urlscan.io logo urlscan.io
SecurityTrails logo

t26.tonplancul.com Open in urlscan Pro
104.31.80.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://touchme.space/
Effective URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc15...
Submission: On June 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 16 HTTP transactions. The main IP is 104.31.80.35, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is t26.tonplancul.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on May 11th 2019. Valid for: 6 months.
This is the only time t26.tonplancul.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.255.119.53 22612 (NAMECHEAP...)
1 1 52.50.109.222 16509 (AMAZON-02)
2 2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 54.72.199.154 16509 (AMAZON-02)
1 2 18.203.29.133 16509 (AMAZON-02)
1 4 104.31.80.35 13335 (CLOUDFLAR...)
5 151.139.237.33 33438 (HIGHWINDS2)
1 147.75.81.98 54825 (PACKET)
2 2a00:1450:400... 15169 (GOOGLE)
1 147.75.83.1 54825 (PACKET)
1 147.75.83.23 54825 (PACKET)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
16 9
1    162.255.119.53 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
touchme.space
1    52.50.109.222 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
clik.rfroute.com
2    2606:4700:30::681b:8953 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ezofferz.com
1    54.72.199.154 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com
clik.global-trk.com
2    18.203.29.133 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-203-29-133.eu-west-1.compute.amazonaws.com
dlvr.xcash.com
4    104.31.80.35 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
trk.tonplancul.com
t26.tonplancul.com
5    151.139.237.33 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
static-02-2ug82pacs7u3bksy.netdna-ssl.com
1    147.75.81.98 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-30
static.hotjar.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.83.1 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-23
script.hotjar.com
1    147.75.83.23 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-21
vars.hotjar.com
1    151.101.2.110 (United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
3 static-01-2ug82pacs7u3bksy.netdna-ssl.com t26.tonplancul.com
static-01-2ug82pacs7u3bksy.netdna-ssl.com
3 t26.tonplancul.com dlvr.xcash.com
t26.tonplancul.com
2 www.google-analytics.com t26.tonplancul.com
2 dlvr.xcash.com 1 redirects
2 ezofferz.com 2 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com t26.tonplancul.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static-02-2ug82pacs7u3bksy.netdna-ssl.com t26.tonplancul.com
1 static.hotjar.com t26.tonplancul.com
1 static-03-2ug82pacs7u3bksy.netdna-ssl.com t26.tonplancul.com
1 trk.tonplancul.com 1 redirects
1 clik.global-trk.com 1 redirects
1 clik.rfroute.com 1 redirects
1 touchme.space 1 redirects
16 16

This site contains links to these domains. Also see Links.

Domain
tonplancul.com
support.tonplancul.com
Subject Issuer Validity Valid
sni168873.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-11 -
2019-11-17		 6 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-18 -
2020-02-27		 a year crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-06-08 -
2019-09-06		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Frame ID: D21A70F0C192F1448787055EEDA60DEF
Requests: 15 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: 221C527713B8FA246CCFC46D9F00C68E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://touchme.space/ HTTP 302
    http://clik.rfroute.com/aff_c?offer_id=7896&aff_id=5423 HTTP 302
    http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=5423&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff... HTTP 302
    http://ezofferz.com/cr.php?cid=4845&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=... HTTP 302
    http://clik.global-trk.com/aff_c?offer_id=6717&aff_sub4=4340&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&a... HTTP 302
    https://dlvr.xcash.com/30037?session_id=10231fa3e29f02cf1d7313be4950f9&subaffiliate_id=GSL-5485&ext... HTTP 302
    http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872... Page URL
  2. https://trk.tonplancul.com/a/ff0026/?promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keywo... HTTP 302
    https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&k... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

16
Requests

94 %
HTTPS

15 %
IPv6

11
Domains

16
Subdomains

9
IPs

3
Countries

534 kB
Transfer

1802 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://touchme.space/ HTTP 302
    http://clik.rfroute.com/aff_c?offer_id=7896&aff_id=5423 HTTP 302
    http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=5423&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f HTTP 302
    http://ezofferz.com/cr.php?cid=4845&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f HTTP 302
    http://clik.global-trk.com/aff_c?offer_id=6717&aff_sub4=4340&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f&crpx=aHRX062230251 HTTP 302
    https://dlvr.xcash.com/30037?session_id=10231fa3e29f02cf1d7313be4950f9&subaffiliate_id=GSL-5485&external_capmaign= HTTP 302
    http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1 Page URL
  2. https://trk.tonplancul.com/a/ff0026/?promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6 HTTP 302
    https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://touchme.space/ HTTP 302
  • http://clik.rfroute.com/aff_c?offer_id=7896&aff_id=5423 HTTP 302
  • http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=5423&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f HTTP 302
  • http://ezofferz.com/cr.php?cid=4845&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f HTTP 302
  • http://clik.global-trk.com/aff_c?offer_id=6717&aff_sub4=4340&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f&crpx=aHRX062230251 HTTP 302
  • https://dlvr.xcash.com/30037?session_id=10231fa3e29f02cf1d7313be4950f9&subaffiliate_id=GSL-5485&external_capmaign= HTTP 302
  • http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set r
dlvr.xcash.com/
Redirect Chain
  • http://touchme.space/
  • http://clik.rfroute.com/aff_c?offer_id=7896&aff_id=5423
  • http://ezofferz.com/crDLO2GSL.php?cid=125&aff_id=5423&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f
  • http://ezofferz.com/cr.php?cid=4845&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f
  • http://clik.global-trk.com/aff_c?offer_id=6717&aff_sub4=4340&aff_id=5485&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&trn=1027d62c797b025a441eb3b73e894f&crpx=aHRX062230251
  • https://dlvr.xcash.com/30037?session_id=10231fa3e29f02cf1d7313be4950f9&subaffiliate_id=GSL-5485&external_capmaign=
  • http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abe...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1
Protocol
HTTP/1.1
Server
18.203.29.133 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-203-29-133.eu-west-1.compute.amazonaws.com
Software
nginx / HHVM/3.18.1
Resource Hash

Request headers

Host
dlvr.xcash.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
51D_Bandwidth=1561191851.9461; ubbc=eyJpdiI6IjNxQ0JBS1RzUnNrblNHMVZwSmhRQ0E9PSIsInZhbHVlIjoiUWV1SVAxU2pUdEdab1hiTm5vMDVZUT09IiwibWFjIjoiNzYzNWE2ZjRjMmFhYzgzYzIzYzdhMGI1Y2IyYTMyNzJjMTYzZDg2NDcyMzE0Y2Y0NmZhZTYwNzEyY2FhODJjNSJ9; bbuc=eyJpdiI6Ik1hS05Cd21kQm9VNG1EdFF0RVdycWc9PSIsInZhbHVlIjoiVm9jRTE5YjdYcnlLR3ZxRWRDeDNBaGJlRXdSSFFwSk9peGM4M1RWRFhEMD0iLCJtYWMiOiIzNzQxMzAwOTFmMDI5MTY5NGY3YjhiNDkyMDEyZGZjM2IzMjU3OTkwYmNhYjI0MDE2YTgyNGM5MDNiNDU5NjFlIn0%3D; bbrc=eyJpdiI6IjFVamRDSHNaNFRKZGFOMkhJNnRLZkE9PSIsInZhbHVlIjoiNVlnYVZvTmFjM3dJUUtGWms2WFwvWUE9PSIsIm1hYyI6IjhlYjc2NDFkZmJjOGU3N2MyYmNiMjlkY2IyMzEwNTg0MjRiZjdkYzA0OGI3MTNmOGNkNTJiM2Y1ZDUyNDRmZDIifQ%3D%3D; laravel_session=eyJpdiI6ImpnZWlWQU0zdlF6ZXBIVEM1QUxsU3c9PSIsInZhbHVlIjoiaDdiNERaSDFXSmVrSFk2M1VodzQzZzA5R0dQU1dON2hNdkw2MG5xT0t3eTZYc1cwUmxBZEZkMUdrTmJsRnNHRTFCZWo4ampGNHFWMlJKc3k0SlwvT0tBPT0iLCJtYWMiOiJiN2EyNmQzNzE2MjI2YWYxZmJhMmMxNWExYzc5ZjBjNTllYzJhOGMwNjVmMWUxOWM3ODY2NzU4OWY3NTYzNWE5In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Jun 2019 08:24:12 GMT
Server
nginx
Set-Cookie
laravel_session=eyJpdiI6IlBuYWo2TVBGNHBnVERVTmN2N2plakE9PSIsInZhbHVlIjoiUFpLcnVPcUdDa2tXcjY2UG5GVXNDZ280RFpsQW5ieEJRenF1c1VBbWhKblNGaThcL05UUU5aS0tBMHNPZEIxekRvemFjNG9NREJJenNqRUVQdXRFZ0xRPT0iLCJtYWMiOiIyOGIyZTcyZTcxM2Q2MTkxODJhMGIxOWM0N2M0MmMyNjliOWQ4N2YwNzU3ZTBmMDZjMzI0Mzk2ZjU3YzA1ZDkyIn0%3D; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
HHVM/3.18.1
Content-Length
498
Connection
keep-alive

Redirect headers

Cache-Control
no-cache
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 22 Jun 2019 08:24:12 GMT
Location
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1
Server
nginx
Set-Cookie
51D_Bandwidth=1561191851.9461 ubbc=eyJpdiI6IjNxQ0JBS1RzUnNrblNHMVZwSmhRQ0E9PSIsInZhbHVlIjoiUWV1SVAxU2pUdEdab1hiTm5vMDVZUT09IiwibWFjIjoiNzYzNWE2ZjRjMmFhYzgzYzIzYzdhMGI1Y2IyYTMyNzJjMTYzZDg2NDcyMzE0Y2Y0NmZhZTYwNzEyY2FhODJjNSJ9; expires=Sun, 23-Jun-2019 08:24:11 GMT; Max-Age=86399; path=/; httponly bbuc=eyJpdiI6Ik1hS05Cd21kQm9VNG1EdFF0RVdycWc9PSIsInZhbHVlIjoiVm9jRTE5YjdYcnlLR3ZxRWRDeDNBaGJlRXdSSFFwSk9peGM4M1RWRFhEMD0iLCJtYWMiOiIzNzQxMzAwOTFmMDI5MTY5NGY3YjhiNDkyMDEyZGZjM2IzMjU3OTkwYmNhYjI0MDE2YTgyNGM5MDNiNDU5NjFlIn0%3D; expires=Sun, 23-Jun-2019 08:24:12 GMT; Max-Age=86400; path=/; httponly bbrc=eyJpdiI6IjFVamRDSHNaNFRKZGFOMkhJNnRLZkE9PSIsInZhbHVlIjoiNVlnYVZvTmFjM3dJUUtGWms2WFwvWUE9PSIsIm1hYyI6IjhlYjc2NDFkZmJjOGU3N2MyYmNiMjlkY2IyMzEwNTg0MjRiZjdkYzA0OGI3MTNmOGNkNTJiM2Y1ZDUyNDRmZDIifQ%3D%3D; expires=Sat, 22-Jun-2019 15:24:12 GMT; Max-Age=25200; path=/; httponly laravel_session=eyJpdiI6ImpnZWlWQU0zdlF6ZXBIVEM1QUxsU3c9PSIsInZhbHVlIjoiaDdiNERaSDFXSmVrSFk2M1VodzQzZzA5R0dQU1dON2hNdkw2MG5xT0t3eTZYc1cwUmxBZEZkMUdrTmJsRnNHRTFCZWo4ampGNHFWMlJKc3k0SlwvT0tBPT0iLCJtYWMiOiJiN2EyNmQzNzE2MjI2YWYxZmJhMmMxNWExYzc5ZjBjNTllYzJhOGMwNjVmMWUxOWM3ODY2NzU4OWY3NTYzNWE5In0%3D; path=/; httponly
Vary
Accept-Encoding
X-Powered-By
HHVM/3.18.1
Content-Length
444
Connection
keep-alive
Primary Request /
t26.tonplancul.com/
Redirect Chain
  • https://trk.tonplancul.com/a/ff0026/?promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
  • https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
86 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Requested by
Host: dlvr.xcash.com
URL: http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.80.35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2b47e41bd57ddae46bf7cfb5c9683fc4f7667db939f6a7c134df6fb7fbd344

Request headers

:method
GET
:authority
t26.tonplancul.com
:scheme
https
:path
/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1
accept-encoding
gzip, deflate, br
cookie
__cfduid=d64e02c2a2d94c2bc8758ce816174f8441561191852
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://dlvr.xcash.com/r?url=https%3A%2F%2Ftrk.tonplancul.com%2Fa%2Fff0026%2F%3Fpromo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&redirect_back=%2F%2Fdlvr.xcash.com%2F30037%2F%3Fsession_id%3D10231fa3e29f02cf1d7313be4950f9%26subaffiliate_id%3DGSL-5485%26external_capmaign%3D%26tt%3D1

Response headers

status
200
date
Sat, 22 Jun 2019 08:24:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=ra13jc2ndaj6sr4rh96bt2pmh1; path=/; domain=tonplancul.com pc_aff=nNoRIzRele85GwzagvAgqhpNG9WOSlQCLgdM2U8tXOEBSAXYTZv_3cPp3K6_G6cybem9cdGtB2r-o03_Moa95w4xmX2vF9aNwXLXjkhFWIq0ehtY3vh0-xytwZ6Dc6Ximb68fxQAdA63bwpgGebw25q2hhYNYP5bwWnAqU86Xm1PNuCDbHDypasHzur2o_VAUmlBcmqaQujAkNh3JthLJTbKIu9fX666DW5HbtXfedZqe9Fz1zdSsbxyBpsiUFhBHZhpnu2KhYVGX7XjsESeoFKCgWtqDp8vF9xkoKlKzmPrBouusJAOdLQ944DuSqpPZs4bn24EyP_WmzI76KYEiQ; expires=Mon, 22-Jul-2019 08:24:12 GMT; Max-Age=2592000; path=/; domain=tonplancul.com promo_code=102872; expires=Mon, 22-Jul-2019 08:24:12 GMT; Max-Age=2592000; path=/; domain=t26.tonplancul.com ev=xc1561191851cba805d0de5abeddf3892162270; expires=Mon, 22-Jul-2019 08:24:12 GMT; Max-Age=2592000; path=/; domain=t26.tonplancul.com keyword=874; expires=Mon, 22-Jul-2019 08:24:12 GMT; Max-Age=2592000; path=/; domain=t26.tonplancul.com APPID=promo SERVERID=wbs03; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4eacd3156c05bc42-LHR
content-encoding
br

Redirect headers

status
302
date
Sat, 22 Jun 2019 08:24:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d64e02c2a2d94c2bc8758ce816174f8441561191852; expires=Sun, 21-Jun-20 08:24:12 GMT; path=/; domain=.tonplancul.com; HttpOnly SERVERID=wbs01; path=/
location
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4eacd314ab02bc42-LHR
landing0023.css
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/ 		63 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0023.css?v=1.168.1.master.20190612133759
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fb95973ffa7533553fdea79211747767102323b0b227a8cfb3b12dc0f4dcdf98

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 12 Jun 2019 11:42:11 GMT
server
NetDNA-cache/2.2
etag
W/"5d00e513-fb60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
public, max-age=2592000
cf-ray
4ea0d4942837bef6-FRA
expires
Sat, 20 Jul 2019 21:28:04 GMT
mail_icon.png
t26.tonplancul.com/img/modal/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t26.tonplancul.com/img/modal/mail_icon.png?v=1.168.1.master.20190612133759
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.80.35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3870a28a2bc08b938bccff67416bbd7d338df5ac0e0736d0e08b1e63de4150d9

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2019 11:36:28 GMT
server
cloudflare
etag
"5d00e3bc-23ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4eacd317efc4bc42-LHR
content-length
9215
expires
Mon, 22 Jul 2019 08:24:12 GMT
location.jpg
static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0023/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-03-2ug82pacs7u3bksy.netdna-ssl.com/promo-static/img/landing0023/location.jpg?v=1.168.1.master.20190612133759
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d70bc333d8557f3a9d179fc247554703d7aa0c559e92ad0b56a5f48da8dfb38b

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 13 Oct 2017 11:43:26 GMT
server
NetDNA-cache/2.2
etag
"59e0a6de-5c7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
4ea91288ced02742-FRA
content-length
23679
expires
Sat, 22 Jun 2019 21:28:28 GMT
loading.gif
t26.tonplancul.com/img/_forms/steps0014/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t26.tonplancul.com/img/_forms/steps0014/loading.gif?v=1.168.1.master.20190612133759
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.80.35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2019 11:36:28 GMT
server
cloudflare
etag
"5d00e3bc-16cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4eacd3185863bc42-LHR
content-length
5837
expires
Mon, 22 Jul 2019 08:24:12 GMT
landing1560339607205.min.js
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/landing1560339607205.min.js
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
22211e371e46f175c6e2042f34756820cca00a808d3c3edb8c16cc2b52974c12

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 12 Jun 2019 11:42:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d00e51f-4834"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=2592000
cf-ray
4ea0d4942c90648b-FRA
expires
Sat, 20 Jul 2019 21:28:04 GMT
hotjar-1350808.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1350808.js?sv=6
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.81.98 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-30
Software
openresty /
Resource Hash
f87981aa517a93e8b7399e91243d1277f797d928c41e97cf0d36c6a9f17da7c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
5
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1636
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/20b446d866c2c3b038302175dd5edd48
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.019
accept-ranges
bytes
section-io-id
688d221ed8606f27b86f29b7675a2430
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5825
date
Sat, 22 Jun 2019 06:47:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Sat, 22 Jun 2019 08:47:07 GMT
Roboto-Regular.woff
static-02-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-02-2ug82pacs7u3bksy.netdna-ssl.com/promo/node_modules/g4.font.family/fonts/Roboto-Regular.woff?1545811722
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8e363031576e1d8c7d18952dd2fb30006a8acd9937bc034d24017e650e803d78

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/css/pages/landing0023.css?v=1.168.1.master.20190612133759
Origin
https://t26.tonplancul.com

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
cf-cache-status
MISS
last-modified
Wed, 12 Jun 2019 11:42:02 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"5d00e50a-12140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
content-type
application/font-woff
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
4ea0d43effe863b3-FRA
content-length
74048
expires
Sat, 20 Jul 2019 21:27:50 GMT
landing.js
static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/dist/ 		1 MB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/dist/landing.js?v=1.168.1.master.20190612133759
Requested by
Host: static-01-2ug82pacs7u3bksy.netdna-ssl.com
URL: https://static-01-2ug82pacs7u3bksy.netdna-ssl.com/promo/js/landing1560339607205.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.33 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
1c5f5d86093f5a6592883a596b19d459548c005d098b62babfc3683cd9d1a7d6

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:12 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 12 Jun 2019 11:42:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d00e51f-10149b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=2592000
cf-ray
4ea0d440891597c0-FRA
expires
Sat, 20 Jul 2019 21:27:51 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&a=805272528&t=pageview&_s=1&dl=https%3A%2F%2Ft26.tonplancul.com%2F%3Fq%3D%2Fa%2Fff0026%2F%26promo_code%3D102872%26ev%3Dxc1561191851cba805d0de5abeddf3892162270%26keyword%3D874%26pass%3Dxc1561191851cba805d0de5abeddf3892162270%26m%3D0%7C0%7C0%7C0%26email%3D%26email_encoded%3D%26flow%3D6&dr=http%3A%2F%2Fdlvr.xcash.com%2Fr%3Furl%3Dhttps%253A%252F%252Ftrk.tonplancul.com%252Fa%252Fff0026%252F%253Fpromo_code%253D102872%2526ev%253Dxc1561191851cba805d0de5abeddf3892162270%2526keyword%253D874%2526pass%253Dxc1561191851cba805d0de5abeddf3892162270%2526m%253D0%257C0%257C0%257C0%2526email%253D%2526email_encoded%253D%2526flow%253D6%26redirect_back%3D%252F%252Fdlvr.xcash.com%252F30037%252F%253Fsession_id%253D10231fa3e29f02cf1d7313be4950f9%2526subaffiliate_id%253DGSL-5485%2526external_capmaign%253D%2526tt%253D1&ul=en-us&de=UTF-8&dt=Ton%20Plan%20Cul%3A%20Rencards%20et%20Rendez-vous%20informels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1030438692&gjid=2029171412&cid=1327554999.1561191853&tid=UA-87667025-7&_gid=143559071.1561191853&_r=1&z=770274671
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jun 2019 08:24:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.6ff3427987249f01e9b6.js
script.hotjar.com/ 		425 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6ff3427987249f01e9b6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1350808.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.1 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-23
Software
/
Resource Hash
beaac275415a843d4c8eafd214cbefe2eaa096de538e49bbb48c99cb00024aba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 11:28:24 GMT
access-control-allow-origin
*
etag
W/"9016a8ef7325319177f85c7d66dde5d1"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.042
section-io-origin-status
200
accept-ranges
bytes
section-io-id
5e87f1b57067bfbb649c48efb60b122c
content-length
90728
box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame 221C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1350808.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.23 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-21
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-90f3a29ef7448451db5af955688970d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6

Response headers

status
200
date
Sat, 22 Jun 2019 08:24:13 GMT
content-type
text/html
content-length
967
cache-control
max-age=31536000
last-modified
Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.042
etag
W/"90f3a29ef7448451db5af955688970d7"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
4e1115bf6fe6d8a6d20ad373548f4f5c
nr-1123.min.js
js-agent.newrelic.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1123.min.js
Requested by
Host: t26.tonplancul.com
URL: https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 22 Jun 2019 08:24:13 GMT
content-encoding
gzip
x-amz-request-id
11C5C7A965BA87C1
x-cache
HIT
status
200
content-length
9288
x-amz-id-2
EK07tFPgO0Adqe06zFaM5zuj5+H9uyW0kiPh/chg/0ZHphDJ5LNlrUa2Fz/lOZ6mTor11cv23gk=
x-served-by
cache-hhn1534-HHN
last-modified
Fri, 22 Mar 2019 14:06:15 GMT
server
AmazonS3
x-timer
S1561191853.326677,VS0,VE0
etag
"7ffb242072196e9db5f4f1bfbfa2ed7d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
44577
6cbab69a58
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/6cbab69a58?a=192394552&v=1123.df1c7f8&to=ZlNaYhEDDEBYBUZQDF8Ze0MQFg1eFiNHXTNDWVVZTDIQXFQJHXANVVNAGSoMBlZB&rst=1198&ref=https://t26.tonplancul.com/&ap=304&be=631&fe=1122&dc=708&perf=%7B%22timing%22:%7B%22of%22:1561191852143,%22n%22:0,%22f%22:200,%22dn%22:200,%22dne%22:200,%22c%22:200,%22ce%22:200,%22rq%22:231,%22rp%22:615,%22rpe%22:627,%22dl%22:620,%22di%22:707,%22ds%22:707,%22de%22:708,%22dc%22:1120,%22l%22:1120,%22le%22:1137%7D,%22navigation%22:%7B%7D%7D&at=ShRZFFkZH04%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1123.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://t26.tonplancul.com/?q=/a/ff0026/&promo_code=102872&ev=xc1561191851cba805d0de5abeddf3892162270&keyword=874&pass=xc1561191851cba805d0de5abeddf3892162270&m=0|0|0|0&email=&email_encoded=&flow=6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| hj object| _hjSettings object| URL_PARAMS object| SITE_PRODUCT string| DOMAIN string| ENV object| WL_SITE string| SITE_NAME string| SITE_LAYOUT string| SITE_TYPE string| THIRD_PARTY_VIDEO_ID string| CURRENT_LANG object| TRANSLATIONS object| STATIC_DOMAINS object| SITE_VARIABLES object| ERROR_MESSAGES object| SUCCESS_MESSAGES object| NDConfig function| requirejs function| require function| define string| GOOGLE_ANALYTICS_CODE string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| Twig function| $ function| jQuery function| Bloodhound function| Swiper function| HotjarBasicDataStorage function| HotjarCollectionDataStorage

11 Cookies

Domain/Path Name / Value
.tonplancul.com/ Name: _gid
Value: GA1.2.143559071.1561191853
.tonplancul.com/ Name: _ga
Value: GA1.2.1327554999.1561191853
.tonplancul.com/ Name: _gat
Value: 1
t26.tonplancul.com/ Name: APPID
Value: promo
.t26.tonplancul.com/ Name: ev
Value: xc1561191851cba805d0de5abeddf3892162270
.t26.tonplancul.com/ Name: keyword
Value: 874
.t26.tonplancul.com/ Name: promo_code
Value: 102872
.tonplancul.com/ Name: pc_aff
Value: nNoRIzRele85GwzagvAgqhpNG9WOSlQCLgdM2U8tXOEBSAXYTZv_3cPp3K6_G6cybem9cdGtB2r-o03_Moa95w4xmX2vF9aNwXLXjkhFWIq0ehtY3vh0-xytwZ6Dc6Ximb68fxQAdA63bwpgGebw25q2hhYNYP5bwWnAqU86Xm1PNuCDbHDypasHzur2o_VAUmlBcmqaQujAkNh3JthLJTbKIu9fX666DW5HbtXfedZqe9Fz1zdSsbxyBpsiUFhBHZhpnu2KhYVGX7XjsESeoFKCgWtqDp8vF9xkoKlKzmPrBouusJAOdLQ944DuSqpPZs4bn24EyP_WmzI76KYEiQ
t26.tonplancul.com/ Name: SERVERID
Value: wbs03
.tonplancul.com/ Name: PHPSESSID
Value: ra13jc2ndaj6sr4rh96bt2pmh1
.tonplancul.com/ Name: __cfduid
Value: d64e02c2a2d94c2bc8758ce816174f8441561191852

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
clik.global-trk.com
clik.rfroute.com
dlvr.xcash.com
ezofferz.com
js-agent.newrelic.com
script.hotjar.com
static-01-2ug82pacs7u3bksy.netdna-ssl.com
static-02-2ug82pacs7u3bksy.netdna-ssl.com
static-03-2ug82pacs7u3bksy.netdna-ssl.com
static.hotjar.com
t26.tonplancul.com
touchme.space
trk.tonplancul.com
vars.hotjar.com
www.google-analytics.com
104.31.80.35
147.75.81.98
147.75.83.1
147.75.83.23
151.101.2.110
151.139.237.33
162.247.242.21
162.255.119.53
18.203.29.133
2606:4700:30::681b:8953
2a00:1450:4001:809::200e
52.50.109.222
54.72.199.154
1c5f5d86093f5a6592883a596b19d459548c005d098b62babfc3683cd9d1a7d6
22211e371e46f175c6e2042f34756820cca00a808d3c3edb8c16cc2b52974c12
3870a28a2bc08b938bccff67416bbd7d338df5ac0e0736d0e08b1e63de4150d9
6c2b47e41bd57ddae46bf7cfb5c9683fc4f7667db939f6a7c134df6fb7fbd344
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e363031576e1d8c7d18952dd2fb30006a8acd9937bc034d24017e650e803d78
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
94cdf5b7f868883de0e1248cd80b42dd84e3f38685f2b234747550c02190dc82
beaac275415a843d4c8eafd214cbefe2eaa096de538e49bbb48c99cb00024aba
d70bc333d8557f3a9d179fc247554703d7aa0c559e92ad0b56a5f48da8dfb38b
dfa0ad12a293332f47c0c0b7c4d7681d3670915a2f75f086aaf61b9a2835b24a
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f87981aa517a93e8b7399e91243d1277f797d928c41e97cf0d36c6a9f17da7c6
fb95973ffa7533553fdea79211747767102323b0b227a8cfb3b12dc0f4dcdf98