urlscan.io logo urlscan.io
SecurityTrails logo

bestwebcode.com Open in urlscan Pro
88.99.165.40  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://bestwebcode.com/oney/
Submission: On January 22 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 8 countries across 28 domains to perform 44 HTTP transactions. The main IP is 88.99.165.40, located in Germany and belongs to HETZNER-AS, DE. The main domain is bestwebcode.com.
TLS certificate: Issued by R3 on November 30th 2021. Valid for: 3 months.
This is the only time bestwebcode.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Oney (Banking)

Domain & IP information

IP Address AS Autonomous System
13 88.99.165.40 24940 (HETZNER-AS)
1 40.67.222.51 8075 (MICROSOFT...)
1 185.86.138.143 201081 (SMARTADSE...)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 35.244.174.68 15169 (GOOGLE)
2 2 142.250.181.226 15169 (GOOGLE)
2 178.250.2.151 44788 (ASN-CRITE...)
1 2 18.203.202.174 16509 (AMAZON-02)
1 64.202.112.63 22075 (AS-OUTBRAIN)
1 69.173.144.139 26667 (RUBICONPR...)
1 3 18.159.24.107 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
1 185.255.84.153 200271 (IGUANE-)
1 2 76.223.111.18 16509 (AMAZON-02)
2 2 18.157.252.145 16509 (AMAZON-02)
1 3 18.156.0.31 16509 (AMAZON-02)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 5.178.65.245 50673 (SERVERIUS-AS)
3 4 185.33.220.243 29990 (ASN-APPNEX)
1 54.90.44.252 14618 (AMAZON-AES)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 2.20.85.164 16625 (AKAMAI-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 2.22.32.24 16625 (AKAMAI-AS)
1 3.66.118.189 16509 (AMAZON-02)
1 18.184.187.38 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 37.157.4.39 198622 (ADFORM)
1 35.186.243.160 15169 (GOOGLE)
1 1 2.18.234.233 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 212.82.100.181 34010 (YAHOO-IRD)
44 28
13    88.99.165.40 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server57.dnsbootserver.com
bestwebcode.com
1    40.67.222.51 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
staging.mobile.oney.io
1    185.86.138.143 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    18.203.202.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-202-174.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    18.159.24.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-24-107.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.157.252.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    5.178.65.245 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
sync.e-planning.net
4    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    54.90.44.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-44-252.compute-1.amazonaws.com
sync-criteo.ads.yieldmo.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    2.20.85.164 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com
r.casalemedia.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    2.22.32.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com
contextual.media.net
1    3.66.118.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-118-189.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    18.184.187.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-187-38.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:9000:2057:e600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    35.186.243.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.243.186.35.bc.googleusercontent.com
matching.ivitrack.com
1    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
13 bestwebcode.com
bestwebcode.com
109 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
ads.yahoo.com — Cisco Umbrella Rank: 913
sp.analytics.yahoo.com — Cisco Umbrella Rank: 818
2 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
4 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 369
dis.criteo.com — Cisco Umbrella Rank: 691
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
cdn.stickyadstv.com — Cisco Umbrella Rank: 2556
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1974
2 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
712 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
732 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 675
851 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
1019 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 8068
242 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1786
163 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
239 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 637
263 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 2277
40 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 516
783 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1803
172 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 552
340 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2215
220 B
1 e-planning.net
sync.e-planning.net — Cisco Umbrella Rank: 5261
104 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1700
235 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1260
231 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
239 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 758
476 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 316
416 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578
163 B
1 oney.io
staging.mobile.oney.io
136 KB
44 28
Domain Requested by
13 bestwebcode.com bestwebcode.com
4 secure.adnxs.com 3 redirects
3 ups.analytics.yahoo.com 1 redirects
3 x.bidswitch.net 1 redirects
2 r.casalemedia.com 1 redirects
2 ads.yahoo.com bestwebcode.com
2 pixel.advertising.com 2 redirects
2 eb2.3lift.com 1 redirects
2 ad.360yield.com 1 redirects
2 dis.criteo.com
2 cm.g.doubleclick.net 2 redirects
2 gum.criteo.com 2 redirects
1 sp.analytics.yahoo.com bestwebcode.com
1 cdn.stickyadstv.com
1 ads.stickyadstv.com 1 redirects
1 matching.ivitrack.com bestwebcode.com
1 cm.adform.net bestwebcode.com
1 s.ad.smaato.net bestwebcode.com
1 match.sharethrough.com bestwebcode.com
1 exchange.mediavine.com bestwebcode.com
1 contextual.media.net bestwebcode.com
1 criteo-sync.teads.tv bestwebcode.com
1 simage2.pubmatic.com bestwebcode.com
1 sync-criteo.ads.yieldmo.com bestwebcode.com
1 sync.e-planning.net bestwebcode.com
1 visitor.omnitagjs.com bestwebcode.com
1 sync-t1.taboola.com bestwebcode.com
1 pixel.rubiconproject.com bestwebcode.com
1 sync.outbrain.com bestwebcode.com
1 idsync.rlcdn.com
1 rtb-csync.smartadserver.com bestwebcode.com
1 staging.mobile.oney.io bestwebcode.com
44 32

This site contains links to these domains. Also see Links.

Domain
www.oney.fr
Subject Issuer Validity Valid
*.bestwebcode.com
R3		 2021-11-30 -
2022-02-28		 3 months crt.sh
staging.mobile.oney.io
Thawte RSA CA 2018		 2021-07-19 -
2022-08-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
exchange.mediavine.com
Amazon		 2021-08-05 -
2022-09-03		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
itm.ivitrack.com
R3		 2021-12-16 -
2022-03-16		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://bestwebcode.com/oney/
Frame ID: A80F227A6C87E3B94EB97FF28436A9CF
Requests: 13 HTTP requests in this frame

Frame: https://bestwebcode.com/oney/index_files/saved_resource.html
Frame ID: 3C964EBCB03D4E9B7CBB100942244EB7
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-dhVOcK7zntS0v3Zuafsg4jvZ0PmpClMoKdL1zQ
Frame ID: 47807E502ED629BC15463A3191E82926
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Je me connecte

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

44
Requests

77 %
HTTPS

13 %
IPv6

28
Domains

32
Subdomains

28
IPs

8
Countries

256 kB
Transfer

265 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=XsQcjHumsXO8XBvzj-HmOXzdthmfPif1
Request Chain 15
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1xck5FLXE3em50UzB2M1p1YWZzZzRqdlowUGxoU1ZuMlQ3UjM2QQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay1xck5FLXE3em50UzB2M1p1YWZzZzRqdlowUGxoU1ZuMlQ3UjM2QQ&google_tc= HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 16
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gy6Yf67zntS0v3Zuafsg4jvZ0PkzZBwjp0SbUg HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gy6Yf67zntS0v3Zuafsg4jvZ0PkzZBwjp0SbUg
Request Chain 19
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30
Request Chain 22
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-ccl0K67zntS0v3Zuafsg4jvZ0PksAU0tiegYYg&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ccl0K67zntS0v3Zuafsg4jvZ0PksAU0tiegYYg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Request Chain 23
  • https://pixel.advertising.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1&apid=UP7f5c298d-7b71-11ec-a9e2-062f0b0cbc04
Request Chain 25
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mP-0n67zntS0v3Zuafsg4jvZ0Pnwpv2IbHv3Dg HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mP-0n67zntS0v3Zuafsg4jvZ0Pnwpv2IbHv3Dg&verify=true
Request Chain 27
  • https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D130915%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1910772704617739936
Request Chain 30
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA&C=1
Request Chain 38
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-LzNJBa7zntS0v3Zuafsg4jvZ0PloWe9xOUyoBg&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bestwebcode.com/oney/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
0c69b72998f58459ca72810f42a148efefe064a514837b5a081c3360fee7bd09
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 22 Jan 2022 10:53:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
UPDATING
x-server-powered-by
Engintron
content-encoding
gzip
styles.089e2a8074fed12d0ae6.css
bestwebcode.com/oney/index_files/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/index_files/styles.089e2a8074fed12d0ae6.css
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
31c189d9266060d7315d108b9b132bf9cde96d70a82fc81c78956ab66d968cab
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Mon, 21 Feb 2022 10:53:11 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
measure.js.t%C3%A9l%C3%A9chargement
bestwebcode.com/oney/index_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/index_files/measure.js.t%C3%A9l%C3%A9chargement
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
privacy_v2_34.js.t%C3%A9l%C3%A9chargement
bestwebcode.com/oney/index_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/index_files/privacy_v2_34.js.t%C3%A9l%C3%A9chargement
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
js
bestwebcode.com/oney/index_files/ 		96 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/index_files/js
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
ad97350ba9eea092b8ac413fac6cd38f816f2e495fd607362d784ed7312a75de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
date
Sat, 22 Jan 2022 10:53:13 GMT
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
98738
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
EXPIRED
tcfapi.js.t%C3%A9l%C3%A9chargement
bestwebcode.com/oney/index_files/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/index_files/tcfapi.js.t%C3%A9l%C3%A9chargement
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
logo_oney.svg
bestwebcode.com/oney/index_files/ 		1 KB
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestwebcode.com/oney/index_files/logo_oney.svg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
329c8d457d49b90471eb34145f579ce06de54a31aca8ffbcb0d7f1b25403232b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
expires
Wed, 23 Mar 2022 10:53:11 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
picto_gry_pencil.svg
bestwebcode.com/oney/index_files/ 		778 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestwebcode.com/oney/index_files/picto_gry_pencil.svg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
b09a35c2e10054c9aef06823c47210bdd3c71c4b500597c31c73120eadbb52ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
expires
Wed, 23 Mar 2022 10:53:11 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
picto_wht_lock.svg
bestwebcode.com/oney/index_files/ 		1 KB
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestwebcode.com/oney/index_files/picto_wht_lock.svg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
4b31696e85bcf43e49519b5df57abe20e73e38c1e55c9fd561359b72f59d30da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
vary
Accept-Encoding
content-type
image/svg+xml
expires
Wed, 23 Mar 2022 10:53:11 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
0
bestwebcode.com/oney/index_files/ 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestwebcode.com/oney/index_files/0
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
date
Sat, 22 Jan 2022 10:53:13 GMT
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
EXPIRED
zero.png
bestwebcode.com/oney/index_files/ 		68 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestwebcode.com/oney/index_files/zero.png
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
server
nginx
date
Sat, 22 Jan 2022 10:53:11 GMT
content-type
image/png
expires
Wed, 23 Mar 2022 10:53:11 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
68
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
saved_resource.html
bestwebcode.com/oney/index_files/ Frame 3C96 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bestwebcode.com/oney/index_files/saved_resource.html
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
04a49a9ef6df0499887c3090f6ca9967574b3d951896550687dfb984b4f24b0b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/

Response headers

server
nginx
date
Sat, 22 Jan 2022 10:53:13 GMT
content-type
text/html
vary
Accept-Encoding
content-security-policy
upgrade-insecure-requests;
last-modified
Fri, 21 Jan 2022 12:22:16 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
content-encoding
gzip
fd-login-defaut.jpg
staging.mobile.oney.io/mo/repository//images/login/ 		138 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staging.mobile.oney.io/mo/repository//images/login/fd-login-defaut.jpg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.67.222.51 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dadd6c901dc973e05fd79c36144858234de3b15c972a1eeac5b4e35de6837fd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:11 GMT
content-encoding
gzip
cache-control
public,max-age=2592000
vary
Accept-Encoding
content-type
image/jpeg
picto_gry_star.svg
bestwebcode.com/assets/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bestwebcode.com/assets/images/picto_gry_star.svg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.165.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server57.dnsbootserver.com
Software
nginx /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bestwebcode.com/oney/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=iso-8859-1
content-security-policy
upgrade-insecure-requests;
x-xss-protection
1; mode=block
/
rtb-csync.smartadserver.com/redir/ Frame 4780 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-dhVOcK7zntS0v3Zuafsg4jvZ0PmpClMoKdL1zQ
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.143 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
transfer-encoding
chunked
content-type
image/gif
397596.gif
idsync.rlcdn.com/ Frame 4780
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=XsQcjHumsXO8XBvzj-HmOXzdthmfPif1
42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=XsQcjHumsXO8XBvzj-HmOXzdthmfPif1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 22 Jan 2022 10:53:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=XsQcjHumsXO8XBvzj-HmOXzdthmfPif1
date
Sat, 22 Jan 2022 10:53:13 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3199
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 4780
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1xck5FLXE3em50UzB2M1p1YWZzZzRqdlowUGxoU1ZuMlQ3UjM2QQ
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&google_hm=ay1xck5FLXE3em50UzB2M1p1YWZzZzRqdlowUGxoU1ZuMlQ3UjM2QQ&google_tc=
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 10:53:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
210275
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 Jan 2022 10:53:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ul_cb/ Frame 4780
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gy6Yf67zntS0v3Zuafsg4jvZ0PkzZBwjp0SbUg
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gy6Yf67zntS0v3Zuafsg4jvZ0PkzZBwjp0SbUg
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gy6Yf67zntS0v3Zuafsg4jvZ0PkzZBwjp0SbUg
Protocol
H2
Server
18.203.202.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-202-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 Jan 2022 10:53:14 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-gy6Yf67zntS0v3Zuafsg4jvZ0PkzZBwjp0SbUg
date
Sat, 22 Jan 2022 10:53:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 4780 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-0kCQpq7zntS0v3Zuafsg4jvZ0Pn7RuwyleRzcA
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 22 Jan 2022 10:53:14 GMT
Cache-Control
no-cache
X-TraceId
e46de7294b37f7e544a0d18c65a0e136
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame 4780 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
sync
x.bidswitch.net/ul_cb/ Frame 4780
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30
Protocol
HTTP/1.1
Server
18.159.24.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-24-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 22 Jan 2022 10:53:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-hnoMEq7zntS0v3Zuafsg4jvZ0Pnh2XiQb_zcpA&expires=30
Date
Sat, 22 Jan 2022 10:53:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 4780 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-V0zp3K7zntS0v3Zuafsg4jvZ0PmiLqYuDflJWQ
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22073
sync
visitor.omnitagjs.com/visitor/ Frame 4780 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-MtDuo67zntS0v3Zuafsg4jvZ0PmshotvjHku0A
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 10:53:13 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
xuid
eb2.3lift.com/ Frame 4780
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-ccl0K67zntS0v3Zuafsg4jvZ0PksAU0tiegYYg&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ccl0K67zntS0v3Zuafsg4jvZ0PksAU0tiegYYg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ccl0K67zntS0v3Zuafsg4jvZ0PksAU0tiegYYg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-ccl0K67zntS0v3Zuafsg4jvZ0PksAU0tiegYYg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date
Sat, 22 Jan 2022 10:53:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/55945/ Frame 4780
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1&apid=UP7f5c298d-7b71-11ec-a9e2-062f0b0cbc04
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1&apid=UP7f5c298d-7b71-11ec-a9e2-062f0b0cbc04
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-ZnxmT67zntS0v3Zuafsg4jvZ0PlEoSf00HM8sA&_origin=1&apid=UP7f5c298d-7b71-11ec-a9e2-062f0b0cbc04
date
Sat, 22 Jan 2022 10:53:14 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
ads.yahoo.com/cms/ Frame 4780 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame 4780
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mP-0n67zntS0v3Zuafsg4jvZ0Pnwpv2IbHv3Dg
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mP-0n67zntS0v3Zuafsg4jvZ0Pnwpv2IbHv3Dg&verify=true
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mP-0n67zntS0v3Zuafsg4jvZ0Pnwpv2IbHv3Dg&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-mP-0n67zntS0v3Zuafsg4jvZ0Pnwpv2IbHv3Dg&verify=true
date
Sat, 22 Jan 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
um
sync.e-planning.net/ Frame 4780 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=k-MLUkeK7zntS0v3Zuafsg4jvZ0PlwCd0NLbqX-g&dc=6884a087b48abdb1&ibd=1&iss=1
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
server
openresty
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 4780
Redirect Chain
  • https://secure.adnxs.com/seg?add=130915&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D130915%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.a...
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1910772704617739936
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1910772704617739936
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 10:53:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2312344
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 10:53:14 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5acf31fd-931f-4e82-a5ae-7ac6084abe1d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1910772704617739936
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 4780 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-tEqjjK7zntS0v3Zuafsg4jvZ0Pko0ZiGvhExHg&pn_id=criteo&ext=1
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.44.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-44-252.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 22 Jan 2022 10:53:14 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
Pug
simage2.pubmatic.com/AdServer/ Frame 4780 		42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI0NTImdGw9NDMyMDA=&piggybackCookie=uid:k-cLLQB67zntS0v3Zuafsg4jvZ0PkaRBzwuySLBw
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:315
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rum
r.casalemedia.com/ Frame 4780
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA&C=1
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 22 Jan 2022 10:53:14 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 10:53:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Sat, 22 Jan 2022 10:53:14 GMT
um
criteo-sync.teads.tv/ Frame 4780 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-TutYba7zntS0v3Zuafsg4jvZ0PkBRFOR_FdOKQ
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 10:53:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 22 Jan 2022 10:53:14 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
cksync.php
contextual.media.net/ Frame 4780 		45 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-46J9va7zntS0v3Zuafsg4jvZ0Pn4bpov-okpww
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.32.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-32-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sat, 22 Jan 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Sat, 22 Jan 2022 10:53:14 GMT
push
exchange.mediavine.com/usersync/ Frame 4780 		40 B
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-zYI0u67zntS0v3Zuafsg4jvZ0PmoSZsZfSqgSg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.118.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-118-189.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 4780 		68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-fhcSjq7zntS0v3Zuafsg4jvZ0PlYWdsLeLECUw
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.187.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-187-38.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
content-length
68
content-type
image/png
/
s.ad.smaato.net/c/ Frame 4780 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-gyra7q7zntS0v3Zuafsg4jvZ0PmDqN3lUc6geg
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
FudhGy-tHAfNk4aBSZjv-b5ns7iwTq0huX5fSQzu8FEJLOYvS2Y2Wg==
x-cache
FunctionGeneratedResponse from cloudfront
pixel
cm.adform.net/ Frame 4780 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-iAUJZK7zntS0v3Zuafsg4jvZ0PlqPxwCPu-kuw
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
last-modified
Wed, 20 Jul 2016 08:18:17 GMT
server
nginx
accept-ranges
bytes
etag
"578f33c9-2b"
content-length
43
content-type
image/gif
sync
matching.ivitrack.com/ Frame 4780 		42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-kfNtZa7zntS0v3Zuafsg4jvZ0Pnq6kbvTLJkiQ
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.243.186.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:13 GMT
via
1.1 google
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
42
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 4780
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-LzNJBa7zntS0v3Zuafsg4jvZ0PloWe9xOUyoBg&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 22 Jan 2022 10:53:14 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1642848794.dop212.fr8.t,1642848794.cds102.fr8.shn,1642848794.cds102.fr8.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 10:53:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1642848794043062-420
Expires
Sat, 22 Jan 2022 10:53:14 GMT
spp.pl
sp.analytics.yahoo.com/ Frame 4780 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438726
Requested by
Host: bestwebcode.com
URL: https://bestwebcode.com/oney/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 Jan 2022 10:53:14 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Sat, 22 Jan 2022 10:53:14 GMT
sync
x.bidswitch.net/ Frame 4780 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=117&user_id=k-K54aPq7zntS0v3Zuafsg4jvZ0Pnb9XEi_RL_KQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.24.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-24-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 22 Jan 2022 10:53:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
v1
ads.yahoo.com/cms/ Frame 4780 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 10:53:14 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
setuid
secure.adnxs.com/ Frame 4780 		43 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-1hIOia7zntS0v3Zuafsg4jvZ0PmyGWLymCr34w&seg=130915
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Jan 2022 10:53:14 GMT
X-Proxy-Origin
217.114.215.133; 217.114.215.133; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bacb4a06-b447-454d-907f-009cc1ceb020
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Oney (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| supplog function| supppass function| remppass

38 Cookies

Domain/Path Name / Value
.3lift.com/ Name: tluid
Value: 11418993024498642008
.bidswitch.net/ Name: tuuid
Value: b8fe2c55-ff14-4047-9b0f-2319e5648e36
.bidswitch.net/ Name: c
Value: 1642848793
.bidswitch.net/ Name: tuuid_lu
Value: 1642848793
.taboola.com/ Name: t_gid
Value: ee66c4e1-d68c-4d53-8598-319ee457b6c4-tuct8e56799
.criteo.com/ Name: uid
Value: 8046f7bc-ad8c-4fef-9a76-96be13c51fe8
.doubleclick.net/ Name: IDE
Value: AHWqTUnnE8ilpFKINajUwU7PpLzC-tDgdGY4AC0yCoePqXhc3i_7mgadotzNjyy6oAA
.360yield.com/ Name: tuuid
Value: 51fb92ce-a52e-43f6-b767-080b8e10c96f
.360yield.com/ Name: tuuid_lu
Value: 1642848793
.advertising.com/ Name: APID
Value: UP7f5c298d-7b71-11ec-a9e2-062f0b0cbc04
.yahoo.com/ Name: A3
Value: d=AQABBBni62ECEF7UyQQZ0U556gXS3ylDFOMFEgEBAQEz7WH1YQAAAAAA_eMAAA&S=AQAAAo9Lb3dJPmsNByyyKhG1-zs
.360yield.com/ Name: um
Value: !38,pXJcQoe8D6xaekGw7B5eKRQRbZcSNdYMhhcAkcMuhdwfG711LyfgZXpsgdzid0XmKjkVsDqK,1650624794
.360yield.com/ Name: umeh
Value: !38,0,1705056794,-1
.analytics.yahoo.com/ Name: IDSYNC
Value: 1761~22sy
.yahoo.com/ Name: APID
Value: UP7f5c298d-7b71-11ec-a9e2-062f0b0cbc04
.yahoo.com/ Name: APIDTS
Value: 1642848794
.adnxs.com/ Name: uuid2
Value: 1910772704617739936
.rlcdn.com/ Name: rlas3
Value: c/VU/wV3ZD/d5hpn1EONAE+qnePui9PJe0BXM2a2BK8=
.rlcdn.com/ Name: pxrc
Value: CAA=
.pubmatic.com/ Name: PUBMDCID
Value: 3
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%227f6aa860-7b71-11ec-8697-8f9790781e08%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%227f6aa860-7b71-11ec-8697-8f9790781e08%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-zYI0u67zntS0v3Zuafsg4jvZ0PmoSZsZfSqgSg%22%2C%22version%22%3A%22criteo%22%7D
.sharethrough.com/ Name: stx_user_id
Value: 442d68ba-b2e6-41ba-ab7c-55c546831e89
ads.stickyadstv.com/ Name: UID
Value: 5128ebbb286c9fe4691147b4e11a8
ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-LzNJBa7zntS0v3Zuafsg4jvZ0PloWe9xOUyoBg
ads.stickyadstv.com/ Name: sessionId
Value: f29af5c4c8f7cd3d91862364ff43e233
.media.net/ Name: visitor-id
Value: 2858503948214945000V10
.media.net/ Name: data-c-ts
Value: 1642848794
.media.net/ Name: data-c
Value: k-46J9va7zntS0v3Zuafsg4jvZ0Pn4bpov-okpww~~3
.casalemedia.com/ Name: CMID
Value: YeviGokztca39c1.iL8j8wAA
.casalemedia.com/ Name: CMPS
Value: 3194
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GUbo<Q1c!@wnfH1YdP.dEXlSkeHinX_z(FS9x-(t>FZ--(Ku@m.(o@BO0[SFcworWkTBBa'^O2mqZ7vP4A2P(hw9P-HC_#twg]+Ry1%
.outbrain.com/ Name: obuid
Value: 262711ee-2090-40eb-851f-32ba8ffb6643
.outbrain.com/ Name: criteo
Value: k-0kCQpq7zntS0v3Zuafsg4jvZ0Pn7RuwyleRzcA
.casalemedia.com/ Name: CMPRO
Value: 1204
.casalemedia.com/ Name: CMST
Value: YeviGmHr4hoA
.casalemedia.com/ Name: CMRUM3
Value: 1461ebe21a2760k-fkCCMK7zntS0v3Zuafsg4jvZ0PnXood9V6g_uA

5 Console Messages

Source Level URL
Text
network error URL: https://bestwebcode.com/oney/index_files/measure.js.t%C3%A9l%C3%A9chargement
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bestwebcode.com/oney/index_files/privacy_v2_34.js.t%C3%A9l%C3%A9chargement
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bestwebcode.com/oney/index_files/tcfapi.js.t%C3%A9l%C3%A9chargement
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bestwebcode.com/assets/images/picto_gry_star.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://bestwebcode.com/oney/
Message:
Refused to execute script from 'https://bestwebcode.com/oney/index_files/js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
bestwebcode.com
cdn.stickyadstv.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-sync.teads.tv
dis.criteo.com
eb2.3lift.com
exchange.mediavine.com
gum.criteo.com
idsync.rlcdn.com
match.sharethrough.com
matching.ivitrack.com
pixel.advertising.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
staging.mobile.oney.io
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.e-planning.net
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
x.bidswitch.net
104.111.242.245
141.226.228.48
142.250.181.226
178.250.2.151
18.156.0.31
18.157.252.145
18.159.24.107
18.184.187.38
18.203.202.174
185.255.84.153
185.33.220.243
185.64.189.110
185.86.138.143
2.18.234.233
2.20.85.164
2.22.32.24
2001:4de0:ac19::1:b:2a
212.82.100.181
2600:9000:2057:e600:1b:5138:8a40:93a1
2a00:1288:80:800::7000
2a02:2638:1::13
3.66.118.189
35.186.243.160
35.244.174.68
37.157.4.39
40.67.222.51
5.178.65.245
54.90.44.252
64.202.112.63
69.173.144.139
76.223.111.18
88.99.165.40
04a49a9ef6df0499887c3090f6ca9967574b3d951896550687dfb984b4f24b0b
0c69b72998f58459ca72810f42a148efefe064a514837b5a081c3360fee7bd09
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
31c189d9266060d7315d108b9b132bf9cde96d70a82fc81c78956ab66d968cab
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c8d457d49b90471eb34145f579ce06de54a31aca8ffbcb0d7f1b25403232b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4b31696e85bcf43e49519b5df57abe20e73e38c1e55c9fd561359b72f59d30da
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
ad97350ba9eea092b8ac413fac6cd38f816f2e495fd607362d784ed7312a75de
b09a35c2e10054c9aef06823c47210bdd3c71c4b500597c31c73120eadbb52ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dadd6c901dc973e05fd79c36144858234de3b15c972a1eeac5b4e35de6837fd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629