: e4.65.7e4b.ip4.static.sl-reverse.com
it.serpolyakov.group
1    185.176.221.159 (Latvia)

ASN39845 (LV-2CLOUD-ASN16, LV)
PTR: dima.marokv.2cloud.eu
www.fildud.top
1    62.149.0.222 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-222.memphis2.cc.colocall.com
scripts.mycounter.ua
1    62.149.0.249 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: get.mycounter.ua
get.mycounter.ua
5    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
2    52.19.234.238 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-234-238.eu-west-1.compute.amazonaws.com
delivery.bb2020.info
2    212.224.124.112 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde252-3.fornex.org
bgtrs.pro
it.fungalor.com
47    92.223.124.254 (Germany)

ASN199524 (GCORE, AT)
dadbab.info
static.user-grey.com
3    216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net
fonts.googleapis.com
2    91.228.153.25 (Frankfurt, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde252-4.fornex.org
user-actrk.com
1    172.217.16.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
5    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.user-grey.com
sync3.adsniper.ru
6    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
sync.user-grey.com
2    185.33.223.215 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
3    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.user-clicks.com
1    172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f194.1e100.net
googleads.g.doubleclick.net
4    216.58.207.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f3.1e100.net
fonts.gstatic.com
www.google.com.ua
1    31.172.81.242 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.users-api.com
1    216.58.207.68 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f4.1e100.net
www.google.com
1    88.208.58.206 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
xl-trk.com
2    88.208.23.73 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
rum.serv-ac.com
Domain Requested by
46 dadbab.info it.fungalor.com
dadbab.info
7 sync.user-grey.com 4 redirects it.fungalor.com
5 mc.yandex.ru 1 redirects www.fildud.top
4 sync3.adsniper.ru 4 redirects
3 fonts.gstatic.com it.fungalor.com
3 sync.user-clicks.com 2 redirects it.fungalor.com
3 fonts.googleapis.com it.fungalor.com
2 rum.serv-ac.com dadbab.info
2 ib.adnxs.com 2 redirects
2 user-actrk.com it.fungalor.com
2 delivery.bb2020.info 1 redirects
1 xl-trk.com it.fungalor.com
1 www.google.com.ua it.fungalor.com
1 www.google.com it.fungalor.com
1 sync.users-api.com it.fungalor.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com static.user-grey.com
1 static.user-grey.com it.fungalor.com
1 it.fungalor.com
1 bgtrs.pro 1 redirects
1 get.mycounter.ua www.fildud.top
1 scripts.mycounter.ua www.fildud.top
1 www.fildud.top
1 it.serpolyakov.group 1 redirects
76 24

This site contains links to these domains. Also see Links.

Domain
dadbab.info
ac-feedback.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Frame ID: E81A561446F43DCC98EAEEFDBE5569F
Requests: 76 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://it.serpolyakov.group/ HTTP 301
    http://www.fildud.top/delivery2/ Page URL
  2. http://delivery.bb2020.info/33305 HTTP 302
    http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE... Page URL
  3. http://bgtrs.pro/?target=-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE&ap=-1&publisher_id=3764&clickID=px... HTTP 302
    http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

76
Requests

0 %
HTTPS

0 %
IPv6

22
Domains

24
Subdomains

18
IPs

8
Countries

7986 kB
Transfer

8484 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://it.serpolyakov.group/ HTTP 301
    http://www.fildud.top/delivery2/ Page URL
  2. http://delivery.bb2020.info/33305 HTTP 302
    http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect_back=%2F%2Fdelivery.bb2020.info%2F33305%2F%3F%26tt%3D1 Page URL
  3. http://bgtrs.pro/?target=-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE&ap=-1&publisher_id=3764&clickID=px152171465994adc5ab385e31fdc9074621697 HTTP 302
    http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://it.serpolyakov.group/ HTTP 301
  • http://www.fildud.top/delivery2/
Request Chain 4
  • https://mc.yandex.ru/watch/35581560?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180322103057%3Aet%3A1521714658%3Aen%3Awindows-1251%3Av%3A1027%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A821499040%3Ahid%3A609198427%3Ads%3A374%2C37%2C39%2C1%2C704%2C0%2C0%2C103%2C0%2C%2C%2C%2C807%3Ast%3A1521714658%3Au%3A1521714658203476972 HTTP 302
  • https://mc.yandex.ru/watch/35581560/1?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180322103057%3Aet%3A1521714658%3Aen%3Awindows-1251%3Av%3A1027%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A821499040%3Ahid%3A609198427%3Ads%3A374%2C37%2C39%2C1%2C704%2C0%2C0%2C103%2C0%2C%2C%2C%2C807%3Ast%3A1521714658%3Au%3A1521714658203476972
Request Chain 7
  • http://delivery.bb2020.info/33305 HTTP 302
  • http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect_back=%2F%2Fdelivery.bb2020.info%2F33305%2F%3F%26tt%3D1
Request Chain 47
  • http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=start&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUyMTcxNDY1OTUxMiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MjE3MTQ2NTkzMzIsImRvbWFpbkxvb2t1cEVuZCI6MTUyMTcxNDY1OTQ2MSwiY29ubmVjdFN0YXJ0IjoxNTIxNzE0NjU5NDYxLCJjb25uZWN0RW5kIjoxNTIxNzE0NjU5NDY3LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUyMTcxNDY1OTQ2NywicmVzcG9uc2VTdGFydCI6MTUyMTcxNDY1OTQ5NywicmVzcG9uc2VFbmQiOjE1MjE3MTQ2NTk1MTIsImRvbUxvYWRpbmciOjE1MjE3MTQ2NTk1MTIsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=3008&page_type=landing&page_id=8233&page_esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&version=003 HTTP 302
  • http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjji87VBVIFyaDIuQ1aDgoFZXZlbnQSBXN0YXJ0WhAKCG9mZmVyX2lkEgQzMDA4WkMKCXBhZ2VfZXN1YhI2LTdFQTVRQ1FJZlp0Tlljd0VEX1FFRHdBc0RIUjR6S1NBR0FRQURFUWtLRVFFaUIyNXNNUUFBWg8KB3BhZ2VfaWQSBDgyMzNaFAoJcGFnZV90eXBlEgdsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTWpFM01UUTJOVGt6TURRc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RVeE1pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTWpFM01UUTJOVGt6TXpJc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXlNVGN4TkRZMU9UUTJNU3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVEl4TnpFME5qVTVORFl4TENKamIyNXVaV04wUlc1a0lqb3hOVEl4TnpFME5qVTVORFkzTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFEyTnl3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRNU55d2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU1qRTNNVFEyTlRrMU1USXNJbVJ2YlV4dllXUnBibWNpT2pFMU1qRTNNVFEyTlRrMU1USXNJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAz8gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ** HTTP 302
  • http://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjji87VBVIFyaDIuQ1aDgoFZXZlbnQSBXN0YXJ0WhAKCG9mZmVyX2lkEgQzMDA4WkMKCXBhZ2VfZXN1YhI2LTdFQTVRQ1FJZlp0Tlljd0VEX1FFRHdBc0RIUjR6S1NBR0FRQURFUWtLRVFFaUIyNXNNUUFBWg8KB3BhZ2VfaWQSBDgyMzNaFAoJcGFnZV90eXBlEgdsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTWpFM01UUTJOVGt6TURRc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RVeE1pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTWpFM01UUTJOVGt6TXpJc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXlNVGN4TkRZMU9UUTJNU3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVEl4TnpFME5qVTVORFl4TENKamIyNXVaV04wUlc1a0lqb3hOVEl4TnpFME5qVTVORFkzTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFEyTnl3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRNU55d2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU1qRTNNVFEyTlRrMU1USXNJbVJ2YlV4dllXUnBibWNpT2pFMU1qRTNNVFEyTlRrMU1USXNJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQHO94Fi28Eeig1wAlkORcOPIBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0* HTTP 302
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQABjji87VBVoOCgVldmVudBIFc3RhcnRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhEKBXNfdHJrEgh7VFJfS0VZfVoOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ** HTTP 302
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFc3RhcnRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhEKBXNfdHJrEgh7VFJfS0VZfVoOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ**
Request Chain 48
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.user-clicks.com%2F%3Fsrc%3Dgp3%26cmp%3Dadcombo%26cid%3DA2D4FF%26act%3Dload%26event%3Dmatch%26uid%3D%24UID&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUyMTcxNDY1OTUxMiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MjE3MTQ2NTkzMzIsImRvbWFpbkxvb2t1cEVuZCI6MTUyMTcxNDY1OTQ2MSwiY29ubmVjdFN0YXJ0IjoxNTIxNzE0NjU5NDYxLCJjb25uZWN0RW5kIjoxNTIxNzE0NjU5NDY3LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUyMTcxNDY1OTQ2NywicmVzcG9uc2VTdGFydCI6MTUyMTcxNDY1OTQ5NywicmVzcG9uc2VFbmQiOjE1MjE3MTQ2NTk1MTIsImRvbUxvYWRpbmciOjE1MjE3MTQ2NTk1MTIsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=3008&page_type=landing&page_id=8233&page_esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&version=003 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.user-clicks.com%252F%253Fsrc%253Dgp3%2526cmp%253Dadcombo%2526cid%253DA2D4FF%2526act%253Dload%2526event%253Dmatch%2526uid%253D%2524UID%26rawdata64%3DeyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUyMTcxNDY1OTUxMiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MjE3MTQ2NTkzMzIsImRvbWFpbkxvb2t1cEVuZCI6MTUyMTcxNDY1OTQ2MSwiY29ubmVjdFN0YXJ0IjoxNTIxNzE0NjU5NDYxLCJjb25uZWN0RW5kIjoxNTIxNzE0NjU5NDY3LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUyMTcxNDY1OTQ2NywicmVzcG9uc2VTdGFydCI6MTUyMTcxNDY1OTQ5NywicmVzcG9uc2VFbmQiOjE1MjE3MTQ2NTk1MTIsImRvbUxvYWRpbmciOjE1MjE3MTQ2NTk1MTIsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0%2A%26offer_id%3D3008%26page_type%3Dlanding%26page_id%3D8233%26page_esub%3D-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA%26version%3D003 HTTP 302
  • https://sync.user-clicks.com/?src=gp3&cmp=adcombo&cid=A2D4FF&act=load&event=match&uid=1423312156464479986&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUyMTcxNDY1OTUxMiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MjE3MTQ2NTkzMzIsImRvbWFpbkxvb2t1cEVuZCI6MTUyMTcxNDY1OTQ2MSwiY29ubmVjdFN0YXJ0IjoxNTIxNzE0NjU5NDYxLCJjb25uZWN0RW5kIjoxNTIxNzE0NjU5NDY3LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUyMTcxNDY1OTQ2NywicmVzcG9uc2VTdGFydCI6MTUyMTcxNDY1OTQ5NywicmVzcG9uc2VFbmQiOjE1MjE3MTQ2NTk1MTIsImRvbUxvYWRpbmciOjE1MjE3MTQ2NTk1MTIsImRvbUludGVyYWN0aXZlIjowLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=3008&page_type=landing&page_id=8233&page_esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&version=003 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjji87VBVIFybie7ARaDgoFZXZlbnQSBW1hdGNoWhAKCG9mZmVyX2lkEgQzMDA4WkMKCXBhZ2VfZXN1YhI2LTdFQTVRQ1FJZlp0Tlljd0VEX1FFRHdBc0RIUjR6S1NBR0FRQURFUWtLRVFFaUIyNXNNUUFBWg8KB3BhZ2VfaWQSBDgyMzNaFAoJcGFnZV90eXBlEgdsYW5kaW5nWs4FCglyYXdkYXRhNjQSwAVleUp1WVhacFoyRjBhVzl1VTNSaGNuUWlPakUxTWpFM01UUTJOVGt6TURRc0luVnViRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJblZ1Ykc5aFpFVjJaVzUwUlc1a0lqb3dMQ0p5WldScGNtVmpkRk4wWVhKMElqb3dMQ0p5WldScGNtVmpkRVZ1WkNJNk1Dd2labVYwWTJoVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RVeE1pd2laRzl0WVdsdVRHOXZhM1Z3VTNSaGNuUWlPakUxTWpFM01UUTJOVGt6TXpJc0ltUnZiV0ZwYmt4dmIydDFjRVZ1WkNJNk1UVXlNVGN4TkRZMU9UUTJNU3dpWTI5dWJtVmpkRk4wWVhKMElqb3hOVEl4TnpFME5qVTVORFl4TENKamIyNXVaV04wUlc1a0lqb3hOVEl4TnpFME5qVTVORFkzTENKelpXTjFjbVZEYjI1dVpXTjBhVzl1VTNSaGNuUWlPakFzSW5KbGNYVmxjM1JUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFEyTnl3aWNtVnpjRzl1YzJWVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRNU55d2ljbVZ6Y0c5dWMyVkZibVFpT2pFMU1qRTNNVFEyTlRrMU1USXNJbVJ2YlV4dllXUnBibWNpT2pFMU1qRTNNVFEyTlRrMU1USXNJbVJ2YlVsdWRHVnlZV04wYVhabElqb3dMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloaCgN1aWQSEzE0MjMzMTIxNTY0NjQ0Nzk5ODZaDgoHdmVyc2lvbhIDMDAz8gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY* HTTP 302
  • https://sync.user-clicks.com/?src=gp3&s_data=CAIQABjji87VBVoOCgVldmVudBIFbWF0Y2haEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhoKA3VpZBITMTQyMzMxMjE1NjQ2NDQ3OTk4NloOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY* HTTP 302
  • https://sync.user-clicks.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFbWF0Y2haEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhoKA3VpZBITMTQyMzMxMjE1NjQ2NDQ3OTk4NloOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY*
Request Chain 68
  • http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=domload&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUyMTcxNDY1OTUxMiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MjE3MTQ2NTkzMzIsImRvbWFpbkxvb2t1cEVuZCI6MTUyMTcxNDY1OTQ2MSwiY29ubmVjdFN0YXJ0IjoxNTIxNzE0NjU5NDYxLCJjb25uZWN0RW5kIjoxNTIxNzE0NjU5NDY3LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUyMTcxNDY1OTQ2NywicmVzcG9uc2VTdGFydCI6MTUyMTcxNDY1OTQ5NywicmVzcG9uc2VFbmQiOjE1MjE3MTQ2NTk1MTIsImRvbUxvYWRpbmciOjE1MjE3MTQ2NTk1MTIsImRvbUludGVyYWN0aXZlIjoxNTIxNzE0NjU5NzQwLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MTUyMTcxNDY1OTc0MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjowLCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH0*&offer_id=3008&page_type=landing&page_id=8233&page_esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&version=003 HTTP 302
  • http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjji87VBVIFyaDIuQ1aEAoFZXZlbnQSB2RvbWxvYWRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmda7gUKCXJhd2RhdGE2NBLgBWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpveE5USXhOekUwTmpVNU56UXdMQ0prYjIxRGIyNTBaVzUwVEc5aFpHVmtSWFpsYm5SVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RjME1Dd2laRzl0UTI5dWRHVnVkRXh2WVdSbFpFVjJaVzUwUlc1a0lqb3dMQ0prYjIxRGIyMXdiR1YwWlNJNk1Dd2liRzloWkVWMlpXNTBVM1JoY25RaU9qQXNJbXh2WVdSRmRtVnVkRVZ1WkNJNk1IMCpaEQoFc190cmsSCHtUUl9LRVl9Wg4KB3ZlcnNpb24SAzAwM_IBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0* HTTP 302
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQABjji87VBVoQCgVldmVudBIHZG9tbG9hZFoQCghvZmZlcl9pZBIEMzAwOFpDCglwYWdlX2VzdWISNi03RUE1UUNRSWZadE5ZY3dFRF9RRUR3QXNESFI0ektTQUdBUUFERVFrS0VRRWlCMjVzTVFBQVoPCgdwYWdlX2lkEgQ4MjMzWhQKCXBhZ2VfdHlwZRIHbGFuZGluZ1ruBQoJcmF3ZGF0YTY0EuAFZXlKdVlYWnBaMkYwYVc5dVUzUmhjblFpT2pFMU1qRTNNVFEyTlRrek1EUXNJblZ1Ykc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW5WdWJHOWhaRVYyWlc1MFJXNWtJam93TENKeVpXUnBjbVZqZEZOMFlYSjBJam93TENKeVpXUnBjbVZqZEVWdVpDSTZNQ3dpWm1WMFkyaFRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UVXhNaXdpWkc5dFlXbHVURzl2YTNWd1UzUmhjblFpT2pFMU1qRTNNVFEyTlRrek16SXNJbVJ2YldGcGJreHZiMnQxY0VWdVpDSTZNVFV5TVRjeE5EWTFPVFEyTVN3aVkyOXVibVZqZEZOMFlYSjBJam94TlRJeE56RTBOalU1TkRZeExDSmpiMjV1WldOMFJXNWtJam94TlRJeE56RTBOalU1TkRZM0xDSnpaV04xY21WRGIyNXVaV04wYVc5dVUzUmhjblFpT2pBc0luSmxjWFZsYzNSVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRMk55d2ljbVZ6Y0c5dWMyVlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTVOeXdpY21WemNHOXVjMlZGYm1RaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVeHZZV1JwYm1jaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVbHVkR1Z5WVdOMGFYWmxJam94TlRJeE56RTBOalU1TnpRd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVGMwTUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQHO94Fi28Eeig1wAlkORcOPIBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0* HTTP 302
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoQCgVldmVudBIHZG9tbG9hZFoQCghvZmZlcl9pZBIEMzAwOFpDCglwYWdlX2VzdWISNi03RUE1UUNRSWZadE5ZY3dFRF9RRUR3QXNESFI0ektTQUdBUUFERVFrS0VRRWlCMjVzTVFBQVoPCgdwYWdlX2lkEgQ4MjMzWhQKCXBhZ2VfdHlwZRIHbGFuZGluZ1ruBQoJcmF3ZGF0YTY0EuAFZXlKdVlYWnBaMkYwYVc5dVUzUmhjblFpT2pFMU1qRTNNVFEyTlRrek1EUXNJblZ1Ykc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW5WdWJHOWhaRVYyWlc1MFJXNWtJam93TENKeVpXUnBjbVZqZEZOMFlYSjBJam93TENKeVpXUnBjbVZqZEVWdVpDSTZNQ3dpWm1WMFkyaFRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UVXhNaXdpWkc5dFlXbHVURzl2YTNWd1UzUmhjblFpT2pFMU1qRTNNVFEyTlRrek16SXNJbVJ2YldGcGJreHZiMnQxY0VWdVpDSTZNVFV5TVRjeE5EWTFPVFEyTVN3aVkyOXVibVZqZEZOMFlYSjBJam94TlRJeE56RTBOalU1TkRZeExDSmpiMjV1WldOMFJXNWtJam94TlRJeE56RTBOalU1TkRZM0xDSnpaV04xY21WRGIyNXVaV04wYVc5dVUzUmhjblFpT2pBc0luSmxjWFZsYzNSVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRMk55d2ljbVZ6Y0c5dWMyVlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTVOeXdpY21WemNHOXVjMlZGYm1RaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVeHZZV1JwYm1jaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVbHVkR1Z5WVdOMGFYWmxJam94TlRJeE56RTBOalU1TnpRd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVGMwTUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQHO94Fi28Eeig1wAlkORcOPIBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0*

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.fildud.top/delivery2/
Redirect Chain
  • http://it.serpolyakov.group/
  • http://www.fildud.top/delivery2/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
185.176.221.159 , Latvia, ASN39845 (LV-2CLOUD-ASN16, LV),
Reverse DNS
dima.marokv.2cloud.eu
Software
Apache/2.2.22 (@RELEASE@) /
Resource Hash
4841ce2c55176feb3284bc5b284cd7710c075dd8ab27185f11b8f3bec7e2c665

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.fildud.top
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:57 GMT
X-Pad
avoid browser bug
Last-Modified
Wed, 21 Mar 2018 17:04:33 GMT
Server
Apache/2.2.22 (@RELEASE@)
ETag
"1a0514-5c9-567ef2f66daa0"
Content-Type
text/html
Connection
close
Accept-Ranges
bytes
Content-Length
1481

Redirect headers

Location
http://www.fildud.top/delivery2/
Date
Thu, 22 Mar 2018 10:30:57 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.0.27
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
counter2.0.js
scripts.mycounter.ua/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://scripts.mycounter.ua/counter2.0.js
Requested by
Host: www.fildud.top
URL: http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
62.149.0.222 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-222.memphis2.cc.colocall.com
Software
nginx/1.10.3 /
Resource Hash
d8a78a47f9aa9963f8104743d55fb23ab68f09fd17afc58c06a5d223f350fa0d

Request headers

Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:57 GMT
Last-Modified
Mon, 29 May 2017 13:14:16 GMT
Server
nginx/1.10.3
ETag
"592c1ea8-e43"
Content-Type
application/javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3651
Expires
Thu, 22 Mar 2018 11:30:57 GMT
counter.php
get.mycounter.ua/ 		704 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://get.mycounter.ua/counter.php?id=165747&w=http%3A//www.fildud.top/delivery2/&s=1600x1200x24&c=1&j=7
Requested by
Host: www.fildud.top
URL: http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
62.149.0.249 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
get.mycounter.ua
Software
MyCounter TCP Server v.2.0.0 /
Resource Hash
8693391f617d6513f80977cd06d51f46ed6931fe4de3a92c71b501be9c70928a

Request headers

Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 12:30:57 GMT
Server
MyCounter TCP Server v.2.0.0
Content-Type
image/png
Cache-control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
704
Expires
0
watch.js
mc.yandex.ru/metrika/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.fildud.top
URL: http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
a230d84b9852737c36e10d08eef14663a995b110ebcf7507319efce132efd5af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Mar 2018 12:34:47 GMT
Server
nginx/1.8.1
Strict-Transport-Security
max-age=31536000
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
33971
Expires
Thu, 22 Mar 2018 11:30:57 GMT
1
mc.yandex.ru/watch/35581560/
Redirect Chain
  • https://mc.yandex.ru/watch/35581560?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A16...
  • https://mc.yandex.ru/watch/35581560/1?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/35581560/1?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180322103057%3Aet%3A1521714658%3Aen%3Awindows-1251%3Av%3A1027%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A821499040%3Ahid%3A609198427%3Ads%3A374%2C37%2C39%2C1%2C704%2C0%2C0%2C103%2C0%2C%2C%2C%2C807%3Ast%3A1521714658%3Au%3A1521714658203476972
Requested by
Host: www.fildud.top
URL: http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Mar 2018 10:30:57 GMT
Last-Modified
Thu, 22 Mar 2018 10:30:57 GMT
Server
nginx/1.8.1
Location
https://mc.yandex.ru/watch/35581560/1?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180322103057%3Aet%3A1521714658%3Aen%3Awindows-1251%3Av%3A1027%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A821499040%3Ahid%3A609198427%3Ads%3A374%2C37%2C39%2C1%2C704%2C0%2C0%2C103%2C0%2C%2C%2C%2C807%3Ast%3A1521714658%3Au%3A1521714658203476972
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://www.fildud.top
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 22 Mar 2018 10:30:57 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Mar 2018 10:30:57 GMT
Last-Modified
Thu, 22 Mar 2018 10:30:57 GMT
Server
nginx/1.8.1
Location
https://mc.yandex.ru/watch/35581560/1?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180322103057%3Aet%3A1521714658%3Aen%3Awindows-1251%3Av%3A1027%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A821499040%3Ahid%3A609198427%3Ads%3A374%2C37%2C39%2C1%2C704%2C0%2C0%2C103%2C0%2C%2C%2C%2C807%3Ast%3A1521714658%3Au%3A1521714658203476972
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://www.fildud.top
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Thu, 22 Mar 2018 10:30:57 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.fildud.top
URL: http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:57 GMT
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.8.1
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Thu, 13 Feb 2048 10:30:57 GMT
1
mc.yandex.ru/watch/35581560/ 		126 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/35581560/1?wmode=7&page-url=http%3A%2F%2Fwww.fildud.top%2Fdelivery2%2F&charset=utf-8&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20180322103057%3Aet%3A1521714658%3Aen%3Awindows-1251%3Av%3A1027%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A821499040%3Ahid%3A609198427%3Ads%3A374%2C37%2C39%2C1%2C704%2C0%2C0%2C103%2C0%2C%2C%2C%2C807%3Ast%3A1521714658%3Au%3A1521714658203476972
Requested by
Host: www.fildud.top
URL: http://www.fildud.top/delivery2/
Protocol
HTTP/1.1
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
nginx/1.8.1 /
Resource Hash
9ab916bd547e4e2b15a54b26295dfd83dfef7be6f9727c3e51c367824cf6441c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
E81A561446F43DCC98EAEEFDBE5569F
Origin
http://www.fildud.top
Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 22 Mar 2018 10:30:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 22 Mar 2018 10:30:57 GMT
Server
nginx/1.8.1
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin
http://www.fildud.top
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
126
X-XSS-Protection
1; mode=block
Expires
Thu, 22 Mar 2018 10:30:57 GMT
Cookie set r
delivery.bb2020.info/
Redirect Chain
  • http://delivery.bb2020.info/33305
  • http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect...
869 B
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect_back=%2F%2Fdelivery.bb2020.info%2F33305%2F%3F%26tt%3D1
Protocol
HTTP/1.1
Server
52.19.234.238 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-234-238.eu-west-1.compute.amazonaws.com
Software
nginx / HHVM/3.18.1
Resource Hash
75b0859dbdf03714b7833538020c05e7584b3da0665188ffba561e2de0e3ade1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
delivery.bb2020.info
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.fildud.top/delivery2/
Cookie
51D_Bandwidth=1521714659.0984; ubbc=eyJpdiI6IlVVaXk3UCs2MVJPS2cxREdHSmxpVXc9PSIsInZhbHVlIjoibWpsQzVsTW9uRDBROENvY1lJMGVjdz09IiwibWFjIjoiZmIzM2ZkYjg5YzFhNWJiYTViNDZhODQ4YmI1MGY4MzNlZjBkMTNkNTM5MTdkMDc2MDRkNzY2M2UzNTEzMmVlNCJ9; bbuc=eyJpdiI6ImJGVWlVblhHcG9DaHAzZmlqUVNiZlE9PSIsInZhbHVlIjoiMlBmYVRMTytYTHdGT1lqY0Vpd0tYbUNLMlNyXC8rbTI5aXZOcWJDNlwvUVRZPSIsIm1hYyI6ImRiZmMxM2QyMGZlN2MyY2VhMmU1MjIxMjFkZDZkZjBjZGJmZTY5ZDNmNjRkYjIxZTFiMjY1ODE5OGFmMjhjNTcifQ%3D%3D; bbrc=eyJpdiI6InhWTmlcL1ByV0tOcDJtRVY0cW1MXC9xUT09IiwidmFsdWUiOiJJbmRXc0NxZ1dKdHZjVkpIMTZoaHN3PT0iLCJtYWMiOiJlNzYyNTlhMjVkMjMzOWVlMzVkODUwNDQ4NWQ3Yzc5MmE4MTQzNGE3ZWM5MjZlZjAyYzEyMWE4ZTY4OTNlODRkIn0%3D; laravel_session=eyJpdiI6IkpZVDVQSG9ZMnZzNEtYMTlPMGdKUmc9PSIsInZhbHVlIjoiWlNMRURMQkpFTjRQUDdZYWZZUllZTEpXNkE4aFhuZHl3eTZCUXhOdlBoTTZuVnBoQURxYVZvNWdzR3ZMRHRQbXFTOUFJTWllXC94WkVmSkdzSDlQN2JRPT0iLCJtYWMiOiI0YjhmZjJhMDI0MjUyM2U0ZTBiYzQ3NzA3OTdmMGFjYjIxNDE2ZWYxZmQ4Nzc4OWRjNGQ3MjJhYmFhNjc0NWM1In0%3D; AWSELB=719F039D141C26837B606B310FD54CCAC87D48F422902FF46264A82A7961667F388CC9313986CBC22B478C748306AF7B925DC4861F768093AA9BFF29BC2D4A2ACA78EEC3F5
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.fildud.top/delivery2/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
HHVM/3.18.1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Set-Cookie
laravel_session=eyJpdiI6IjErektvNW43ZUlvcGRNT3dmcm9GWHc9PSIsInZhbHVlIjoidzlJUERvdUdTbnVtTW5vXC9YejVVMXNCbnVwNDBJd1hIVHo5dmg0TFhUNWRmYktDdmlVQ2JqcXdGcHk4amUzTmhVV0hNUHhOVjVoY0pDME44N2FGZ1BBPT0iLCJtYWMiOiIyNzlkZDk0NTFlOGUxNzk1NmZhZWVkMzY5NzI0NTM2YWE0YTU1Y2RlMzBmNDA4ZGIxNDUwZGI4MDc5MzhjOWQyIn0%3D; path=/; httponly
Cache-Control
no-cache
Connection
keep-alive
Content-Length
438

Redirect headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
HHVM/3.18.1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Location
http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect_back=%2F%2Fdelivery.bb2020.info%2F33305%2F%3F%26tt%3D1
Set-Cookie
51D_Bandwidth=1521714659.0984 ubbc=eyJpdiI6IlVVaXk3UCs2MVJPS2cxREdHSmxpVXc9PSIsInZhbHVlIjoibWpsQzVsTW9uRDBROENvY1lJMGVjdz09IiwibWFjIjoiZmIzM2ZkYjg5YzFhNWJiYTViNDZhODQ4YmI1MGY4MzNlZjBkMTNkNTM5MTdkMDc2MDRkNzY2M2UzNTEzMmVlNCJ9; expires=Fri, 23-Mar-2018 10:30:59 GMT; Max-Age=86400; path=/; httponly bbuc=eyJpdiI6ImJGVWlVblhHcG9DaHAzZmlqUVNiZlE9PSIsInZhbHVlIjoiMlBmYVRMTytYTHdGT1lqY0Vpd0tYbUNLMlNyXC8rbTI5aXZOcWJDNlwvUVRZPSIsIm1hYyI6ImRiZmMxM2QyMGZlN2MyY2VhMmU1MjIxMjFkZDZkZjBjZGJmZTY5ZDNmNjRkYjIxZTFiMjY1ODE5OGFmMjhjNTcifQ%3D%3D; expires=Fri, 23-Mar-2018 10:30:59 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6InhWTmlcL1ByV0tOcDJtRVY0cW1MXC9xUT09IiwidmFsdWUiOiJJbmRXc0NxZ1dKdHZjVkpIMTZoaHN3PT0iLCJtYWMiOiJlNzYyNTlhMjVkMjMzOWVlMzVkODUwNDQ4NWQ3Yzc5MmE4MTQzNGE3ZWM5MjZlZjAyYzEyMWE4ZTY4OTNlODRkIn0%3D; expires=Thu, 22-Mar-2018 17:30:59 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6IkpZVDVQSG9ZMnZzNEtYMTlPMGdKUmc9PSIsInZhbHVlIjoiWlNMRURMQkpFTjRQUDdZYWZZUllZTEpXNkE4aFhuZHl3eTZCUXhOdlBoTTZuVnBoQURxYVZvNWdzR3ZMRHRQbXFTOUFJTWllXC94WkVmSkdzSDlQN2JRPT0iLCJtYWMiOiI0YjhmZjJhMDI0MjUyM2U0ZTBiYzQ3NzA3OTdmMGFjYjIxNDE2ZWYxZmQ4Nzc4OWRjNGQ3MjJhYmFhNjc0NWM1In0%3D; path=/; httponly AWSELB=719F039D141C26837B606B310FD54CCAC87D48F422902FF46264A82A7961667F388CC9313986CBC22B478C748306AF7B925DC4861F768093AA9BFF29BC2D4A2ACA78EEC3F5;PATH=/;MAX-AGE=60
Cache-Control
no-cache no-cache="set-cookie"
Connection
keep-alive
Content-Length
361
Primary Request Cookie set /
it.fungalor.com/azmfcvzezk/Fungalor_IT/
Redirect Chain
  • http://bgtrs.pro/?target=-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE&ap=-1&publisher_id=3764&clickID=px152171465994adc5ab385e31fdc9074621697
  • http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
75 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
212.224.124.112 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde252-3.fornex.org
Software
nginx /
Resource Hash
a68388707db5e8a709480239734855cb06128324d4763a953e01f64654f8a316

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
it.fungalor.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect_back=%2F%2Fdelivery.bb2020.info%2F33305%2F%3F%26tt%3D1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://delivery.bb2020.info/r?url=http%3A%2F%2Fbgtrs.pro%2F%3Ftarget%3D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%26ap%3D-1%26publisher_id%3D3764%26clickID%3Dpx152171465994adc5ab385e31fdc9074621697&redirect_back=%2F%2Fdelivery.bb2020.info%2F33305%2F%3F%26tt%3D1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Set-Cookie
previous_uniq=1521714659; Expires=Sun, 06-May-2018 10:30:59 GMT; Path=/ offer_3008_user_id=509; Expires=Sun, 06-May-2018 10:30:59 GMT; Path=/ offer_id_3008=1; Expires=Sun, 06-May-2018 10:30:59 GMT; Path=/ session=eyJfcGVybWFuZW50Ijp0cnVlfQ.DZUXYw.aw8Q2jIHkyobi1vGx6n-sYi9tKA; Expires=Sun, 06-May-2018 10:30:59 GMT; HttpOnly; Path=/
Cache-Control
no-transform, no-cache
Transfer-Encoding
chunked
Connection
keep-alive
X-Node
slave-nl1 dsde252

Redirect headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Server
nginx
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Location
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Set-Cookie
offer_id_3008=True; Expires=Sun, 06-May-2018 10:30:59 GMT; Path=/ session=eyJfcGVybWFuZW50Ijp0cnVlfQ.DZUXYw.fmRAY28THRFJYf6WmzoDogU7vTQ; Expires=Sun, 06-May-2018 10:30:59 GMT; HttpOnly; Path=/
Cache-Control
no-transform, no-cache
Connection
keep-alive
Content-Length
587
Content-Type
text/html; charset=utf-8
X-Node
slave-nl1 dsde252
acrum.min.js
dadbab.info/content/shared/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/acrum.min.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
1410573e02a33ef9a195cac8684ec167f8431f80d64b5ad8b041c2615275e86b

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2017 08:39:57 GMT
Server
nginx
Cache
HIT
ETag
W/"59e7135d-1852"
Vary
Accept-Encoding
X-Cached-Since
2018-03-18T13:58:00+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-a245
jquery-1.12.4.min.js
dadbab.info/content/shared/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/jquery-1.12.4.min.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2017 15:35:56 GMT
Server
nginx
Cache
HIT
ETag
W/"59e6235c-17b8a"
Vary
Accept-Encoding
X-Cached-Since
2018-03-18T16:23:29+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-gc4
pix_o_ea3eca5a7bb34ce8deb4fdf6904e8b45.js
static.user-grey.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.user-grey.com/js/pix_o_ea3eca5a7bb34ce8deb4fdf6904e8b45.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
852449c339b75e7d52bcf85c691a250867c6427d0b7fcabfbb54f31fea37dad5

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ID
fr5-up-gc4
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Thu, 22 Mar 2018 09:47:01 GMT
Server
nginx
ETag
"5ab37b95-a4d"
X-Cached-Since
2018-03-22T09:47:28+00:00
Content-Type
application/javascript
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2637
placeholders-3.0.2.min.js
dadbab.info/content/shared/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/placeholders-3.0.2.min.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2017 15:35:56 GMT
Server
nginx
Cache
HIT
ETag
W/"59e6235c-10aa"
Vary
Accept-Encoding
X-Cached-Since
2018-03-20T19:09:14+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-gc4
moment-with-locales-2.18.1.min.js
dadbab.info/content/shared/js/ 		243 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/moment-with-locales-2.18.1.min.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
5a423b0df260fa67d26563563e00c2000944ac7aafceb7448eb303705168688e

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2017 15:35:56 GMT
Server
nginx
Cache
HIT
ETag
W/"59e6235c-3cd3f"
Vary
Accept-Encoding
X-Cached-Since
2018-03-21T08:38:03+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-a245
dr-dtime.js
dadbab.info/content/shared/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/dr-dtime.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
fe9463166b41b5b741f0e18f2011687617754aa89395f9ca984a0888ba6a3a05

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2017 15:35:56 GMT
Server
nginx
Cache
HIT
ETag
W/"59e6235c-35af"
Vary
Accept-Encoding
X-Cached-Since
2018-03-20T19:09:14+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-gc4
order_me.js
dadbab.info/content/shared/js/ 		378 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/order_me.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
2addcc6d9c36be2a231a1e9830cc0a39a5152de989e7be9ca7099dd4ed7128fd

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 17 Oct 2017 15:35:56 GMT
Server
nginx
ETag
"59e6235c-17a"
X-Cached-Since
2018-03-18T16:23:31+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
378
X-ID
fr5-up-gc4
order_me.css
dadbab.info/content/shared/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/css/order_me.css
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
3d49fc411601b1a0a5ae9215d2da55472d01393cf9fb1e588cb5eb94aa2efb1e

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2017 15:35:56 GMT
Server
nginx
Cache
HIT
ETag
W/"59e6235c-1662"
Vary
Accept-Encoding
X-Cached-Since
2018-03-18T16:23:31+00:00
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-gc4
validation.js
dadbab.info/content/shared/js/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/validation.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
80c3bdf4400ab2bd4a9dc1f1bc0fa3c2409ce594a96ad8c79478805b15bbd139

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2017 11:14:45 GMT
Server
nginx
Cache
HIT
ETag
W/"5a38f4a5-b906"
Vary
Accept-Encoding
X-Cached-Since
2018-03-21T12:37:57+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-gc4
video_avid.js
dadbab.info/content/shared/js/ 		318 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/video_avid.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
079e99f427639d8e64efe4e797ee7814221f9014500b5bc5b3a7ad4928b692d6

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 28 Feb 2018 14:20:46 GMT
Server
nginx
ETag
"5a96babe-13e"
X-Cached-Since
2018-03-20T14:22:34+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
318
X-ID
fr5-up-a245
secondPage.js
dadbab.info/content/second/Fresh_Fingers_SP_IT/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/js/secondPage.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
1c0490caba64cd96f43195f57b360b683e0b0b71191b9b472e4292e1bceebb46

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ID
fr5-up-gc4
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cached-Since
2018-03-21T15:33:55+00:00
Connection
keep-alive
Pragma
public
Last-Modified
Wed, 07 Mar 2018 13:31:32 GMT
Server
nginx
ETag
W/"5a9fe9b4-64ce"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Expires
Sat, 17 Mar 2018 14:30:06 GMT
secondPage.css
dadbab.info/content/second/Fresh_Fingers_SP_IT/css/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/css/secondPage.css
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
f82a4f26d717ec4a212b8ba412b7cc1eb65cca71b803eab8ee4540fb55fa8f72

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ID
fr5-up-a245
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cached-Since
2018-03-21T14:51:33+00:00
Connection
keep-alive
Pragma
public
Last-Modified
Mon, 12 Mar 2018 10:18:09 GMT
Server
nginx
ETag
W/"5aa653e1-d41d"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Expires
Sat, 17 Mar 2018 14:35:04 GMT
css
fonts.googleapis.com/ 		14 KB
992 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500,400,300,700,900,100&subset=latin,latin-ext
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
69a6ad9f35ff32bf8750551ed1d5fbad6b5db56c92da5536902bb96f3ac23cf2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 22 Mar 2018 10:30:59 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 10:30:59 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 22 Mar 2018 10:30:59 GMT
style.css
dadbab.info/content/Fungalor_IT/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/Fungalor_IT/css/style.css
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
b837f4fa273d79c2566896754cdd61abff6b5e83d11fb8ae48f810bcd2f1a5b2

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-ID
fr5-up-gc4
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cached-Since
2018-03-21T17:34:37+00:00
Connection
keep-alive
Pragma
public
Last-Modified
Mon, 12 Mar 2018 11:50:10 GMT
Server
nginx
ETag
W/"5aa66972-334c"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Expires
Tue, 13 Mar 2018 16:03:50 GMT
logo_03.png
dadbab.info/content/Fungalor_IT/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/logo_03.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
ef342fcd879f7f7c3712cfc2d555f8eec968e12655b80a756b608a83765e8e08

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:46 GMT
Server
nginx
ETag
"591a9192-54dd"
X-Cached-Since
2018-03-21T22:14:26+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21725
X-ID
fr5-up-a245
Expires
Tue, 13 Mar 2018 20:56:02 GMT
img-myco_03.png
dadbab.info/content/Fungalor_IT/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/img-myco_03.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
a2192a87d34825f9fdab64f1875c4346706f801f01b518f8642df9c63ebc8406

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:35 GMT
Server
nginx
ETag
"591a9187-81b7"
X-Cached-Since
2018-03-21T20:52:19+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33207
X-ID
fr5-up-a245
Expires
Wed, 14 Mar 2018 19:47:25 GMT
1.jpg
dadbab.info/content/Fungalor_IT/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/1.jpg
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
2d7bc1e44baa81a6821faec2765b189708626a3ea999502f38b83744d5cd24a3

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Mon, 15 May 2017 06:43:31 GMT
Server
nginx
ETag
"59194e13-1467"
X-Cached-Since
2018-03-21T20:37:20+00:00
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5223
X-ID
fr5-up-a245
Expires
Wed, 14 Mar 2018 19:47:25 GMT
2.jpg
dadbab.info/content/Fungalor_IT/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/2.jpg
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
218a9c7efd5aa6e197857e5930021c29140a0d55af0614dcbf7d704b1e789523

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Mon, 15 May 2017 06:43:31 GMT
Server
nginx
ETag
"59194e13-1202"
X-Cached-Since
2018-03-21T20:52:47+00:00
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4610
X-ID
fr5-up-a245
Expires
Wed, 14 Mar 2018 19:47:25 GMT
user_3.png
dadbab.info/content/Fungalor_IT/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/user_3.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
71f6132a3447e673ed6a21bf10f8b50ef6b81c709d85a324c70ede5cfca08fc9

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:46 GMT
Server
nginx
ETag
"591a9192-45e9"
X-Cached-Since
2018-03-21T21:43:20+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17897
X-ID
fr5-up-a245
Expires
Tue, 13 Mar 2018 18:28:47 GMT
css
fonts.googleapis.com/ 		9 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700&subset=cyrillic-ext,latin-ext
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
017d228cc3f503236d585b5777f0075b65e7cf15cb5b33ed8c7d3069af619269
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 22 Mar 2018 10:30:59 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 10:30:59 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 22 Mar 2018 10:30:59 GMT
legs.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/legs.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
e95eebb58dde7d1d0ea32929eb6892790581d4ed460d448684f558164219f6ca

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-6775"
X-Cached-Since
2018-03-21T14:46:17+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26485
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:30:58 GMT
logo.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/logo.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
18bdbe967b647aa3dd00d250e419aa2145cca4256a80fe40ca72a17bff0caf69

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-207d"
X-Cached-Since
2018-03-21T15:09:53+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8317
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:35:04 GMT
stamp1.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stamp1.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
35c6ecda220a5f03a6bc565a3fcf77d525de7df067ee24c11ad5ea9fabc4c4e7

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-17f3"
X-Cached-Since
2018-03-21T15:40:39+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6131
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:30:58 GMT
stamp2.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stamp2.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
309ee9f8626f013daa5c9919e6227ec1ac463976f22d79982d83614179c1c68f

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-17f2"
X-Cached-Since
2018-03-21T15:30:26+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6130
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:49:50 GMT
stamp3.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stamp3.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
2ed902f9d344d231be96463713ce3acc8f0854dcd47dece1fa658be24e881012

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-158b"
X-Cached-Since
2018-03-21T15:18:20+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5515
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:30:13 GMT
pack_1.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/pack_1.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
3236a743bf714aed75f724e776189ceef20de10af04713ac6c3b560f021a2f19

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-9fb7"
X-Cached-Since
2018-03-21T15:13:44+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40887
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:40:28 GMT
stars.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stars.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
c1bcf4db73a4c94d0b76240abd9c8c472d959eeb0540e05fbbbb64030c65358d

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-3b1d"
X-Cached-Since
2018-03-21T15:37:43+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15133
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:40:16 GMT
pack_2_1.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/pack_2_1.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
57f5872fbfa77715412b03c5d045d1b588ea954dd72547e9fdbd957d91bd0b42

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-689b"
X-Cached-Since
2018-03-21T15:11:53+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26779
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:30:58 GMT
pack_2.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/pack_2.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
95abfbbf0c7af1a98e5657a113ce1554bb3ba6f6beab77f43675cb0fdc274cb8

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-6347"
X-Cached-Since
2018-03-21T15:34:42+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25415
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:30:58 GMT
pack_3.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/pack_3.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
4cf78eb6c12b1240bf0cf9500a7f1e2e35f2edb5e6c03df44366dae70632b845

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-7be7"
X-Cached-Since
2018-03-21T14:59:45+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31719
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:49:22 GMT
pack_4.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/pack_4.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
21aa452c65af84077e4003e1c0af62f57511b4020f0d0b9e0d920f8dbe83ea51

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-8a0a"
X-Cached-Since
2018-03-21T14:46:19+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35338
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:30:13 GMT
acp.gif
user-actrk.com/trk/ 		42 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-actrk.com/trk/acp.gif?referer=http%3A%2F%2Fdelivery.bb2020.info%2Fr%3Furl%3Dhttp%253A%252F%252Fbgtrs.pro%252F%253Ftarget%253D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%2526ap%253D-1%2526publisher_id%253D3764%2526clickID%253Dpx152171465994adc5ab385e31fdc9074621697%26redirect_back%3D%252F%252Fdelivery.bb2020.info%252F33305%252F%253F%2526tt%253D1&rnd=0.6719044593502763&clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
91.228.153.25 Frankfurt, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde252-4.fornex.org
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 22 Mar 2018 10:30:59 GMT
x-node
slave-nl1, dsde252
server
nginx
etag
-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA:c57c730dc24a43d78caafd1d43a3d94e
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
content-length
42
sawpp.gif
user-actrk.com/trk/ 		0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-actrk.com/trk/sawpp.gif
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
91.228.153.25 Frankfurt, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
dsde252-4.fornex.org
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status
404
date
Thu, 22 Mar 2018 10:30:59 GMT
content-length
0
server
nginx
access-control-allow-origin
*
x-node
slave-nl1, dsde252
content-type
image/gif
stamp4.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stamp4.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
783faa34a67ff717bd2a803201ac10fe7871de44fdd572860580471edf2c9864

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-178d"
X-Cached-Since
2018-03-21T15:18:20+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6029
X-ID
fr5-up-a245
Expires
Sat, 17 Mar 2018 14:49:50 GMT
stamp5.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stamp5.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
f26d92be4a1a1451d7e2ee6cad034089c9b7750516d7d4cc6241b6eed0bee0f2

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-3d2f"
X-Cached-Since
2018-03-21T15:09:53+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15663
X-ID
fr5-up-gc4
Expires
Sat, 17 Mar 2018 14:30:06 GMT
stamp6.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/stamp6.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
5a55bbb146f2dcc773a0a0a58174e69ab9c43778f8ab60d4ee4c7ad0df42ab91

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-1c94"
X-Cached-Since
2018-03-21T15:03:37+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7316
X-ID
fr5-up-gc4
Expires
Sat, 17 Mar 2018 14:30:06 GMT
js.cookie.js
dadbab.info/content/shared/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/js.cookie.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
d184002ecc00d65df4d74ae6dda26168934a2e35d8f6b9a61e95f0e63949ccbd

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2017 08:39:57 GMT
Server
nginx
Cache
HIT
ETag
W/"59e7135d-652"
Vary
Accept-Encoding
X-Cached-Since
2018-03-21T11:57:49+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-a245
sender.js
dadbab.info/content/shared/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dadbab.info/content/shared/js/sender.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
3cf174d7dcfa8d0fd8d03e85bca16548b1c2da38c78af25c2ac6ad8a3a4b5b15

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2017 08:39:57 GMT
Server
nginx
Cache
HIT
ETag
W/"59e7135d-e4c"
Vary
Accept-Encoding
X-Cached-Since
2018-03-21T14:32:08+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-ID
fr5-up-a245
conversion.js
www.googleadservices.com/pagead/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: static.user-grey.com
URL: http://static.user-grey.com/js/pix_o_ea3eca5a7bb34ce8deb4fdf6904e8b45.js
Protocol
HTTP/1.1
Server
172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0e5b2e8cea5e4731f61a3697c925aac60039ea57d83342f05c218f629b89af7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Timing-Allow-Origin
*
Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17353184112873814017
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
7442
X-XSS-Protection
1; mode=block
Expires
Thu, 22 Mar 2018 10:30:59 GMT
/
sync.user-grey.com/
Redirect Chain
  • http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=start&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kI...
  • http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjji87VBVIFyaDIuQ1aDgoFZXZlbnQSBXN0YXJ0WhAKCG9mZmVyX2lkEgQzMDA4WkMKCXBhZ2VfZXN1YhI2LTdFQTVRQ1FJZlp0Tlljd0VEX1FFRHdBc0RIUjR6S1NBR0FRQURFUWtLRVFFaUIyNXNN...
  • http://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjji87VBVIFyaDIuQ1aDgoFZXZlbnQSBXN0YXJ0WhAKCG9mZmVyX2lkEgQzMDA4WkMKCXBhZ2VfZXN1YhI2LTdFQTVRQ1FJZlp0Tlljd0VEX1FFRHdBc0RIUjR6S1NBR0FRQURFUWtLRVFFaUIyNXNN...
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQABjji87VBVoOCgVldmVudBIFc3RhcnRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwo...
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFc3RhcnRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwo...
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFc3RhcnRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhEKBXNfdHJrEgh7VFJfS0VZfVoOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ**
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFc3RhcnRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhEKBXNfdHJrEgh7VFJfS0VZfVoOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkaKAgh7VFJfS0VZfQ**
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
/
sync.user-clicks.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.user-clicks.com%2F%3Fsrc%3Dgp3%26cmp%3Dadcombo%26cid%3DA2D4FF%26act%3Dload%26event%3Dmatch%26uid%3D%24UID&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MT...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.user-clicks.com%252F%253Fsrc%253Dgp3%2526cmp%253Dadcombo%2526cid%253DA2D4FF%2526act%253Dload%2526event%253Dmatch%2526uid%253D%2524UI...
  • https://sync.user-clicks.com/?src=gp3&cmp=adcombo&cid=A2D4FF&act=load&event=match&uid=1423312156464479986&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZ...
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjji87VBVIFybie7ARaDgoFZXZlbnQSBW1hdGNoWhAKCG9mZmVyX2lkEgQzMDA4WkMKCXBhZ2VfZXN1YhI2LTdFQTVRQ1FJZlp0Tlljd0VEX1FFRHdBc0RIUjR6S1NBR0FRQURFUWtLRVFFaUIyNXN...
  • https://sync.user-clicks.com/?src=gp3&s_data=CAIQABjji87VBVoOCgVldmVudBIFbWF0Y2haEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFa...
  • https://sync.user-clicks.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFbWF0Y2haEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFa...
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.user-clicks.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFbWF0Y2haEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhoKA3VpZBITMTQyMzMxMjE1NjQ2NDQ3OTk4NloOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY*
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:31:00 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 22 Mar 2018 10:31:00 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.user-clicks.com/?src=gp3&s_data=CAIQARjji87VBVoOCgVldmVudBIFbWF0Y2haEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1c01RQUFaDwoHcGFnZV9pZBIEODIzM1oUCglwYWdlX3R5cGUSB2xhbmRpbmdazgUKCXJhd2RhdGE2NBLABWV5SnVZWFpwWjJGMGFXOXVVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNRFFzSW5WdWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0luVnViRzloWkVWMlpXNTBSVzVrSWpvd0xDSnlaV1JwY21WamRGTjBZWEowSWpvd0xDSnlaV1JwY21WamRFVnVaQ0k2TUN3aVptVjBZMmhUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFV4TWl3aVpHOXRZV2x1VEc5dmEzVndVM1JoY25RaU9qRTFNakUzTVRRMk5Ua3pNeklzSW1SdmJXRnBia3h2YjJ0MWNFVnVaQ0k2TVRVeU1UY3hORFkxT1RRMk1Td2lZMjl1Ym1WamRGTjBZWEowSWpveE5USXhOekUwTmpVNU5EWXhMQ0pqYjI1dVpXTjBSVzVrSWpveE5USXhOekUwTmpVNU5EWTNMQ0p6WldOMWNtVkRiMjV1WldOMGFXOXVVM1JoY25RaU9qQXNJbkpsY1hWbGMzUlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTJOeXdpY21WemNHOXVjMlZUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVFE1Tnl3aWNtVnpjRzl1YzJWRmJtUWlPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVXh2WVdScGJtY2lPakUxTWpFM01UUTJOVGsxTVRJc0ltUnZiVWx1ZEdWeVlXTjBhWFpsSWpvd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNQ3dpWkc5dFEyOXVkR1Z1ZEV4dllXUmxaRVYyWlc1MFJXNWtJam93TENKa2IyMURiMjF3YkdWMFpTSTZNQ3dpYkc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW14dllXUkZkbVZ1ZEVWdVpDSTZNSDAqWhoKA3VpZBITMTQyMzMxMjE1NjQ2NDQ3OTk4NloOCgd2ZXJzaW9uEgMwMDOiARAc73gWLbwR6KDXACWQ5Fw48gEHYWRjb21ib_oBBGxvYWSCAgZBMkQ0RkY*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/513516174/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/513516174/?random=1521714659590&cv=9&fst=1521714659590&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=759238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fit.fungalor.com%2Fazmfcvzezk%2FFungalor_IT%2F%3FclickID%3Dpx152171465994adc5ab385e31fdc9074621697%26ap%3D-1%26publisher_id%3D3764%26esub%3D-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&ref=http%3A%2F%2Fdelivery.bb2020.info%2Fr%3Furl%3Dhttp%253A%252F%252Fbgtrs.pro%252F%253Ftarget%253D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%2526ap%253D-1%2526publisher_id%253D3764%2526clickID%253Dpx152171465994adc5ab385e31fdc9074621697%26redirect_back%3D%252F%252Fdelivery.bb2020.info%252F33305%252F%253F%2526tt%253D1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js
Protocol
SPDY
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
445e7cebf68f62d54838e20464e3d1f9b743e0d02013aa562ba6ace47051d480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Mar 2018 10:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="42,41,39,35",hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
776
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		7 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f10.1e100.net
Software
ESF /
Resource Hash
49f65742f6167cc912833226339d4eb7e129c1118a81c34dfc6db04ea0f505d9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 22 Mar 2018 10:30:59 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 10:30:59 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 22 Mar 2018 10:30:59 GMT
bg-footer_10.png
dadbab.info/content/Fungalor_IT/images/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/bg-footer_10.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
a1f7a8eabb5d219b389e060a4389ca28775e4d40a3c4504cd0fc470de94a5d27

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:54 GMT
Server
nginx
ETag
"591a919a-3ac16"
X-Cached-Since
2018-03-21T17:50:56+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
240662
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 12:19:32 GMT
sel.png
dadbab.info/content/Fungalor_IT/images/ 		164 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/sel.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
4f7b2a4b377242c4f6fc302c0f144931ed826a3f99dcb3ffbe4fc3f4895bbccc

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:38 GMT
Server
nginx
ETag
"591a918a-a4"
X-Cached-Since
2018-03-22T09:25:41+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164
X-ID
fr5-up-a245
Expires
Tue, 13 Mar 2018 12:19:32 GMT
bg-comments_06.png
dadbab.info/content/Fungalor_IT/images/ 		600 KB
600 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/bg-comments_06.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
c18c62b7de0f5752eb6101bc327774ed0e7e4b8cf6abb443cd5c37ce37c78eb6

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:52 GMT
Server
nginx
ETag
"591a9198-95f76"
X-Cached-Since
2018-03-21T18:29:17+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
614262
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 12:19:32 GMT
bg-removing_08.png
dadbab.info/content/Fungalor_IT/images/ 		784 KB
784 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/bg-removing_08.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
0c74c7d664b9a6c8bfc1a1e0bdbce5bf87869c2fb5df36bc720a83c9adfd9f15

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:38 GMT
Server
nginx
ETag
"591a918a-c3e42"
X-Cached-Since
2018-03-21T23:19:59+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
802370
X-ID
fr5-up-a245
Expires
Tue, 13 Mar 2018 12:19:32 GMT
bg-myco_02.png
dadbab.info/content/Fungalor_IT/images/ 		686 KB
686 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/bg-myco_02.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
def929180a4d5bf6dc18f4ac592e7400eb0d1555c14294bbfb274d60e9bfb3ef

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:46 GMT
Server
nginx
ETag
"591a9192-ab796"
X-Cached-Since
2018-03-21T18:52:30+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
702358
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 16:03:54 GMT
header-bg_01.png
dadbab.info/content/Fungalor_IT/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/header-bg_01.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
cba2260a52d015a6d8c9d4759fa5ed16e541ee6787bac59d78ae1f483966e6a7

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:34 GMT
Server
nginx
ETag
"591a9186-121aca"
X-Cached-Since
2018-03-22T10:22:03+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1186506
X-ID
fr5-up-a245
Expires
Wed, 14 Mar 2018 03:59:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext
Origin
http://it.fungalor.com

Response headers

date
Fri, 23 Feb 2018 17:27:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:03 GMT
server
sffe
age
2307789
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
10764
x-xss-protection
1; mode=block
expires
Sat, 23 Feb 2019 17:27:50 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext
Origin
http://it.fungalor.com

Response headers

date
Mon, 12 Feb 2018 16:52:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
3260310
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 16:52:29 GMT
arrow-white_03.png
dadbab.info/content/Fungalor_IT/images/ 		273 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/arrow-white_03.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
ee12fe082d05a067cae0563ae51007e81c74917fcd4c703e53b67537e7d2c7b1

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:46 GMT
Server
nginx
ETag
"591a9192-111"
X-Cached-Since
2018-03-21T18:29:17+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 16:03:54 GMT
fungalor.png
dadbab.info/content/Fungalor_IT/images/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/fungalor.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
b7321d3d3a085a52d74dc8dc73547d9be1829b8147f7b8a2425d98c93b341e50

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:38 GMT
Server
nginx
ETag
"591a918a-c078"
X-Cached-Since
2018-03-21T17:54:23+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49272
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 16:03:55 GMT
arrow.png
dadbab.info/content/Fungalor_IT/images/ 		461 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/arrow.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
73916b1939ceafb840f1227281a76d876e96a409a9ba598b8a9b88d768b954cd

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:34 GMT
Server
nginx
ETag
"591a9186-1cd"
X-Cached-Since
2018-03-21T18:10:10+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
461
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 12:19:32 GMT
header-li-before_03.png
dadbab.info/content/Fungalor_IT/images/ 		362 B
856 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/header-li-before_03.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
7061439c822d36d141d052bbc79c6a473f30713308107c265b96b0df8b1d30fa

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:38 GMT
Server
nginx
ETag
"591a918a-16a"
X-Cached-Since
2018-03-21T18:10:11+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
362
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 12:19:32 GMT
legs_07.png
dadbab.info/content/Fungalor_IT/images/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/legs_07.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
4d0b3b942d3f3d855c75b9a76d49b7a07ab4332721c84ff7296f6d4a5b5e5ad9

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:38 GMT
Server
nginx
ETag
"591a918a-1a250"
X-Cached-Since
2018-03-21T18:43:39+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
107088
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 12:19:32 GMT
mint_07.png
dadbab.info/content/Fungalor_IT/images/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/Fungalor_IT/images/mint_07.png
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
eddb293a535f309352732a5fc6c8055cf72ab26d171dbd0b716e3921746c8b65

Request headers

Referer
http://dadbab.info/content/Fungalor_IT/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Tue, 16 May 2017 05:43:52 GMT
Server
nginx
ETag
"591a9198-11178"
X-Cached-Since
2018-03-21T17:44:29+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70008
X-ID
fr5-up-gc4
Expires
Tue, 13 Mar 2018 12:19:32 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v18/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
sffe /
Resource Hash
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700&subset=cyrillic-ext,latin-ext
Origin
http://it.fungalor.com

Response headers

date
Mon, 12 Feb 2018 17:37:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:48 GMT
server
sffe
age
3257623
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
12352
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 17:37:16 GMT
e.js
sync.users-api.com/ 		64 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.users-api.com/e.js
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
31.172.81.242 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx/1.10.3 /
Resource Hash
b2b5542ea7ecac7f1e745df6e64f9b12475e20d53dac73836915e13f2bd1ac3f

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2017 12:01:01 GMT
Server
nginx/1.10.3
ETag
W/"686897696a7c876b7e1"
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
private, immutable, no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
bg.png
dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/imageSec/bg.png
Requested by
Host: dadbab.info
URL: http://dadbab.info/content/shared/js/jquery-1.12.4.min.js
Protocol
HTTP/1.1
Server
92.223.124.254 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
e9935f87b4f424854b27453bbd6660693bbc33bde6c6061b45730402b5b49944

Request headers

Referer
http://dadbab.info/content/second/Fresh_Fingers_SP_IT/css/secondPage.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Pragma
public
Date
Thu, 22 Mar 2018 10:30:59 GMT
Last-Modified
Wed, 07 Mar 2018 13:31:31 GMT
Server
nginx
ETag
"5a9fe9b3-39b85d"
X-Cached-Since
2018-03-21T14:46:21+00:00
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, no-transform, public, must-revalidate, proxy-revalidate
Cache
HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3782749
X-ID
fr5-up-gc4
Expires
Sat, 17 Mar 2018 14:30:13 GMT
/
sync.user-grey.com/
Redirect Chain
  • http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=domload&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5...
  • http://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjji87VBVIFyaDIuQ1aEAoFZXZlbnQSB2RvbWxvYWRaEAoIb2ZmZXJfaWQSBDMwMDhaQwoJcGFnZV9lc3ViEjYtN0VBNVFDUUlmWnROWWN3RURfUUVEd0FzREhSNHpLU0FHQVFBREVRa0tFUUVpQjI1...
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQABjji87VBVoQCgVldmVudBIHZG9tbG9hZFoQCghvZmZlcl9pZBIEMzAwOFpDCglwYWdlX2VzdWISNi03RUE1UUNRSWZadE5ZY3dFRF9RRUR3QXNESFI0ektTQUdBUUFERVFrS0VRRWlCMjVzTVFBQVo...
  • http://sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoQCgVldmVudBIHZG9tbG9hZFoQCghvZmZlcl9pZBIEMzAwOFpDCglwYWdlX2VzdWISNi03RUE1UUNRSWZadE5ZY3dFRF9RRUR3QXNESFI0ektTQUdBUUFERVFrS0VRRWlCMjVzTVFBQVo...
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoQCgVldmVudBIHZG9tbG9hZFoQCghvZmZlcl9pZBIEMzAwOFpDCglwYWdlX2VzdWISNi03RUE1UUNRSWZadE5ZY3dFRF9RRUR3QXNESFI0ektTQUdBUUFERVFrS0VRRWlCMjVzTVFBQVoPCgdwYWdlX2lkEgQ4MjMzWhQKCXBhZ2VfdHlwZRIHbGFuZGluZ1ruBQoJcmF3ZGF0YTY0EuAFZXlKdVlYWnBaMkYwYVc5dVUzUmhjblFpT2pFMU1qRTNNVFEyTlRrek1EUXNJblZ1Ykc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW5WdWJHOWhaRVYyWlc1MFJXNWtJam93TENKeVpXUnBjbVZqZEZOMFlYSjBJam93TENKeVpXUnBjbVZqZEVWdVpDSTZNQ3dpWm1WMFkyaFRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UVXhNaXdpWkc5dFlXbHVURzl2YTNWd1UzUmhjblFpT2pFMU1qRTNNVFEyTlRrek16SXNJbVJ2YldGcGJreHZiMnQxY0VWdVpDSTZNVFV5TVRjeE5EWTFPVFEyTVN3aVkyOXVibVZqZEZOMFlYSjBJam94TlRJeE56RTBOalU1TkRZeExDSmpiMjV1WldOMFJXNWtJam94TlRJeE56RTBOalU1TkRZM0xDSnpaV04xY21WRGIyNXVaV04wYVc5dVUzUmhjblFpT2pBc0luSmxjWFZsYzNSVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRMk55d2ljbVZ6Y0c5dWMyVlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTVOeXdpY21WemNHOXVjMlZGYm1RaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVeHZZV1JwYm1jaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVbHVkR1Z5WVdOMGFYWmxJam94TlRJeE56RTBOalU1TnpRd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVGMwTUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQHO94Fi28Eeig1wAlkORcOPIBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0*
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 22 Mar 2018 10:30:59 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
//sync.user-grey.com/?src=gp3&s_data=CAIQARjji87VBVoQCgVldmVudBIHZG9tbG9hZFoQCghvZmZlcl9pZBIEMzAwOFpDCglwYWdlX2VzdWISNi03RUE1UUNRSWZadE5ZY3dFRF9RRUR3QXNESFI0ektTQUdBUUFERVFrS0VRRWlCMjVzTVFBQVoPCgdwYWdlX2lkEgQ4MjMzWhQKCXBhZ2VfdHlwZRIHbGFuZGluZ1ruBQoJcmF3ZGF0YTY0EuAFZXlKdVlYWnBaMkYwYVc5dVUzUmhjblFpT2pFMU1qRTNNVFEyTlRrek1EUXNJblZ1Ykc5aFpFVjJaVzUwVTNSaGNuUWlPakFzSW5WdWJHOWhaRVYyWlc1MFJXNWtJam93TENKeVpXUnBjbVZqZEZOMFlYSjBJam93TENKeVpXUnBjbVZqZEVWdVpDSTZNQ3dpWm1WMFkyaFRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UVXhNaXdpWkc5dFlXbHVURzl2YTNWd1UzUmhjblFpT2pFMU1qRTNNVFEyTlRrek16SXNJbVJ2YldGcGJreHZiMnQxY0VWdVpDSTZNVFV5TVRjeE5EWTFPVFEyTVN3aVkyOXVibVZqZEZOMFlYSjBJam94TlRJeE56RTBOalU1TkRZeExDSmpiMjV1WldOMFJXNWtJam94TlRJeE56RTBOalU1TkRZM0xDSnpaV04xY21WRGIyNXVaV04wYVc5dVUzUmhjblFpT2pBc0luSmxjWFZsYzNSVGRHRnlkQ0k2TVRVeU1UY3hORFkxT1RRMk55d2ljbVZ6Y0c5dWMyVlRkR0Z5ZENJNk1UVXlNVGN4TkRZMU9UUTVOeXdpY21WemNHOXVjMlZGYm1RaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVeHZZV1JwYm1jaU9qRTFNakUzTVRRMk5UazFNVElzSW1SdmJVbHVkR1Z5WVdOMGFYWmxJam94TlRJeE56RTBOalU1TnpRd0xDSmtiMjFEYjI1MFpXNTBURzloWkdWa1JYWmxiblJUZEdGeWRDSTZNVFV5TVRjeE5EWTFPVGMwTUN3aVpHOXRRMjl1ZEdWdWRFeHZZV1JsWkVWMlpXNTBSVzVrSWpvd0xDSmtiMjFEYjIxd2JHVjBaU0k2TUN3aWJHOWhaRVYyWlc1MFUzUmhjblFpT2pBc0lteHZZV1JGZG1WdWRFVnVaQ0k2TUgwKloRCgVzX3RyaxIIe1RSX0tFWX1aDgoHdmVyc2lvbhIDMDAzogEQHO94Fi28Eeig1wAlkORcOPIBB2FkY29tYm_6AQRsb2FkggIGQTJENEZGigIIe1RSX0tFWX0*
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
/
www.google.com/ads/user-lists/513516174/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/513516174/?random=1521714659590&cv=9&fst=1521712800000&num=1&guid=ON&eid=759238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fit.fungalor.com%2Fazmfcvzezk%2FFungalor_IT%2F%3FclickID%3Dpx152171465994adc5ab385e31fdc9074621697%26ap%3D-1%26publisher_id%3D3764%26esub%3D-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&ref=http%3A%2F%2Fdelivery.bb2020.info%2Fr%3Furl%3Dhttp%253A%252F%252Fbgtrs.pro%252F%253Ftarget%253D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%2526ap%253D-1%2526publisher_id%253D3764%2526clickID%253Dpx152171465994adc5ab385e31fdc9074621697%26redirect_back%3D%252F%252Fdelivery.bb2020.info%252F33305%252F%253F%2526tt%253D1&fmt=3&cdct=2&is_vtc=1&random=1319021752&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f4.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Mar 2018 10:30:59 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.ua/ads/user-lists/513516174/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.ua/ads/user-lists/513516174/?random=1521714659590&cv=9&fst=1521712800000&num=1&guid=ON&eid=759238991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fit.fungalor.com%2Fazmfcvzezk%2FFungalor_IT%2F%3FclickID%3Dpx152171465994adc5ab385e31fdc9074621697%26ap%3D-1%26publisher_id%3D3764%26esub%3D-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&ref=http%3A%2F%2Fdelivery.bb2020.info%2Fr%3Furl%3Dhttp%253A%252F%252Fbgtrs.pro%252F%253Ftarget%253D-7EA5QCQIAAAP9AQPACwAFEQkKEQEKAAE%2526ap%253D-1%2526publisher_id%253D3764%2526clickID%253Dpx152171465994adc5ab385e31fdc9074621697%26redirect_back%3D%252F%252Fdelivery.bb2020.info%252F33305%252F%253F%2526tt%253D1&fmt=3&cdct=2&is_vtc=1&random=1319021752&resp=GooglemKTybQhCsO&ipr=y&rmt_tld=1
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
SPDY
Server
216.58.207.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Mar 2018 10:30:59 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
track.gif
xl-trk.com/ 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xl-trk.com/track.gif?a=pat&b=ssp-dd535e0b-09d0-0e04-14e8-1521714660&c=landing&d=3008&e=8233&f=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Requested by
Host: it.fungalor.com
URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Protocol
HTTP/1.1
Server
88.208.58.206 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Upstream
192.168.11.102:8085
Date
Thu, 22 Mar 2018 10:30:59 GMT
Server
nginx
Connection
keep-alive
/
sync.user-grey.com/ 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sync.user-grey.com/?src=gp3&cid=A2D4FF&cmp=adcombo&act=load&event=bodyload&s_trk={TR_KEY}&rawdata64=eyJuYXZpZ2F0aW9uU3RhcnQiOjE1MjE3MTQ2NTkzMDQsInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjowLCJyZWRpcmVjdEVuZCI6MCwiZmV0Y2hTdGFydCI6MTUyMTcxNDY1OTUxMiwiZG9tYWluTG9va3VwU3RhcnQiOjE1MjE3MTQ2NTkzMzIsImRvbWFpbkxvb2t1cEVuZCI6MTUyMTcxNDY1OTQ2MSwiY29ubmVjdFN0YXJ0IjoxNTIxNzE0NjU5NDYxLCJjb25uZWN0RW5kIjoxNTIxNzE0NjU5NDY3LCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTUyMTcxNDY1OTQ2NywicmVzcG9uc2VTdGFydCI6MTUyMTcxNDY1OTQ5NywicmVzcG9uc2VFbmQiOjE1MjE3MTQ2NTk1MTIsImRvbUxvYWRpbmciOjE1MjE3MTQ2NTk1MTIsImRvbUludGVyYWN0aXZlIjoxNTIxNzE0NjU5NzQwLCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MTUyMTcxNDY1OTc0MCwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjoxNTIxNzE0NjU5NzcyLCJkb21Db21wbGV0ZSI6MTUyMTcxNDY2MDExNCwibG9hZEV2ZW50U3RhcnQiOjE1MjE3MTQ2NjAxMTQsImxvYWRFdmVudEVuZCI6MTUyMTcxNDY2MDExNX0*&offer_id=3008&page_type=landing&page_id=8233&page_esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA&version=003
Protocol
HTTP/1.1
Server
31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Thu, 22 Mar 2018 10:31:00 GMT
Server
nginx
ETag
1cef7816-2dbc-11e8-a0d7-002590e45c38
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
send
rum.serv-ac.com/v1/ 		0
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum.serv-ac.com/v1/send
Requested by
Host: dadbab.info
URL: http://dadbab.info/content/shared/js/acrum.min.js
Protocol
SPDY
Server
88.208.23.73 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://it.fungalor.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Thu, 22 Mar 2018 10:31:00 GMT
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
server
nginx
access-control-allow-origin
*
x-powered-by
Express
access-control-max-age
604800
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
status
200
cache-control
no-transform, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
send
rum.serv-ac.com/v1/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum.serv-ac.com/v1/send
Protocol
SPDY
Server
88.208.23.73 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA
Origin
http://it.fungalor.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Mar 2018 10:31:00 GMT
status
204
server
nginx
x-powered-by
Express
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
access-control-max-age
604800
access-control-allow-methods
POST
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| acrum_extra function| serialize function| parseQuery function| addPixImg object| img string| lang_locale string| ccode string| ip_ccode object| package_prices number| shipment_price string| name_hint string| phone_hint boolean| iew object| offer_countries function| $ function| jQuery object| google_conversion_id object| google_custom_params object| google_remarketing_only function| Acrum function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| Placeholders function| moment function| dtimes function| dtime function| dtime_nums object| months_localized object| days_localized object| phone_config object| defaults function| set_package_prices function| checkTimeZone function| setBrowser function| sendPhoneOrder function| cancelEvent function| RemoveUnload function| showLoader function| hideLoader function| sendOrderData function| renderQueryVariable function| move_next function| onEtag object| loc string| cc function| Secondpage object| sp_form_fields object| user_db function| Waiter function| PayOnlineTimer function| Cookies object| REQUIRED_FIELDS string| SEND_URL string| NO_AUTOSAVE_FIELD number| TIMEOUT_PERIOD function| sender function| timeout function| timeoutResetter object| saver function| get_params boolean| popup_tried function| show_pushwru_show object| jQuery112405489614961401024 string| model string| browser string| brand string| appname boolean| s_trk number| hours boolean| domain_has_valid_cert boolean| sawpp string| __sc_int_uid

5 Cookies

Domain/Path Name / Value
it.fungalor.com/ Name: session
Value: eyJfcGVybWFuZW50Ijp0cnVlfQ.DZUXYw.aw8Q2jIHkyobi1vGx6n-sYi9tKA
it.fungalor.com/ Name: offer_id_3008
Value: 1
it.fungalor.com/ Name: previous_uniq
Value: 1521714659
it.fungalor.com/ Name: offer_3008_user_id
Value: 509
it.fungalor.com/azmfcvzezk/Fungalor_IT Name: randDate
Value: 1519209059642

4 Console Messages

Source Level URL
Text
console-api log URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA(Line 2348)
Message:
popstate bind
console-api warning URL: http://dadbab.info/content/second/Fresh_Fingers_SP_IT/js/secondPage.js(Line 5)
Message:
Secondpage_VLG
console-api warning URL: http://dadbab.info/content/second/Fresh_Fingers_SP_IT/js/secondPage.js(Line 5)
Message:
Secondpage_VLG
console-api log URL: http://it.fungalor.com/azmfcvzezk/Fungalor_IT/?clickID=px152171465994adc5ab385e31fdc9074621697&ap=-1&publisher_id=3764&esub=-7EA5QCQIfZtNYcwED_QEDwAsDHR4zKSAGAQADEQkKEQEiB25sMQAA(Line 73)
Message:
ssp-dd535e0b-09d0-0e04-14e8-1521714660

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bgtrs.pro
dadbab.info
delivery.bb2020.info
fonts.googleapis.com
fonts.gstatic.com
get.mycounter.ua
googleads.g.doubleclick.net
ib.adnxs.com
it.fungalor.com
it.serpolyakov.group
mc.yandex.ru
rum.serv-ac.com
scripts.mycounter.ua
static.user-grey.com
sync.user-clicks.com
sync.user-grey.com
sync.users-api.com
sync3.adsniper.ru
user-actrk.com
www.fildud.top
www.google.com
www.google.com.ua
www.googleadservices.com
xl-trk.com
172.217.16.194
172.217.21.194
185.176.221.159
185.33.223.215
212.224.124.112
216.58.207.67
216.58.207.68
216.58.207.74
31.172.81.158
31.172.81.160
31.172.81.172
31.172.81.242
52.19.234.238
62.149.0.222
62.149.0.249
75.126.101.228
87.250.251.119
88.208.23.73
88.208.58.206
91.228.153.25
92.223.124.254
017d228cc3f503236d585b5777f0075b65e7cf15cb5b33ed8c7d3069af619269
079e99f427639d8e64efe4e797ee7814221f9014500b5bc5b3a7ad4928b692d6
0c74c7d664b9a6c8bfc1a1e0bdbce5bf87869c2fb5df36bc720a83c9adfd9f15
0e5b2e8cea5e4731f61a3697c925aac60039ea57d83342f05c218f629b89af7e
1410573e02a33ef9a195cac8684ec167f8431f80d64b5ad8b041c2615275e86b
18bdbe967b647aa3dd00d250e419aa2145cca4256a80fe40ca72a17bff0caf69
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1c0490caba64cd96f43195f57b360b683e0b0b71191b9b472e4292e1bceebb46
218a9c7efd5aa6e197857e5930021c29140a0d55af0614dcbf7d704b1e789523
21aa452c65af84077e4003e1c0af62f57511b4020f0d0b9e0d920f8dbe83ea51
2addcc6d9c36be2a231a1e9830cc0a39a5152de989e7be9ca7099dd4ed7128fd
2d7bc1e44baa81a6821faec2765b189708626a3ea999502f38b83744d5cd24a3
2ed902f9d344d231be96463713ce3acc8f0854dcd47dece1fa658be24e881012
309ee9f8626f013daa5c9919e6227ec1ac463976f22d79982d83614179c1c68f
3236a743bf714aed75f724e776189ceef20de10af04713ac6c3b560f021a2f19
35c6ecda220a5f03a6bc565a3fcf77d525de7df067ee24c11ad5ea9fabc4c4e7
3cf174d7dcfa8d0fd8d03e85bca16548b1c2da38c78af25c2ac6ad8a3a4b5b15
3d49fc411601b1a0a5ae9215d2da55472d01393cf9fb1e588cb5eb94aa2efb1e
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
445e7cebf68f62d54838e20464e3d1f9b743e0d02013aa562ba6ace47051d480
4841ce2c55176feb3284bc5b284cd7710c075dd8ab27185f11b8f3bec7e2c665
49f65742f6167cc912833226339d4eb7e129c1118a81c34dfc6db04ea0f505d9
4cf78eb6c12b1240bf0cf9500a7f1e2e35f2edb5e6c03df44366dae70632b845
4d0b3b942d3f3d855c75b9a76d49b7a07ab4332721c84ff7296f6d4a5b5e5ad9
4f7b2a4b377242c4f6fc302c0f144931ed826a3f99dcb3ffbe4fc3f4895bbccc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57f5872fbfa77715412b03c5d045d1b588ea954dd72547e9fdbd957d91bd0b42
5a423b0df260fa67d26563563e00c2000944ac7aafceb7448eb303705168688e
5a55bbb146f2dcc773a0a0a58174e69ab9c43778f8ab60d4ee4c7ad0df42ab91
64565561ddb338a11ffce5b84aa53fa6e8fd203c34208e61eb5602cd08bf527f
69a6ad9f35ff32bf8750551ed1d5fbad6b5db56c92da5536902bb96f3ac23cf2
7061439c822d36d141d052bbc79c6a473f30713308107c265b96b0df8b1d30fa
71f6132a3447e673ed6a21bf10f8b50ef6b81c709d85a324c70ede5cfca08fc9
73916b1939ceafb840f1227281a76d876e96a409a9ba598b8a9b88d768b954cd
75b0859dbdf03714b7833538020c05e7584b3da0665188ffba561e2de0e3ade1
783faa34a67ff717bd2a803201ac10fe7871de44fdd572860580471edf2c9864
80c3bdf4400ab2bd4a9dc1f1bc0fa3c2409ce594a96ad8c79478805b15bbd139
852449c339b75e7d52bcf85c691a250867c6427d0b7fcabfbb54f31fea37dad5
8693391f617d6513f80977cd06d51f46ed6931fe4de3a92c71b501be9c70928a
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
95abfbbf0c7af1a98e5657a113ce1554bb3ba6f6beab77f43675cb0fdc274cb8
9ab916bd547e4e2b15a54b26295dfd83dfef7be6f9727c3e51c367824cf6441c
a1f7a8eabb5d219b389e060a4389ca28775e4d40a3c4504cd0fc470de94a5d27
a2192a87d34825f9fdab64f1875c4346706f801f01b518f8642df9c63ebc8406
a230d84b9852737c36e10d08eef14663a995b110ebcf7507319efce132efd5af
a68388707db5e8a709480239734855cb06128324d4763a953e01f64654f8a316
b2b5542ea7ecac7f1e745df6e64f9b12475e20d53dac73836915e13f2bd1ac3f
b7321d3d3a085a52d74dc8dc73547d9be1829b8147f7b8a2425d98c93b341e50
b837f4fa273d79c2566896754cdd61abff6b5e83d11fb8ae48f810bcd2f1a5b2
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
c18c62b7de0f5752eb6101bc327774ed0e7e4b8cf6abb443cd5c37ce37c78eb6
c1bcf4db73a4c94d0b76240abd9c8c472d959eeb0540e05fbbbb64030c65358d
cba2260a52d015a6d8c9d4759fa5ed16e541ee6787bac59d78ae1f483966e6a7
d184002ecc00d65df4d74ae6dda26168934a2e35d8f6b9a61e95f0e63949ccbd
d8a78a47f9aa9963f8104743d55fb23ab68f09fd17afc58c06a5d223f350fa0d
def929180a4d5bf6dc18f4ac592e7400eb0d1555c14294bbfb274d60e9bfb3ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95eebb58dde7d1d0ea32929eb6892790581d4ed460d448684f558164219f6ca
e9935f87b4f424854b27453bbd6660693bbc33bde6c6061b45730402b5b49944
eddb293a535f309352732a5fc6c8055cf72ab26d171dbd0b716e3921746c8b65
ee12fe082d05a067cae0563ae51007e81c74917fcd4c703e53b67537e7d2c7b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef342fcd879f7f7c3712cfc2d555f8eec968e12655b80a756b608a83765e8e08
f26d92be4a1a1451d7e2ee6cad034089c9b7750516d7d4cc6241b6eed0bee0f2
f82a4f26d717ec4a212b8ba412b7cc1eb65cca71b803eab8ee4540fb55fa8f72
fe9463166b41b5b741f0e18f2011687617754aa89395f9ca984a0888ba6a3a05