urlscan.io logo urlscan.io
SecurityTrails logo

www.jd-sports.com.au Open in urlscan Pro
92.123.3.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rasenalong.com/
Effective URL: https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_med...
Submission: On September 14 via manual from NO — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 18 domains to perform 47 HTTP transactions. The main IP is 92.123.3.124, located in and belongs to . The main domain is www.jd-sports.com.au.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 14th 2021. Valid for: a year.
This is the only time www.jd-sports.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 94.229.72.125 42831 (UKSERVERS...)
1 2 99.86.240.84 16509 (AMAZON-02)
2 34.194.66.161 14618 (AMAZON-AES)
1 2 35.180.17.130 16509 (AMAZON-02)
1 1 35.180.205.178 16509 (AMAZON-02)
1 185.25.205.112 60798 (ASSERVEREASY)
3 142.250.185.100 15169 (GOOGLE)
4 142.250.186.99 15169 (GOOGLE)
3 18.66.122.56 16509 (AMAZON-02)
3 3 99.86.240.22 16509 (AMAZON-02)
3 18.66.112.69 16509 (AMAZON-02)
7 130.211.115.4 396982 (GOOGLE-CL...)
2 142.250.184.227 15169 (GOOGLE)
1 1 99.80.208.222 16509 (AMAZON-02)
1 1 212.82.100.137 34010 (YAHOO-IRD)
1 1 204.79.197.200 8068 (MICROSOFT...)
1 1 172.217.16.206 15169 (GOOGLE)
1 1 142.250.185.102 ()
1 92.123.3.124 ()
47 12
1    94.229.72.125 (London, United Kingdom)

ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)
PTR: no.rdns.ukservers.com
rasenalong.com
2    99.86.240.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-84.vie50.r.cloudfront.net
r.lnk8j7.com
2    34.194.66.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-66-161.compute-1.amazonaws.com
brynh-lei.com
2    35.180.17.130 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-17-130.eu-west-3.compute.amazonaws.com
track.domainparkingmanager.it
1    35.180.205.178 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-205-178.eu-west-3.compute.amazonaws.com
service.no.like.it
1    185.25.205.112 (Acquapendente, Italy)

ASN60798 (ASSERVEREASY, IT)
PTR: 112.205.25.185.servereasy.it
no.like.it
3    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
4    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
3    18.66.122.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-56.fra60.r.cloudfront.net
js.ad-score.com
3    99.86.240.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-22.vie50.r.cloudfront.net
yu.imageadvantage.net
3    18.66.112.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-69.fra56.r.cloudfront.net
mr0.imageadvantage.net
7    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
1    99.80.208.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-208-222.eu-west-1.compute.amazonaws.com
ads.youniversalnext.com
1    212.82.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: ats1.l7.search.vip.ir2.yahoo.com
r.search.yahoo.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
www.bing.com
1    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net
clickserve.dartsearch.net
1    142.250.185.102 (None, )

ASN- ()
ad.doubleclick.net
1    92.123.3.124 (None, )

ASN- ()
www.jd-sports.com.au
Apex Domain
Subdomains		 Transfer
10 ad-score.com
js.ad-score.com — Cisco Umbrella Rank: 5466
data.ad-score.com — Cisco Umbrella Rank: 4615
127 KB
6 imageadvantage.net
yu.imageadvantage.net — Cisco Umbrella Rank: 490228
mr0.imageadvantage.net — Cisco Umbrella Rank: 243731
32 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
367 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 19
23 KB
2 like.it
service.no.like.it
no.like.it
10 KB
2 domainparkingmanager.it
track.domainparkingmanager.it — Cisco Umbrella Rank: 826850
552 B
2 brynh-lei.com
brynh-lei.com — Cisco Umbrella Rank: 114323
2 KB
2 lnk8j7.com
r.lnk8j7.com — Cisco Umbrella Rank: 319479
2 KB
1 jd-sports.com.au
www.jd-sports.com.au
1 doubleclick.net
ad.doubleclick.net
925 B
1 dartsearch.net
clickserve.dartsearch.net — Cisco Umbrella Rank: 3967
758 B
1 bing.com
www.bing.com — Cisco Umbrella Rank: 100
1 KB
1 yahoo.com
r.search.yahoo.com — Cisco Umbrella Rank: 10486
2 KB
1 youniversalnext.com
ads.youniversalnext.com — Cisco Umbrella Rank: 556883
1 KB
1 rasenalong.com
rasenalong.com
457 B
0 amplience.net Failed
i8.amplience.net Failed
0 monetate.net Failed
se.monetate.net Failed
0 bootstrapcdn.com Failed
maxcdn.bootstrapcdn.com Failed
47 18
Domain Requested by
7 data.ad-score.com js.ad-score.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 mr0.imageadvantage.net no.like.it
3 yu.imageadvantage.net 3 redirects
3 js.ad-score.com r.lnk8j7.com
js.ad-score.com
3 www.google.com no.like.it
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 track.domainparkingmanager.it 1 redirects brynh-lei.com
2 brynh-lei.com r.lnk8j7.com
brynh-lei.com
2 r.lnk8j7.com 1 redirects
1 www.jd-sports.com.au no.like.it
www.jd-sports.com.au
1 ad.doubleclick.net 1 redirects
1 clickserve.dartsearch.net 1 redirects
1 www.bing.com 1 redirects
1 r.search.yahoo.com 1 redirects
1 ads.youniversalnext.com 1 redirects
1 no.like.it track.domainparkingmanager.it
1 service.no.like.it 1 redirects
1 rasenalong.com 1 redirects
0 i8.amplience.net Failed www.jd-sports.com.au
0 se.monetate.net Failed www.jd-sports.com.au
0 maxcdn.bootstrapcdn.com Failed www.jd-sports.com.au
47 22

This site contains no links.

Subject Issuer Validity Valid
lnk8j7.com
Amazon		 2022-01-03 -
2023-02-01		 a year crt.sh
brynh-lei.com
Amazon		 2022-05-04 -
2023-06-02		 a year crt.sh
panel.parkmydomain.it
R3		 2022-09-03 -
2022-12-02		 3 months crt.sh
no.like.it
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2022-09-02 -
2023-10-04		 a year crt.sh
www.jdsports.co.uk
GeoTrust RSA CA 2018		 2021-11-14 -
2022-11-15		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%7C%20BM&utm_term=womens%20dresses&utm_content=Generics%20%7C%20Clothing%20%7C%20Womens%20%7C%20BM&gclid=90202d304e9615fd12844e112b2b1328&gclsrc=3p.ds
Frame ID: 129F6D89146BA240A2C65697D2731F56
Requests: 40 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000830
Frame ID: 296C7B3BF76F741BEE374E8D1A525A6C
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 87A16E7C3EE17AEC6751CAF09C41A9F2
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Frame ID: 53B87AE332A0F36B26D652FEDA2F9451
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rasenalong.com/ HTTP 302
    https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campai... Page URL
  2. https://r.lnk8j7.com/link/br/q8LQ75wk2ZnRfE1vjvU9HN?referrer=undefined&campaign_id=fxQJojW2AQU7Xr... HTTP 302
    https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15c... Page URL
  3. https://brynh-lei.com/zcredirect?visitid=9c7c4916-33ed-11ed-94ba-12f6d7d015e1&type=js&browserWidth... Page URL
  4. https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr9c7c491633ed11ed94ba12f6d7d01... Page URL
  5. https://track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4ba... HTTP 302
    https://service.no.like.it/in.ashx?c=1171 HTTP 302
    https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no Page URL
  6. https://ads.youniversalnext.com/toc.php?out=eNptVWuPokoQ_S8m8-3OTD9EZZL5oAKjjoAgDyGTGOhG5amLD4Sb-99voeNmN7tG... HTTP 301
    https://r.search.yahoo.com/cbclk/dWU9RENDMzUwQjVBODFFNDIyNSZ1dD0xNjYzMTMzMTE3NDM3JnVvPTc3NjUzMjA0NjYwOT... HTTP 302
    https://www.bing.com/aclick?ld=e8SQBoPKYrgCKj-6dK7XzabzVUCUyviLVUn3vbFORE9VzaDDUrMnIxWmUwuLe1SRFx... HTTP 302
    https://clickserve.dartsearch.net/link/click?lid=43700072113715286&ds_s_kwgid=58700007933145967&ds_a_cid=40048... HTTP 302
    https://ad.doubleclick.net/ddm/clk/409202527;209421286;a;u=ds&sv1=72113715286&sv2=3326266247519922&sv3=... HTTP 302
    https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

47
Requests

53 %
HTTPS

0 %
IPv6

18
Domains

22
Subdomains

12
IPs

5
Countries

560 kB
Transfer

1437 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rasenalong.com/ HTTP 302
    https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB Page URL
  2. https://r.lnk8j7.com/link/br/q8LQ75wk2ZnRfE1vjvU9HN?referrer=undefined&campaign_id=fxQJojW2AQU7XrX3b49nMB&u=http%3A%2F%2Frasenalong.com HTTP 302
    https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97 Page URL
  3. https://brynh-lei.com/zcredirect?visitid=9c7c4916-33ed-11ed-94ba-12f6d7d015e1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
  4. https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a9940a9f82420dfcc067517189cbea80dda Page URL
  5. https://track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a&cost=0.010000 HTTP 302
    https://service.no.like.it/in.ashx?c=1171 HTTP 302
    https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no Page URL
  6. https://ads.youniversalnext.com/toc.php?out=eNptVWuPokoQ_S8m8-3OTD9EZZL5oAKjjoAgDyGTGOhG5amLD4Sb-99voeNmN7tGxKqurjp9TnX3vx2WxVFxWse889ZB7UcYdP7pHONTdPcJlHTBERwOYJyi6ymLixQcp2PnDfd6FFOKcf-fDo-iw23orbM7nQ7Ht6_Xr9fy5RgFJdu91MFuv39h-_zrlYUsS79euWuLpqxJamNXRuKMdElRNGlaa0sfcwldtcRrVEuFR6YQRWeFc1lYjGqJ3ajJEMF4pVusnuVXtLCmOWsQ_Heahe1VkWTqgcsntqKeA1lGTNaKINM8mzpBIIvYW40SJ80K3z0i7u67muwLPMtoiOXT3Hh-_no1nXcCv_L7bYk9LOI-mPo7RvCy328rfKLBE9nAt6qqlzAutu36wAyAUpY-0U3GnyiPBktjtF98euV2_Jk89_hnf9UEYePYY7u-xHPHLuglVHRTFp0mkCS7VIvp1c3t6jyP8NJUrluC1vpgPGxyXzmvjUV2GfnPWKmasdoI25T3t565uPgD9oMvhwI3g0GwzDfejx-2d70mx-f1ahvvw7Eqjyw3HdUzZVrHu4n37B0r5O4WSlSVuW4Yg_7208XuXHkivTMADyYmYhM1U4mcqbkHj5-EH1kSUC1jhZ_Nc3PHCrPxXaX2yPYc5g6aWbMcYs5Bbdd-rh0DVytnltb6UninrZCqNKy0ZnoFcalq2bUuQe7ETxkWmxU5UZ98x1rbW6wqMQHa4KpJtqAl7BG7WxHt4I_txpcMiDG6ujSttKVda7kJeZSNR5TvcWighlW6NCS6JV9n1pT4E23jOeLuUUu1DGioLTSXjNSG_RoDazCAA7PkxDhBMwKOaVdrhoDjJ-4M6qX3OANqeVhtAIvkEVVKqRo_MDkb_qHUPnHQ6rtuQHk6fzR1kyIV5uiWTdr6Dwy-I579lUlDOmu5TFn9nY86daiI5Ib_Zw0zY9Tc8NXseMv_p4aUU3YOcuPE6OjS6jfPtUu4FHYcuPMLfgld59zqyIl48l2hmbvaMaTmPnCFovX7kxnUgB5oNY6B35wnD311a1ir0ixVmyHyrZSolpMD_6CxAbZ8VfNp7SUybOBty13hkWvD8haf0bCxcF_bbS24gbHym1NBBW3V3GhUycx0y7tqrg-agQ5ggyaQcxZDP9U67CmtcFDoiE0I_HjEbrWL79inhK_M04rgzP_IcLgE7B9a5dU_5ySeiyvPzYqwXZesODAHw2EDWG1qtHHWtLLSaWvXalvL4tI9ZjQBrjKWZwn7jmv9GlLvsfKvHP6Z00hRywfmHxh6BHRtsU3uWjzy_cr7A29IBAR1Ucu9SRzok9nBo-rf8Enhh4gC2Jv-3_Apv9f6HftMgyOhzOL2OBMRQYRT1I3EHhY2HJNBtxthTEISYkoGcDx-3o7O5Xt2GfbldXzo4n1vzZn0MVEu5np6vpjbZ7hA8qBMoxNcF8UerEO5v8Q8KsHeX6LydC4j8J6PUQkZwIn7gxciCC-4O3jBfdReUftzyaL1uczWu-C4gxjKuojDPUQEilgQYFEgg2DQEwmJcA_1mLhBgtgnvXby7Vq633DSeEwFNBKGAyx3CRE6__0PPRBThQ.. HTTP 301
    https://r.search.yahoo.com/cbclk/dWU9RENDMzUwQjVBODFFNDIyNSZ1dD0xNjYzMTMzMTE3NDM3JnVvPTc3NjUzMjA0NjYwOTcyJmx0PTImcz0yJmVzPUYweDROaWdHUFMuaEE0cENnalNYU3VaaE91YXBjVklnZWs0dWo4NEZ5dll3b1EtLQ--/RV=2/RE=1663161917/RO=10/RU=https%3a%2f%2fwww.bing.com%2faclick%3fld%3de8SQBoPKYrgCKj-6dK7XzabzVUCUyviLVUn3vbFORE9VzaDDUrMnIxWmUwuLe1SRFxg20_O8CAzmZFu_QPlvBZ-1FwzCMz5gkd7gYRPvZ8cqdSA5dRa8aSmfYqqUYxxjs-_XgiobCMEBTWkByJFIyihHY-Ysw0WhPFewrmOQQ87gKW1WLF%26u%3daHR0cHMlM2ElMmYlMmZjbGlja3NlcnZlLmRhcnRzZWFyY2gubmV0JTJmbGluayUyZmNsaWNrJTNmbGlkJTNkNDM3MDAwNzIxMTM3MTUyODYlMjZkc19zX2t3Z2lkJTNkNTg3MDAwMDc5MzMxNDU5NjclMjZkc19hX2NpZCUzZDQwMDQ4ODIwNSUyNmRzX2FfY2FpZCUzZDE3NzcwODA2OTExJTI2ZHNfYV9hZ2lkJTNkMTQ0Njg3NjE0MzcxJTI2ZHNfYV9saWQlM2Rrd2QtMTExNDI4NzAlMjYlMjZkc19lX2FkaWQlM2Q3NzY1MzIwNDY2MDk3MiUyNmRzX2VfdGFyZ2V0X2lkJTNka3dkLTc3NjUzMzk0MDY2OTU2JTI2JTI2ZHNfZV9uZXR3b3JrJTNkcyUyNmRzX3VybF92JTNkMiUyNmRzX2Rlc3RfdXJsJTNkaHR0cHMlM2ElMmYlMmZ3d3cuamQtc3BvcnRzLmNvbS5hdSUyZndvbWVuJTJmd29tZW5zLWNsb3RoaW5nJTJmZHJlc3NlcyUyZiUzZmdjbGlkJTNkOTAyMDJkMzA0ZTk2MTVmZDEyODQ0ZTExMmIyYjEzMjglMjZnY2xzcmMlM2QzcC5kcyUyNiUyNm1zY2xraWQlM2Q5MDIwMmQzMDRlOTYxNWZkMTI4NDRlMTEyYjJiMTMyOCUyNnV0bV9zb3VyY2UlM2RiaW5nJTI2dXRtX21lZGl1bSUzZGNwYyUyNnV0bV9jYW1wYWlnbiUzZEFVJTI1MjAlMjU3QyUyNTIwTkIlMjUyMCUyNTdDJTI1MjBHZW5lcmljcyUyNTIwJTI1N0MlMjUyMENsb3RoaW5nJTI1MjAlMjU3QyUyNTIwQk0lMjZ1dG1fdGVybSUzZHdvbWVucyUyNTIwZHJlc3NlcyUyNnV0bV9jb250ZW50JTNkR2VuZXJpY3MlMjUyMCUyNTdDJTI1MjBDbG90aGluZyUyNTIwJTI1N0MlMjUyMFdvbWVucyUyNTIwJTI1N0MlMjUyMEJN%26rlid%3d90202d304e9615fd12844e112b2b1328/RK=2/RS=lvA7E_ip41o6_dcDGHFvR_IuvRg- HTTP 302
    https://www.bing.com/aclick?ld=e8SQBoPKYrgCKj-6dK7XzabzVUCUyviLVUn3vbFORE9VzaDDUrMnIxWmUwuLe1SRFxg20_O8CAzmZFu_QPlvBZ-1FwzCMz5gkd7gYRPvZ8cqdSA5dRa8aSmfYqqUYxxjs-_XgiobCMEBTWkByJFIyihHY-Ysw0WhPFewrmOQQ87gKW1WLF&u=aHR0cHMlM2ElMmYlMmZjbGlja3NlcnZlLmRhcnRzZWFyY2gubmV0JTJmbGluayUyZmNsaWNrJTNmbGlkJTNkNDM3MDAwNzIxMTM3MTUyODYlMjZkc19zX2t3Z2lkJTNkNTg3MDAwMDc5MzMxNDU5NjclMjZkc19hX2NpZCUzZDQwMDQ4ODIwNSUyNmRzX2FfY2FpZCUzZDE3NzcwODA2OTExJTI2ZHNfYV9hZ2lkJTNkMTQ0Njg3NjE0MzcxJTI2ZHNfYV9saWQlM2Rrd2QtMTExNDI4NzAlMjYlMjZkc19lX2FkaWQlM2Q3NzY1MzIwNDY2MDk3MiUyNmRzX2VfdGFyZ2V0X2lkJTNka3dkLTc3NjUzMzk0MDY2OTU2JTI2JTI2ZHNfZV9uZXR3b3JrJTNkcyUyNmRzX3VybF92JTNkMiUyNmRzX2Rlc3RfdXJsJTNkaHR0cHMlM2ElMmYlMmZ3d3cuamQtc3BvcnRzLmNvbS5hdSUyZndvbWVuJTJmd29tZW5zLWNsb3RoaW5nJTJmZHJlc3NlcyUyZiUzZmdjbGlkJTNkOTAyMDJkMzA0ZTk2MTVmZDEyODQ0ZTExMmIyYjEzMjglMjZnY2xzcmMlM2QzcC5kcyUyNiUyNm1zY2xraWQlM2Q5MDIwMmQzMDRlOTYxNWZkMTI4NDRlMTEyYjJiMTMyOCUyNnV0bV9zb3VyY2UlM2RiaW5nJTI2dXRtX21lZGl1bSUzZGNwYyUyNnV0bV9jYW1wYWlnbiUzZEFVJTI1MjAlMjU3QyUyNTIwTkIlMjUyMCUyNTdDJTI1MjBHZW5lcmljcyUyNTIwJTI1N0MlMjUyMENsb3RoaW5nJTI1MjAlMjU3QyUyNTIwQk0lMjZ1dG1fdGVybSUzZHdvbWVucyUyNTIwZHJlc3NlcyUyNnV0bV9jb250ZW50JTNkR2VuZXJpY3MlMjUyMCUyNTdDJTI1MjBDbG90aGluZyUyNTIwJTI1N0MlMjUyMFdvbWVucyUyNTIwJTI1N0MlMjUyMEJN&rlid=90202d304e9615fd12844e112b2b1328 HTTP 302
    https://clickserve.dartsearch.net/link/click?lid=43700072113715286&ds_s_kwgid=58700007933145967&ds_a_cid=400488205&ds_a_caid=17770806911&ds_a_agid=144687614371&ds_a_lid=kwd-11142870&&ds_e_adid=77653204660972&ds_e_target_id=kwd-77653394066956&&ds_e_network=s&ds_url_v=2&ds_dest_url=https://www.jd-sports.com.au/women/womens-clothing/dresses/?gclid=90202d304e9615fd12844e112b2b1328&gclsrc=3p.ds&&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%7C%20BM&utm_term=womens%20dresses&utm_content=Generics%20%7C%20Clothing%20%7C%20Womens%20%7C%20BM HTTP 302
    https://ad.doubleclick.net/ddm/clk/409202527;209421286;a;u=ds&sv1=72113715286&sv2=3326266247519922&sv3=5477412622771855815&gclid=90202d304e9615fd12844e112b2b1328;%3fhttps://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%7C%20BM&utm_term=womens%20dresses&utm_content=Generics%20%7C%20Clothing%20%7C%20Womens%20%7C%20BM&gclid=90202d304e9615fd12844e112b2b1328&gclsrc=3p.ds HTTP 302
    https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%7C%20BM&utm_term=womens%20dresses&utm_content=Generics%20%7C%20Clothing%20%7C%20Womens%20%7C%20BM&gclid=90202d304e9615fd12844e112b2b1328&gclsrc=3p.ds Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rasenalong.com/ HTTP 302
  • https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Request Chain 1
  • https://r.lnk8j7.com/link/br/q8LQ75wk2ZnRfE1vjvU9HN?referrer=undefined&campaign_id=fxQJojW2AQU7XrX3b49nMB&u=http%3A%2F%2Frasenalong.com HTTP 302
  • https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
Request Chain 4
  • https://track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a&cost=0.010000 HTTP 302
  • https://service.no.like.it/in.ashx?c=1171 HTTP 302
  • https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Request Chain 8
  • https://yu.imageadvantage.net/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02.jpg?pid=9653.100&qs=yvF%7Bvnjt%23%7C%24ksjyvnw-bi%7C%40%C2%80%7B%7E%2Fxz%7Cumniy4qx3ksjyvnw-uyr%40Mvltxkv%29su%21Xgon%244%21Xnry%24Ksjyvnw%27Psrlwi-ejy%40%5Clvq%25zkn%24Sbykv%7D%24Ksjyvnw%27Dtrong%7Bjttv%29e%7B%21Xz%7Cumniy4%23Pvlby%26Vnpldyorw%24vg%25Junwzfx%26d%7D%24Sp%7C%26S%7Bmjfx4&d=www.stylight.no%2Fdresses HTTP 302
  • https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Fxz%257Cumniy4qx3ksjyvnw-uyr%2540Mvltxkv%2529su%2521Xgon%25244%2521Xnry%2524Ksjyvnw%2527Psrlwi-ejy%2540%255Clvq%2525zkn%2524Sbykv%257D%2524Ksjyvnw%2527Dtrong%257Bjttv%2529e%257B%2521Xz%257Cumniy4%2523Pvlby%2526Vnpldyorw%2524vg%2525Junwzfx%2526d%257D%2524Sp%257C%2526S%257Bmjfx4&d=www.stylight.no%252Fdresses
Request Chain 9
  • https://yu.imageadvantage.net/3/77/6E/5DACDD2DFDEECA214F1351B7707.jpg?pid=9653.100&qs=yvF%7Bvnjt%23%7C%24ksjyvnw-bi%7C%40%C2%80%7B%7E%2Ffyr%7C2jpr5Gjqllouonv-uyr%40O%C3%A9%27hwgwrw%27mj%7Ch%7Bmuh3%260%29Wopu%26Gjqllouonv-ejy%40Omuo%25kw%29w%7Bpwz%23%7Ex%7Dbqm%23mizjlth%7Bi3%21rkutiy-%25uj%29w%7Bjqku7%24Vqujdp%24tpyk%23xrsjsk%24%29R%C2%80%21p%7BqmiF%21Gxxt%24rpikq%29LLMQUD%5CSZ%21n%26njwzfs%26rp%24m%C3%A6%2583%29%29%27sfhd%7Dx%27puvwrp%27lw%26692&d=www.asos.com%2FDamekjoler HTTP 302
  • https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/3/77/6E/5DACDD2DFDEECA214F1351B7707&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Ffyr%257C2jpr5Gjqllouonv-uyr%2540O%25C3%25A9%2527hwgwrw%2527mj%257Ch%257Bmuh3%25260%2529Wopu%2526Gjqllouonv-ejy%2540Omuo%2525kw%2529w%257Bpwz%2523%257Ex%257Dbqm%2523mizjlth%257Bi3%2521rkutiy-%2525uj%2529w%257Bjqku7%2524Vqujdp%2524tpyk%2523xrsjsk%2524%2529R%25C2%2580%2521p%257BqmiF%2521Gxxt%2524rpikq%2529LLMQUD%255CSZ%2521n%2526njwzfs%2526rp%2524m%25C3%25A6%252583%2529%2529%2527sfhd%257Dx%2527puvwrp%2527lw%2526692&d=www.asos.com%252FDamekjoler
Request Chain 10
  • https://yu.imageadvantage.net/6/18/04/525E6303AC3367CB2591D1C6291.jpg?pid=9653.100&qs=yvF%7Bvnjt%23%7C%24ksjyvnw-bi%7C%40%C2%80%7B%7E%2Foj0%7Ctvsyy1lst%2Ff%7B2%C2%80stfsy2lpvumoqp%2A%7BuqCVqsw%21%5Cupnrz%21Hrr%7Dlpol%260%29Wopu%26Zrxo%21Flwnvwb%7E%2CgnwDTmus%29Xof%25Rd%7Dizu%25Irupldyorww%27Utjd%C2%822%27Hjz%23%5Dll%21Qgwnw%7B%21Xz%7Cuiz%21%2Bgpy%3F%27dtrr%7Ev%7Eb%7Ey1%29Wopu%26Wqi%27Mfzh%7Cx%27Dtrong%7Bjttv%29%2AhnuA%23Jtwbwko%29e%7B%21OJ%23%5Ctvsyy%23Jyzuwgore5&d=www.jd-sports.com.au%2Fwomens%2Fclothing HTTP 302
  • https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/18/04/525E6303AC3367CB2591D1C6291&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Foj0%257Ctvsyy1lst%252Ff%257B2%25C2%2580stfsy2lpvumoqp%252A%257BuqCVqsw%2521%255Cupnrz%2521Hrr%257Dlpol%25260%2529Wopu%2526Zrxo%2521Flwnvwb%257E%252CgnwDTmus%2529Xof%2525Rd%257Dizu%2525Irupldyorww%2527Utjd%25C2%25822%2527Hjz%2523%255Dll%2521Qgwnw%257B%2521Xz%257Cuiz%2521%252Bgpy%253F%2527dtrr%257Ev%257Eb%257Ey1%2529Wopu%2526Wqi%2527Mfzh%257Cx%2527Dtrong%257Bjttv%2529%252AhnuA%2523Jtwbwko%2529e%257B%2521OJ%2523%255Ctvsyy%2523Jyzuwgore5&d=www.jd-sports.com.au%252Fwomens%252Fclothing

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
q8LQ75wk2ZnRfE1vjvU9HN
r.lnk8j7.com/link/br-js-fraud/
Redirect Chain
  • http://rasenalong.com/
  • https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-84.vie50.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
553
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 05:25:15 GMT
etag
W/"63a-VSgvGaHygXzwe4aKMceR7gKH8YA"
expires
0
pragma
no-cache
referrer-policy
none no-referrer none, no-referrer
surrogate-control
no-store
via
1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
x-amz-apigw-id
YbzVQHYlIAMFYIw=
x-amz-cf-id
8nFmdU6u4Lt9iRq8PyUmtkYHOKje2gjmEjPUfv57mNX9TquJh9niMA==
x-amz-cf-pop
VIE50-C1
x-amzn-remapped-content-length
1594
x-amzn-requestid
a32fe769-0e88-46c9-ac23-c77d1961e36b
x-amzn-trace-id
Root=1-632165bb-658bdaf61d19b270161b59e4;Sampled=0
x-cache
Miss from cloudfront
x-powered-by
Express

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Wed, 14 Sep 2022 05:25:14 GMT
location
https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
server
nginx
1fe9cab0-90fa-11e9-a574-0a15cb739170
brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/
Redirect Chain
  • https://r.lnk8j7.com/link/br/q8LQ75wk2ZnRfE1vjvU9HN?referrer=undefined&campaign_id=fxQJojW2AQU7XrX3b49nMB&u=http%3A%2F%2Frasenalong.com
  • https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
998 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
Requested by
Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.66.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-66-161.compute-1.amazonaws.com
Software
wbQqZArb /
Resource Hash
2453b3ec2381fb71f9704790a42221fbd2d377b4ab97dcf29e9a6c5823b05fd4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 14 Sep 2022 05:25:16 GMT
server
wbQqZArb
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
185
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 05:25:15 GMT
expires
0
location
https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
pragma
no-cache
referrer-policy
unsafe-url
surrogate-control
no-store
vary
Accept
via
1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
x-amz-apigw-id
YbzVVEIOIAMF7Mg=
x-amz-cf-id
2kungSO0Q8eolUITcAONrqfTZsFMtnhg51V4a29S8czTJdllbBhfxg==
x-amz-cf-pop
VIE50-C1
x-amzn-remapped-content-length
350
x-amzn-requestid
b54f0e15-58e7-4210-9fa3-20e51d2d2886
x-amzn-trace-id
Root=1-632165bb-56357ae40c47dee16740b7cc;Sampled=0
x-cache
Miss from cloudfront
x-powered-by
Express
zcredirect
brynh-lei.com/ 		516 B
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://brynh-lei.com/zcredirect?visitid=9c7c4916-33ed-11ed-94ba-12f6d7d015e1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Requested by
Host: brynh-lei.com
URL: https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.66.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-66-161.compute-1.amazonaws.com
Software
sdihWMgv /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://brynh-lei.com/zcvisitor/9c7c4916-33ed-11ed-94ba-12f6d7d015e1/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=e87e3540-17b8-11ed-9215-0a918cbcbb97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 14 Sep 2022 05:25:16 GMT
redirected
JS
server
sdihWMgv
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp
default-src 'self'; script-src 'self' 'unsafe-inline'
tm.ashx
track.domainparkingmanager.it/ 		225 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a9940a9f82420dfcc067517189cbea80dda
Requested by
Host: brynh-lei.com
URL: https://brynh-lei.com/zcredirect?visitid=9c7c4916-33ed-11ed-94ba-12f6d7d015e1&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.180.17.130 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-17-130.eu-west-3.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://brynh-lei.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private
content-encoding
gzip
content-length
309
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 05:25:16 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
Search
no.like.it/
Redirect Chain
  • https://track.domainparkingmanager.it/tm2.ashx?&source=zp-1-1891178&pubid=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a&cost=0.010000
  • https://service.no.like.it/in.ashx?c=1171
  • https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Requested by
Host: track.domainparkingmanager.it
URL: https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a9940a9f82420dfcc067517189cbea80dda
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.25.205.112 Acquapendente, Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
112.205.25.185.servereasy.it
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ba3e1b891a511c5faafb954580e7333e68bdf3a062f3b239f623bb9cdc2e1fbf

Request headers

Referer
https://track.domainparkingmanager.it/tm.ashx?source=zp-1-1891178&det=0.010000&gio=zr9c7c491633ed11ed94ba12f6d7d015e1d3e4bae6af81425a9940a9f82420dfcc067517189cbea80dda
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

content-encoding
gzip
content-length
9974
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 05:22:39 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
content-length
191
content-type
text/html; charset=utf-8
date
Wed, 14 Sep 2022 05:25:16 GMT
expires
-1
location
https://no.like.it/Search?q=women s dresses&country=no&language=no
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
704a3f777a062aa699701b1639ad67e70da0c069929f38afd1b4c6a48c85912c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://no.like.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 05:25:18 GMT
recaptcha__no.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 		388 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__no.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4b9a3ba2c1cbb23b928e07261d33c8d06a4a05eb1c3958c631ee135286f27f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://no.like.it/
Origin
https://no.like.it
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 03:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158104
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 03:30:06 GMT
score.min.js
js.ad-score.com/ 		342 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000830
Requested by
Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br-js-fraud/q8LQ75wk2ZnRfE1vjvU9HN?u=http%3A%2F%2Frasenalong.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-56.fra60.r.cloudfront.net
Software
/
Resource Hash
4654689d23c430daf869f2ff4ea7849938d823aed4abe88bda5afbcfbdfeff4a

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://no.like.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 13 Sep 2022 17:36:12 GMT
Content-Encoding
gzip
Age
42546
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Tue, 13 Sep 2022 17:36:12 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA60-P2
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
YkKmvpmJFx9lsf3bq-g81-V9Jra3sD-gDiO5s3n5eEpmNIWjN9g2_w==
Expires
Wed, 14 Sep 2022 17:36:12 GMT
MediaHandler.php
mr0.imageadvantage.net/MRH/
Redirect Chain
  • https://yu.imageadvantage.net/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02.jpg?pid=9653.100&qs=yvF%7Bvnjt%23%7C%24ksjyvnw-bi%7C%40%C2%80%7B%7E%2Fxz%7Cumniy4qx3ksjyvnw-uyr%40Mvltxkv%29su%21Xgon%244%21Xnry%24...
  • https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Fxz%257Cum...
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Fxz%257Cumniy4qx3ksjyvnw-uyr%2540Mvltxkv%2529su%2521Xgon%25244%2521Xnry%2524Ksjyvnw%2527Psrlwi-ejy%2540%255Clvq%2525zkn%2524Sbykv%257D%2524Ksjyvnw%2527Dtrong%257Bjttv%2529e%257B%2521Xz%257Cumniy4%2523Pvlby%2526Vnpldyorw%2524vg%2525Junwzfx%2526d%257D%2524Sp%257C%2526S%257Bmjfx4&d=www.stylight.no%252Fdresses
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
H2
Server
18.66.112.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-69.fra56.r.cloudfront.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ba7831e9aa0412c5ef66a460e782238326dc6b5b8f384e74e96e0df065533de6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://no.like.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:25:20 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/png
cache-control
no-cache, no-store
mrhdebug
initialize START w:/MRH/MediaHandler.php?path=/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Fxz%257Cumniy4qx3ksjyvnw-uyr%2540Mvltxkv%2529su%2521Xgon%25244%2521Xnry%2524Ksjyvnw%2527Psrlwi-ejy%2540%255Clvq%2525zkn%2524Sbykv%257D%2524Ksjyvnw%2527Dtrong%257Bjttv%2529e%257B%2521Xz%257Cumniy4%2523Pvlby%2526Vnpldyorw%2524vg%2525Junwzfx%2526d%257D%2524Sp%257C%2526S%257Bmjfx4&d=www.stylight.no%252Fdresses|| @ 1663133119.904||
x-amz-cf-id
2UeOF47GK5-2TbWBDuImkesldGNa-Kwa1K9ISBM7_jIPB8ZO8IoZUQ==

Redirect headers

Date
Wed, 14 Sep 2022 05:25:18 GMT
Via
1.1 93f2a781416975f99355acc4c81d60d2.cloudfront.net (CloudFront)
Server
Apache/2.4.18 (Ubuntu)
X-Amz-Cf-Pop
VIE50-C1
X-Cache
Miss from cloudfront
Content-Type
text/html; charset=iso-8859-1
Location
https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/A/C8/A6/0DBDF9249D13D69AD7B29EF8A02&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Fxz%257Cumniy4qx3ksjyvnw-uyr%2540Mvltxkv%2529su%2521Xgon%25244%2521Xnry%2524Ksjyvnw%2527Psrlwi-ejy%2540%255Clvq%2525zkn%2524Sbykv%257D%2524Ksjyvnw%2527Dtrong%257Bjttv%2529e%257B%2521Xz%257Cumniy4%2523Pvlby%2526Vnpldyorw%2524vg%2525Junwzfx%2526d%257D%2524Sp%257C%2526S%257Bmjfx4&d=www.stylight.no%252Fdresses
Connection
keep-alive
Content-Length
827
X-Amz-Cf-Id
Xjp_UJK7ZXLAonuv-OzLjBeJiBhxgYEKEd5QCzxLcUSiTuY1nfpM4Q==
MediaHandler.php
mr0.imageadvantage.net/MRH/
Redirect Chain
  • https://yu.imageadvantage.net/3/77/6E/5DACDD2DFDEECA214F1351B7707.jpg?pid=9653.100&qs=yvF%7Bvnjt%23%7C%24ksjyvnw-bi%7C%40%C2%80%7B%7E%2Ffyr%7C2jpr5Gjqllouonv-uyr%40O%C3%A9%27hwgwrw%27mj%7Ch%7Bmuh3%...
  • https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/3/77/6E/5DACDD2DFDEECA214F1351B7707&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Ffyr%257C2...
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/3/77/6E/5DACDD2DFDEECA214F1351B7707&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Ffyr%257C2jpr5Gjqllouonv-uyr%2540O%25C3%25A9%2527hwgwrw%2527mj%257Ch%257Bmuh3%25260%2529Wopu%2526Gjqllouonv-ejy%2540Omuo%2525kw%2529w%257Bpwz%2523%257Ex%257Dbqm%2523mizjlth%257Bi3%2521rkutiy-%2525uj%2529w%257Bjqku7%2524Vqujdp%2524tpyk%2523xrsjsk%2524%2529R%25C2%2580%2521p%257BqmiF%2521Gxxt%2524rpikq%2529LLMQUD%255CSZ%2521n%2526njwzfs%2526rp%2524m%25C3%25A6%252583%2529%2529%2527sfhd%257Dx%2527puvwrp%2527lw%2526692&d=www.asos.com%252FDamekjoler
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
H2
Server
18.66.112.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-69.fra56.r.cloudfront.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
070a133d8ee2ba92ef7d35f74763fc5bb16e31dc82ab049604091af6dc320a15

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://no.like.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:25:20 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/png
cache-control
no-cache, no-store
mrhdebug
initialize START w:/MRH/MediaHandler.php?path=/3/77/6E/5DACDD2DFDEECA214F1351B7707&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Ffyr%257C2jpr5Gjqllouonv-uyr%2540O%25C3%25A9%2527hwgwrw%2527mj%257Ch%257Bmuh3%25260%2529Wopu%2526Gjqllouonv-ejy%2540Omuo%2525kw%2529w%257Bpwz%2523%257Ex%257Dbqm%2523mizjlth%257Bi3%2521rkutiy-%2525uj%2529w%257Bjqku7%2524Vqujdp%2524tpyk%2523xrsjsk%2524%2529R%25C2%2580%2521p%257BqmiF%2521Gxxt%2524rpikq%2529LLMQUD%255CSZ%2521n%2526njwzfs%2526rp%2524m%25C3%25A6%252583%2529%2529%2527sfhd%257Dx%2527puvwrp%2527lw%2526692&d=www.asos.com%252FDamekjoler|| @ 1663133119.9047||
x-amz-cf-id
ME7ZtlJeCqViIHG0fbA25ZK5FbYS4IHLH5EZPcAc5IPtbzJdGm2iHA==

Redirect headers

Date
Wed, 14 Sep 2022 05:25:19 GMT
Via
1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
Server
Apache/2.4.18 (Ubuntu)
X-Amz-Cf-Pop
VIE50-C1
X-Cache
Miss from cloudfront
Content-Type
text/html; charset=iso-8859-1
Location
https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/3/77/6E/5DACDD2DFDEECA214F1351B7707&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Ffyr%257C2jpr5Gjqllouonv-uyr%2540O%25C3%25A9%2527hwgwrw%2527mj%257Ch%257Bmuh3%25260%2529Wopu%2526Gjqllouonv-ejy%2540Omuo%2525kw%2529w%257Bpwz%2523%257Ex%257Dbqm%2523mizjlth%257Bi3%2521rkutiy-%2525uj%2529w%257Bjqku7%2524Vqujdp%2524tpyk%2523xrsjsk%2524%2529R%25C2%2580%2521p%257BqmiF%2521Gxxt%2524rpikq%2529LLMQUD%255CSZ%2521n%2526njwzfs%2526rp%2524m%25C3%25A6%252583%2529%2529%2527sfhd%257Dx%2527puvwrp%2527lw%2526692&d=www.asos.com%252FDamekjoler
Connection
keep-alive
Content-Length
966
X-Amz-Cf-Id
Pur2SYcFYa7QC1Sw5oWhQnacDyzRtkXUpMSUuJIkeWrX4nnWaEu3uA==
MediaHandler.php
mr0.imageadvantage.net/MRH/
Redirect Chain
  • https://yu.imageadvantage.net/6/18/04/525E6303AC3367CB2591D1C6291.jpg?pid=9653.100&qs=yvF%7Bvnjt%23%7C%24ksjyvnw-bi%7C%40%C2%80%7B%7E%2Foj0%7Ctvsyy1lst%2Ff%7B2%C2%80stfsy2lpvumoqp%2A%7BuqCVqsw%21%5...
  • https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/18/04/525E6303AC3367CB2591D1C6291&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Foj0%257Ct...
19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/18/04/525E6303AC3367CB2591D1C6291&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Foj0%257Ctvsyy1lst%252Ff%257B2%25C2%2580stfsy2lpvumoqp%252A%257BuqCVqsw%2521%255Cupnrz%2521Hrr%257Dlpol%25260%2529Wopu%2526Zrxo%2521Flwnvwb%257E%252CgnwDTmus%2529Xof%2525Rd%257Dizu%2525Irupldyorww%2527Utjd%25C2%25822%2527Hjz%2523%255Dll%2521Qgwnw%257B%2521Xz%257Cuiz%2521%252Bgpy%253F%2527dtrr%257Ev%257Eb%257Ey1%2529Wopu%2526Wqi%2527Mfzh%257Cx%2527Dtrong%257Bjttv%2529%252AhnuA%2523Jtwbwko%2529e%257B%2521OJ%2523%255Ctvsyy%2523Jyzuwgore5&d=www.jd-sports.com.au%252Fwomens%252Fclothing
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
H2
Server
18.66.112.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-69.fra56.r.cloudfront.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b1952d7431810073736ee5a81300267c95b82de8b8eddbc3025d72af533106d7

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://no.like.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:25:20 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/png
cache-control
no-cache, no-store
mrhdebug
initialize START w:/MRH/MediaHandler.php?path=/6/18/04/525E6303AC3367CB2591D1C6291&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Foj0%257Ctvsyy1lst%252Ff%257B2%25C2%2580stfsy2lpvumoqp%252A%257BuqCVqsw%2521%255Cupnrz%2521Hrr%257Dlpol%25260%2529Wopu%2526Zrxo%2521Flwnvwb%257E%252CgnwDTmus%2529Xof%2525Rd%257Dizu%2525Irupldyorww%2527Utjd%25C2%25822%2527Hjz%2523%255Dll%2521Qgwnw%257B%2521Xz%257Cuiz%2521%252Bgpy%253F%2527dtrr%257Ev%257Eb%257Ey1%2529Wopu%2526Wqi%2527Mfzh%257Cx%2527Dtrong%257Bjttv%2529%252AhnuA%2523Jtwbwko%2529e%257B%2521OJ%2523%255Ctvsyy%2523Jyzuwgore5&d=www.jd-sports.com.au%252Fwomens%252Fclothing|| @ 1663133120.0477||
x-amz-cf-id
r9ZdvHOwmE08XhyXetqdyZoTrQt56gDTsbDbsyBrzOH4Fu7oBCOKOg==

Redirect headers

Date
Wed, 14 Sep 2022 05:25:18 GMT
Via
1.1 51f7e70303bbb917096a71171b20326e.cloudfront.net (CloudFront)
Server
Apache/2.4.18 (Ubuntu)
X-Amz-Cf-Pop
VIE50-C1
X-Cache
Miss from cloudfront
Content-Type
text/html; charset=iso-8859-1
Location
https://mr0.imageadvantage.net/MRH/MediaHandler.php?path=/6/18/04/525E6303AC3367CB2591D1C6291&mt=04&pid=9653.100&qs=yvF%257Bvnjt%2523%257C%2524ksjyvnw-bi%257C%2540%25C2%2580%257B%257E%252Foj0%257Ctvsyy1lst%252Ff%257B2%25C2%2580stfsy2lpvumoqp%252A%257BuqCVqsw%2521%255Cupnrz%2521Hrr%257Dlpol%25260%2529Wopu%2526Zrxo%2521Flwnvwb%257E%252CgnwDTmus%2529Xof%2525Rd%257Dizu%2525Irupldyorww%2527Utjd%25C2%25822%2527Hjz%2523%255Dll%2521Qgwnw%257B%2521Xz%257Cuiz%2521%252Bgpy%253F%2527dtrr%257Ev%257Eb%257Ey1%2529Wopu%2526Wqi%2527Mfzh%257Cx%2527Dtrong%257Bjttv%2529%252AhnuA%2523Jtwbwko%2529e%257B%2521OJ%2523%255Ctvsyy%2523Jyzuwgore5&d=www.jd-sports.com.au%252Fwomens%252Fclothing
Connection
keep-alive
Content-Length
1005
X-Amz-Cf-Id
wsaBhmjFLLOqLtg5wupVbDAiPoD_nGQSWTVcns5lsfxhM_rID1cY4Q==
cors
data.ad-score.com/data/ 		50 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=6&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc1&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
ba119926492f46b8737d61e3676512552c12212618617db1dee4c32522b37fba

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 14 Sep 2022 05:25:19 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://no.like.it
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 296C 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000830
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-56.fra60.r.cloudfront.net
Software
/
Resource Hash
6f9c43710afe0be04a29e75fa94f97d78e918ddee5ded92ad74cc631db8f1095

Request headers

Referer
https://no.like.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
42549
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Sep 2022 17:36:10 GMT
Last-Modified
Mon, 12 Sep 2022 17:46:47 GMT
Transfer-Encoding
chunked
Via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
X-Amz-Cf-Id
nhFiT4X3Brk4UdxLB7ySG84O_EgQfIDfFO2_MQ-uI-1EjYAj50V1hQ==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Hit from cloudfront
truncated
/ Frame 87A1 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
db2d3112-a357-4feb-b7fc-94fedbe007f8
https://no.like.it/ 		10 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://no.like.it/db2d3112-a357-4feb-b7fc-94fedbe007f8
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17d8be269a7c8c056019540e8184e4c95d349ff3d80253bd43923621b31f8d41

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
10517
Content-Type
text/javascript
3475c729-be57-494a-80b2-4c6844fe717d
https://no.like.it/ 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://no.like.it/3475c729-be57-494a-80b2-4c6844fe717d
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ 		1 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=234&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc2&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://no.like.it
Date
Wed, 14 Sep 2022 05:25:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/gif
anchor
www.google.com/recaptcha/api2/ Frame 53B8 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__no.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
e735fddbac714202eef170e2052f9d8c1ddc3cc290df883634eded569840ebbf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_bNtDgRyF7bxoyi3Htz9NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://no.like.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22247
content-security-policy
script-src 'report-sample' 'nonce-_bNtDgRyF7bxoyi3Htz9NQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 05:25:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cors
data.ad-score.com/data/ 		1 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=381&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc3&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://no.like.it
Date
Wed, 14 Sep 2022 05:25:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
21faf68f-932b-4b97-a16f-dbd1dd0925ef
https://no.like.it/ 		288 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://no.like.it/21faf68f-932b-4b97-a16f-dbd1dd0925ef
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language
no-NO,no;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length
288
Content-Type
text/javascript
x.html
js.ad-score.com/ Frame 296C 		0
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000830
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-56.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000830
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 13 Sep 2022 17:36:10 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 12 Sep 2022 17:46:47 GMT
Age
42549
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA60-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
RsVFyENjkccZW20hTF-ih52E4PEIwxJ3SKmH-SVe_MN4PA2x04FWPw==
Via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 53B8 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:35:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 04:35:55 GMT
recaptcha__no.js
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 53B8 		388 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__no.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
4b9a3ba2c1cbb23b928e07261d33c8d06a4a05eb1c3958c631ee135286f27f62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 03:30:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158104
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 00:04:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 03:30:06 GMT
cors
data.ad-score.com/data/ 		1 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=492&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc4&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://no.like.it
Date
Wed, 14 Sep 2022 05:25:19 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ 		1 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=673&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc5&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://no.like.it
Date
Wed, 14 Sep 2022 05:25:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 53B8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 19:40:09 GMT
x-content-type-options
nosniff
age
467111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 15 Sep 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 53B8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
age
44319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 13 Sep 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 53B8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 12 Sep 2022 22:21:19 GMT
x-content-type-options
nosniff
age
111841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Sep 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 53B8 		102 B
204 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=no&v=g8G8cw32bNQPGUVoDvt680GA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
58e52fa8f5b08dd29b9aaa15d994bc201669381ceac502ef53e24d30ce1310b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcBWOQZAAAAAHBn71Ci_Pgpvl0d2VZfIvx9lN50&co=aHR0cHM6Ly9uby5saWtlLml0OjQ0Mw..&hl=no&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=oua2r18siz2a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 14 Sep 2022 05:25:20 GMT
cors
data.ad-score.com/data/ 		1 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=1373&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc6&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://no.like.it
Date
Wed, 14 Sep 2022 05:25:20 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
cors
data.ad-score.com/data/ 		1 B
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=RCMuhgQHqraiEfrkTCNTnyjdYdibhktD-FE7fPshldVrlKDUQ03nKEU7B-E0zHP81ua1flNA==&pm_ct=907252749831e882b7ee7372&pm_pl=1663133119146&pm_td=2556&pid=1000830&en=1.1&callback=__pm_glbl_e4eQA2NRbB0PposORPSDfPUm._gc7&v=e7267fc
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000830
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://no.like.it/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://no.like.it
Date
Wed, 14 Sep 2022 05:25:21 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
Primary Request /
www.jd-sports.com.au/women/womens-clothing/dresses/
Redirect Chain
  • https://ads.youniversalnext.com/toc.php?out=eNptVWuPokoQ_S8m8-3OTD9EZZL5oAKjjoAgDyGTGOhG5amLD4Sb-99voeNmN7tGxKqurjp9TnX3vx2WxVFxWse889ZB7UcYdP7pHONTdPcJlHTBERwOYJyi6ymLixQcp2PnDfd6FFOKcf-fDo-iw23or...
  • https://r.search.yahoo.com/cbclk/dWU9RENDMzUwQjVBODFFNDIyNSZ1dD0xNjYzMTMzMTE3NDM3JnVvPTc3NjUzMjA0NjYwOTcyJmx0PTImcz0yJmVzPUYweDROaWdHUFMuaEE0cENnalNYU3VaaE91YXBjVklnZWs0dWo4NEZ5dll3b1EtLQ--/RV=2/RE...
  • https://www.bing.com/aclick?ld=e8SQBoPKYrgCKj-6dK7XzabzVUCUyviLVUn3vbFORE9VzaDDUrMnIxWmUwuLe1SRFxg20_O8CAzmZFu_QPlvBZ-1FwzCMz5gkd7gYRPvZ8cqdSA5dRa8aSmfYqqUYxxjs-_XgiobCMEBTWkByJFIyihHY-Ysw0WhPFewrm...
  • https://clickserve.dartsearch.net/link/click?lid=43700072113715286&ds_s_kwgid=58700007933145967&ds_a_cid=400488205&ds_a_caid=17770806911&ds_a_agid=144687614371&ds_a_lid=kwd-11142870&&ds_e_adid=7765...
  • https://ad.doubleclick.net/ddm/clk/409202527;209421286;a;u=ds&sv1=72113715286&sv2=3326266247519922&sv3=5477412622771855815&gclid=90202d304e9615fd12844e112b2b1328;%3fhttps://www.jd-sports.com.au/wom...
  • https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%...
115 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%7C%20BM&utm_term=womens%20dresses&utm_content=Generics%20%7C%20Clothing%20%7C%20Womens%20%7C%20BM&gclid=90202d304e9615fd12844e112b2b1328&gclsrc=3p.ds
Requested by
Host: no.like.it
URL: https://no.like.it/Search?q=women%20s%20dresses&country=no&language=no
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.3.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.smartagent.app *.jdmesh.co *.choicestore.com http://localhost:* https://localhost:*; form-action https:; script-src https: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1

Request headers

Referer
https://no.like.it/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31974
content-security-policy
frame-ancestors 'self' *.smartagent.app *.jdmesh.co *.choicestore.com http://localhost:* https://localhost:*; form-action https:; script-src https: 'unsafe-inline' 'unsafe-eval'
content-type
text/html;charset=UTF-8
date
Wed, 14 Sep 2022 05:25:25 GMT
etag
6dc635ab7f532e0375faa3b1ba894d1e
expires
Wed, 14 Sep 2022 05:25:25 GMT
last-modified
Wed, 14 Sep 2022 05:25:25 GMT
p3p
CP="NOI ADM DEV COM NAV OUR STP"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
server-timing
cdn-cache; desc=MISS edge; dur=45 origin; dur=825
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-akamai-transformed
9 30327 0 pmb=mRUM,2
x-frame-options
sameorigin
x-xss-protection
1

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 14 Sep 2022 05:25:24 GMT
location
https://www.jd-sports.com.au/women/womens-clothing/dresses/?&msclkid=90202d304e9615fd12844e112b2b1328&utm_source=bing&utm_medium=cpc&utm_campaign=AU%20%7C%20NB%20%7C%20Generics%20%7C%20Clothing%20%7C%20BM&utm_term=womens%20dresses&utm_content=Generics%20%7C%20Clothing%20%7C%20Womens%20%7C%20BM&gclid=90202d304e9615fd12844e112b2b1328&gclsrc=3p.ds
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
app.css
www.jd-sports.com.au/skins/jdsports-desktop/public/dist/ 		0
0
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		0
0
725262BC71949F842.woff2
www.jd-sports.com.au/skins/jdsports-desktop/public/fonts/ 		0
0
B5416F0FED9EA9CD2.woff2
www.jd-sports.com.au/skins/jdsports-desktop/public/fonts/ 		0
0
F4715F49B60D9B144.woff2
www.jd-sports.com.au/skins/jdsports-desktop/public/fonts/ 		0
0
entry.js
se.monetate.net/js/2/a-94d0efa6/p/jdsports.au/ 		0
0
jdau_product_list
i8.amplience.net/t/jpl/ 		0
0
jdau_product_list
i8.amplience.net/t/jpl/ 		0
0
jdau_product_list
i8.amplience.net/t/jpl/ 		0
0
jdau_product_list
i8.amplience.net/t/jpl/ 		0
0
globalicon-20x13-700f5f7fe1dcfead6664368748c87f4c
i8.amplience.net/i/jpl/ 		0
0
logo.png
www.jd-sports.com.au/skins/jdsports-desktop/public/img/logos/ 		0
0
logo-large-en.png
www.jd-sports.com.au/skins/jdsports-desktop/public/img/logos/ 		0
0
preload-black.gif
www.jd-sports.com.au/skins/default/public/img/icons/ 		0
0
preload-white.gif
www.jd-sports.com.au/skins/default/public/img/icons/ 		0
0
icn-close.svg
www.jd-sports.com.au/skins/default/public/img/icons/svg/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/jdsports-desktop/public/dist/app.css?db7a90
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/jdsports-desktop/public/fonts/725262BC71949F842.woff2
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/jdsports-desktop/public/fonts/B5416F0FED9EA9CD2.woff2
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/jdsports-desktop/public/fonts/F4715F49B60D9B144.woff2
Domain
se.monetate.net
URL
https://se.monetate.net/js/2/a-94d0efa6/p/jdsports.au/entry.js
Domain
i8.amplience.net
URL
https://i8.amplience.net/t/jpl/jdau_product_list?plu=jd_DO5051-010_C_0001_al&qlt=92&w=363&h=363&v=1&fmt=auto
Domain
i8.amplience.net
URL
https://i8.amplience.net/t/jpl/jdau_product_list?plu=jd_JCJDW222_C_0001_al&qlt=92&exclusive=1&wid=363&hei=363&v=1&fmt=auto
Domain
i8.amplience.net
URL
https://i8.amplience.net/t/jpl/jdau_product_list?plu=jd_574801_al&qlt=92&w=363&h=363&v=1&fmt=auto
Domain
i8.amplience.net
URL
https://i8.amplience.net/t/jpl/jdau_product_list?plu=jd_558181_al&qlt=92&w=363&h=363&v=1&fmt=auto
Domain
i8.amplience.net
URL
https://i8.amplience.net/i/jpl/globalicon-20x13-700f5f7fe1dcfead6664368748c87f4c?qlt=100
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/jdsports-desktop/public/img/logos/logo.png
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/jdsports-desktop/public/img/logos/logo-large-en.png
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/default/public/img/icons/preload-black.gif
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/default/public/img/icons/preload-white.gif
Domain
www.jd-sports.com.au
URL
https://www.jd-sports.com.au/skins/default/public/img/icons/svg/icn-close.svg

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

11 Cookies

Domain/Path Name / Value
.rasenalong.com/ Name: sid
Value: 9c6f825c-33ed-11ed-82e7-9440d3ba5433
.no.like.it/ Name: clkmrctrvsprx
Value: http://domainparking.io/out.aspx?keyword=women+s+dresses&c=1171&logcookie=24075273
js.ad-score.com/ Name: token
Value: zLiohFwvXSpUO-3sws-XXPRMsynPtAaG
no.like.it/ Name: pmtimesig
Value: [[1663133119154,0]]
data.ad-score.com/ Name: token
Value: gPatFXxMHLocP-dlpd-RADPrVisjCLPO
.yahoo.com/ Name: A1
Value: d=AQABBMJlIWMCEJSJ5mShVeNEgSSEsAMktLE&S=AQAAAsCL3769hQ7W0ZhoqBgQXR4
.yahoo.com/ Name: A3
Value: d=AQABBMJlIWMCEJSJ5mShVeNEgSSEsAMktLE&S=AQAAAsCL3769hQ7W0ZhoqBgQXR4
.yahoo.com/ Name: A1S
Value: d=AQABBMJlIWMCEJSJ5mShVeNEgSSEsAMktLE&S=AQAAAsCL3769hQ7W0ZhoqBgQXR4&j=GDPR
.bing.com/ Name: _EDGE_S
Value: F=1&SID=0145D85EAE4669F10835CA41AFB3689A
.bing.com/ Name: _EDGE_V
Value: 1
.bing.com/ Name: MUID
Value: 2588CC7050B06A3A3F7FDE6F51456BFC

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.youniversalnext.com
brynh-lei.com
clickserve.dartsearch.net
data.ad-score.com
fonts.gstatic.com
i8.amplience.net
js.ad-score.com
maxcdn.bootstrapcdn.com
mr0.imageadvantage.net
no.like.it
r.lnk8j7.com
r.search.yahoo.com
rasenalong.com
se.monetate.net
service.no.like.it
track.domainparkingmanager.it
www.bing.com
www.google.com
www.gstatic.com
www.jd-sports.com.au
yu.imageadvantage.net
i8.amplience.net
maxcdn.bootstrapcdn.com
se.monetate.net
www.jd-sports.com.au
130.211.115.4
142.250.184.227
142.250.185.100
142.250.185.102
142.250.186.99
172.217.16.206
18.66.112.69
18.66.122.56
185.25.205.112
204.79.197.200
212.82.100.137
34.194.66.161
35.180.17.130
35.180.205.178
92.123.3.124
94.229.72.125
99.80.208.222
99.86.240.22
99.86.240.84
070a133d8ee2ba92ef7d35f74763fc5bb16e31dc82ab049604091af6dc320a15
17d8be269a7c8c056019540e8184e4c95d349ff3d80253bd43923621b31f8d41
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2453b3ec2381fb71f9704790a42221fbd2d377b4ab97dcf29e9a6c5823b05fd4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4654689d23c430daf869f2ff4ea7849938d823aed4abe88bda5afbcfbdfeff4a
4b9a3ba2c1cbb23b928e07261d33c8d06a4a05eb1c3958c631ee135286f27f62
58e52fa8f5b08dd29b9aaa15d994bc201669381ceac502ef53e24d30ce1310b4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f9c43710afe0be04a29e75fa94f97d78e918ddee5ded92ad74cc631db8f1095
704a3f777a062aa699701b1639ad67e70da0c069929f38afd1b4c6a48c85912c
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
b1952d7431810073736ee5a81300267c95b82de8b8eddbc3025d72af533106d7
ba119926492f46b8737d61e3676512552c12212618617db1dee4c32522b37fba
ba3e1b891a511c5faafb954580e7333e68bdf3a062f3b239f623bb9cdc2e1fbf
ba7831e9aa0412c5ef66a460e782238326dc6b5b8f384e74e96e0df065533de6
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e735fddbac714202eef170e2052f9d8c1ddc3cc290df883634eded569840ebbf