urlscan.io logo urlscan.io
SecurityTrails logo

ultimeo-downloader.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dlscord-gift.xyz/
Effective URL: https://ultimeo-downloader.com/?sid=arrp
Submission: On March 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultimeo-downloader.com.
TLS certificate: Issued by E1 on February 16th 2024. Valid for: 3 months.
This is the only time ultimeo-downloader.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.225.91.73 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 64.190.63.136 47846 (SEDO-AS)
1 205.234.175.175 23352 (SERVERCEN...)
2 2 173.239.53.32 27257 (WEBAIR-IN...)
1 2 15.197.224.234 16509 (AMAZON-02)
1 130.211.29.114 396982 (GOOGLE-CL...)
2 18.156.16.63 16509 (AMAZON-02)
2 35.241.15.240 15169 (GOOGLE)
6 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
19 12
1    64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
dlscord-gift.xyz
1    2606:4700::6812:1b2d (United States)

ASN13335 (CLOUDFLARENET, US)
domaincntrol.com
4    64.190.63.136 (Germany)

ASN47846 (SEDO-AS, DE)
ww2.dlscord-gift.xyz
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
2    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.sedodna.com
xml-v4.optimalscreen1.online
2    15.197.224.234 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
optimalscreen3.online
1    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
2    18.156.16.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
track.wewearegogogo.com
2    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
6    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ultimeo-downloader.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
6 ultimeo-downloader.com
ultimeo-downloader.com
737 KB
5 dlscord-gift.xyz
dlscord-gift.xyz
ww2.dlscord-gift.xyz
4 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 20756
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9368
89 KB
2 wewearegogogo.com
track.wewearegogogo.com
2 KB
2 optimalscreen3.online
optimalscreen3.online — Cisco Umbrella Rank: 252978
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2089
259 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
97 KB
1 optimalscreen1.online
xml-v4.optimalscreen1.online — Cisco Umbrella Rank: 81755
414 B
1 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 482708
187 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 67337
5 KB
1 domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 294758
339 B
19 11
Domain Requested by
6 ultimeo-downloader.com track.wewearegogogo.com
ultimeo-downloader.com
4 ww2.dlscord-gift.xyz 2 redirects dlscord-gift.xyz
ww2.dlscord-gift.xyz
2 cas.avalon.perfdrive.com cdn.perfdrive.com
2 track.wewearegogogo.com optimalscreen3.online
track.wewearegogogo.com
2 optimalscreen3.online 1 redirects ww2.dlscord-gift.xyz
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com ultimeo-downloader.com
1 xml-v4.optimalscreen1.online 1 redirects
1 cdn.perfdrive.com optimalscreen3.online
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com ww2.dlscord-gift.xyz
1 domaincntrol.com dlscord-gift.xyz
1 dlscord-gift.xyz
19 13

This site contains links to these domains. Also see Links.

Domain
chromewebstore.google.com
Subject Issuer Validity Valid
domaincntrol.com
GTS CA 1P5		 2024-01-29 -
2024-04-28		 3 months crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
track.wewearegogogo.com
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-07-24 -
2024-08-05		 a year crt.sh
ultimeo-downloader.com
E1		 2024-02-16 -
2024-05-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ultimeo-downloader.com/?sid=arrp
Frame ID: 67079BDA47934085A4ADBBB999D65F97
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UlV. Ultimate downloader for Vimeo

Page URL History Show full URLs

  1. http://dlscord-gift.xyz/ Page URL
  2. http://ww2.dlscord-gift.xyz/ Page URL
  3. http://ww2.dlscord-gift.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q... HTTP 302
    http://ww2.dlscord-gift.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q... HTTP 302
    http://xml.sedodna.com/click?i=bt5zTkXyB7Q_0 HTTP 302
    http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC Page URL
  4. http://optimalscreen3.online/api/v1/pxcheck?impId=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC&minfo=eyJjb29r... HTTP 302
    http://xml-v4.optimalscreen1.online/click?seat=2849673&i=H6je51*z1E4_0 HTTP 302
    https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b3... Page URL
  5. https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly91bHRpbWVvLWRvd25sb2FkZXIuY29tLz9zaWQ9YXJycA... Page URL
  6. https://ultimeo-downloader.com/?sid=arrp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Page Statistics

19
Requests

74 %
HTTPS

33 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

962 kB
Transfer

1319 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dlscord-gift.xyz/ Page URL
  2. http://ww2.dlscord-gift.xyz/ Page URL
  3. http://ww2.dlscord-gift.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q_0&v=ZDY4NTAwMWY1YTY2ODRlY2U2NDMzNzYxZTBmNGViYTEJMQl3dzIuZGxzY29yZC1naWZ0Lnh5ejY1ZWRlNGU0M2JlMGMzLjg0NjMxOTEzCXd3Mi5kbHNjb3JkLWdpZnQueHl6NjVlZGU0ZTQzYmU4YzQuMjQ1ODk3NjMJMTcxMDA4OTQ0NQlhZF82M18w&l=OAliMmE3ZjI3ODBhZDkwZjhjNTg1Mjk0ZGVhMzYwMjJhNgkwCTQ4CTAJYzgyZDlmNDAwYjIxN2MyMDViMjc1NzFlNmM2ZTdiN2MJNTIzODkxMzU5CWRsc2NvcmQtZ2lmdAkwCTYzCTcJNQkxNzEwMDg5NDQ1CTguOEUtNQlOCTAJMQkxNTEyCTEyMDUJNTExNzQ3NTc1CTE5My4zMi4yNDguMjI4CTA%253D HTTP 302
    http://ww2.dlscord-gift.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q_0&v=ZDY4NTAwMWY1YTY2ODRlY2U2NDMzNzYxZTBmNGViYTEJMQl3dzIuZGxzY29yZC1naWZ0Lnh5ejY1ZWRlNGU0M2JlMGMzLjg0NjMxOTEzCXd3Mi5kbHNjb3JkLWdpZnQueHl6NjVlZGU0ZTQzYmU4YzQuMjQ1ODk3NjMJMTcxMDA4OTQ0NQlhZF82M18w&l=OAliMmE3ZjI3ODBhZDkwZjhjNTg1Mjk0ZGVhMzYwMjJhNgkwCTQ4CTAJYzgyZDlmNDAwYjIxN2MyMDViMjc1NzFlNmM2ZTdiN2MJNTIzODkxMzU5CWRsc2NvcmQtZ2lmdAkwCTYzCTcJNQkxNzEwMDg5NDQ1CTguOEUtNQlOCTAJMQkxNTEyCTEyMDUJNTExNzQ3NTc1CTE5My4zMi4yNDguMjI4CTA%253D HTTP 302
    http://xml.sedodna.com/click?i=bt5zTkXyB7Q_0 HTTP 302
    http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC Page URL
  4. http://optimalscreen3.online/api/v1/pxcheck?impId=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL29wdGltYWxzY3JlZW4zLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9NFVMbzZCUWs3eFZmVWo3Q1dHVjhJMVh0T21OQUxnQjlVRUZMZTlGQyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0= HTTP 302
    http://xml-v4.optimalscreen1.online/click?seat=2849673&i=H6je51*z1E4_0 HTTP 302
    https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b316d219c&source=509038.3fae3e750bc28820b316d219c&query=dlscord%2520gift&search_referrer_domain=adfpoint.com&keyword=*&campaign_id=1316659&ip=193.32.248.228&source_subid=3fae3e750bc28820b316d219c&bid=0.0003 Page URL
  5. https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly91bHRpbWVvLWRvd25sb2FkZXIuY29tLz9zaWQ9YXJycA&ts=1710089446395&hash=GT7ThGtkS7zpGkYSGurEkIlbh0NHrvlDcaDkzXgFX0w&rm=DJ Page URL
  6. https://ultimeo-downloader.com/?sid=arrp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://ww2.dlscord-gift.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q_0&v=ZDY4NTAwMWY1YTY2ODRlY2U2NDMzNzYxZTBmNGViYTEJMQl3dzIuZGxzY29yZC1naWZ0Lnh5ejY1ZWRlNGU0M2JlMGMzLjg0NjMxOTEzCXd3Mi5kbHNjb3JkLWdpZnQueHl6NjVlZGU0ZTQzYmU4YzQuMjQ1ODk3NjMJMTcxMDA4OTQ0NQlhZF82M18w&l=OAliMmE3ZjI3ODBhZDkwZjhjNTg1Mjk0ZGVhMzYwMjJhNgkwCTQ4CTAJYzgyZDlmNDAwYjIxN2MyMDViMjc1NzFlNmM2ZTdiN2MJNTIzODkxMzU5CWRsc2NvcmQtZ2lmdAkwCTYzCTcJNQkxNzEwMDg5NDQ1CTguOEUtNQlOCTAJMQkxNTEyCTEyMDUJNTExNzQ3NTc1CTE5My4zMi4yNDguMjI4CTA%253D HTTP 302
  • http://ww2.dlscord-gift.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q_0&v=ZDY4NTAwMWY1YTY2ODRlY2U2NDMzNzYxZTBmNGViYTEJMQl3dzIuZGxzY29yZC1naWZ0Lnh5ejY1ZWRlNGU0M2JlMGMzLjg0NjMxOTEzCXd3Mi5kbHNjb3JkLWdpZnQueHl6NjVlZGU0ZTQzYmU4YzQuMjQ1ODk3NjMJMTcxMDA4OTQ0NQlhZF82M18w&l=OAliMmE3ZjI3ODBhZDkwZjhjNTg1Mjk0ZGVhMzYwMjJhNgkwCTQ4CTAJYzgyZDlmNDAwYjIxN2MyMDViMjc1NzFlNmM2ZTdiN2MJNTIzODkxMzU5CWRsc2NvcmQtZ2lmdAkwCTYzCTcJNQkxNzEwMDg5NDQ1CTguOEUtNQlOCTAJMQkxNTEyCTEyMDUJNTExNzQ3NTc1CTE5My4zMi4yNDguMjI4CTA%253D HTTP 302
  • http://xml.sedodna.com/click?i=bt5zTkXyB7Q_0 HTTP 302
  • http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
Request Chain 7
  • http://optimalscreen3.online/api/v1/pxcheck?impId=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cDovL29wdGltYWxzY3JlZW4zLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9NFVMbzZCUWs3eFZmVWo3Q1dHVjhJMVh0T21OQUxnQjlVRUZMZTlGQyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0= HTTP 302
  • http://xml-v4.optimalscreen1.online/click?seat=2849673&i=H6je51*z1E4_0 HTTP 302
  • https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b316d219c&source=509038.3fae3e750bc28820b316d219c&query=dlscord%2520gift&search_referrer_domain=adfpoint.com&keyword=*&campaign_id=1316659&ip=193.32.248.228&source_subid=3fae3e750bc28820b316d219c&bid=0.0003

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dlscord-gift.xyz/ 		593 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
http://dlscord-gift.xyz/
Protocol
HTTP/1.1
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 10 Mar 2024 16:50:43 GMT
etag
W/"63f68860-251"
last-modified
Wed, 22 Feb 2023 21:25:52 GMT
server
nginx/1.18.0 (Ubuntu)
transfer-encoding
chunked
/
domaincntrol.com/ 		29 B
339 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://domaincntrol.com/?orighost=http://dlscord-gift.xyz/
Requested by
Host: dlscord-gift.xyz
URL: http://dlscord-gift.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://dlscord-gift.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x_details
{"destination":"sedo","orighost":"dlscord-gift.xyz","type":"org","finalurl":"http://ww2.dlscord-gift.xyz","browser":"chrome","os":"windows","country":"DE","device":"desktop","isbot":false,"botscore":99}
date
Sun, 10 Mar 2024 16:50:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cf-ray
8624ce2f6cd1bf29-WAW
content-length
29
/
ww2.dlscord-gift.xyz/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww2.dlscord-gift.xyz/
Requested by
Host: dlscord-gift.xyz
URL: http://dlscord-gift.xyz/
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
b989c9831d309eb028f2993d7cbb299c18b65ae52ed04b2ffcf2da05cad0de09

Request headers

Referer
http://dlscord-gift.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Mar 2024 16:50:45 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sun, 10 Mar 2024 16:50:44 GMT
pragma
no-cache
server
NginX
transfer-encoding
chunked
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_IAF+zq0XJeYuc2NZWePPyBwBrTOQ2/lyQNSkC07zpbroTvIxRNPTEM9xndX+5ebO3xPjxIin8dZlXYVjmqbk0Q==
x-cache-miss-from
parking-5747c769c4-wlt8g
x-powered-by
PHP/8.1.17
js_preloader.gif
img.sedoparking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.sedoparking.com/images/js_preloader.gif
Requested by
Host: ww2.dlscord-gift.xyz
URL: http://ww2.dlscord-gift.xyz/
Protocol
HTTP/1.1
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww2.dlscord-gift.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Sun, 10 Mar 2024 16:50:45 GMT
x-cf-tsc
1708526951
X-CF3
H
CF4ttl
31373642.000
X-CF1
11696:fI.fra2:cf:cacheN.fra2-01:H
X-CF-ReqID
4cbf57acce60251afb904e8150869eae
Connection
keep-alive
Content-Length
4254
X-CF2
H
Last-Modified
Fri, 15 Mar 2019 12:24:07 GMT
Server
CFS 0215
X-CFF
B
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CFHash
"90c93102a88c2ab94bff1575b7a6e86e"
Cache-Control
max-age=604800
CF4Age
162357
Accept-Ranges
bytes
Expires
Sun, 17 Mar 2024 16:50:45 GMT
tsc.php
ww2.dlscord-gift.xyz/search/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww2.dlscord-gift.xyz/search/tsc.php?200=NTIzODkxMzU5&21=MTkzLjMyLjI0OC4yMjg=&681=MTcxMDA4OTQ0NTkzNWE4MWNjMTZjMmEwZTFmYmViYWQxMTMyYjA1YzUw&crc=a7736cec5d8739d4197781322ba3c3349dc4fe7b&cv=1
Requested by
Host: ww2.dlscord-gift.xyz
URL: http://ww2.dlscord-gift.xyz/
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ww2.dlscord-gift.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:45 GMT
x-cache-miss-from
parking-5747c769c4-hhv8v
server
NginX
x-powered-by
PHP/8.1.17
content-length
0
content-type
text/html; charset=UTF-8
px
optimalscreen3.online/api/v1/
Redirect Chain
  • http://ww2.dlscord-gift.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q_0&v=ZDY4NTAwMWY1YTY2ODRlY2U2NDMzNzYxZTBmNGViYTEJMQl3dzIuZGxzY29yZC1naWZ0Lnh5ejY1ZWRlNGU0M2Jl...
  • http://ww2.dlscord-gift.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Dbt5zTkXyB7Q_0&v=ZDY4NTAwMWY1YTY2ODRlY2U2NDMzNzYxZTBmNGViYTEJMQl3dzIuZGxzY29yZC1naWZ0Lnh5ejY1ZWRlNGU0M2Jl...
  • http://xml.sedodna.com/click?i=bt5zTkXyB7Q_0
  • http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
Requested by
Host: ww2.dlscord-gift.xyz
URL: http://ww2.dlscord-gift.xyz/
Protocol
HTTP/1.1
Server
15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
http://ww2.dlscord-gift.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 10 Mar 2024 16:50:45 GMT
ETag
W/"8ad-W6MJceMaJPr1zZOg0I9j0Hgq9As"
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
stormcaster.js
cdn.perfdrive.com/advanced/ 		237 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by
Host: optimalscreen3.online
URL: http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://optimalscreen3.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:17:18 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 25 Oct 2023 04:28:49 GMT
server
nginx/1.24.0
age
2007
etag
W/"65389981-3b2cb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90360
4bc96bcd-d1c4-406a-bcbd-9dfb79d83803
track.wewearegogogo.com/
Redirect Chain
  • http://optimalscreen3.online/api/v1/pxcheck?impId=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBw...
  • http://xml-v4.optimalscreen1.online/click?seat=2849673&i=H6je51*z1E4_0
  • https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b316d219c&source=509038.3fae3e750bc28820b316d219c&query=dlscord%2520gift&search_referrer_do...
706 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b316d219c&source=509038.3fae3e750bc28820b316d219c&query=dlscord%2520gift&search_referrer_domain=adfpoint.com&keyword=*&campaign_id=1316659&ip=193.32.248.228&source_subid=3fae3e750bc28820b316d219c&bid=0.0003
Requested by
Host: optimalscreen3.online
URL: http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
http://optimalscreen3.online/api/v1/px?xmlid=4ULo6BQk7xVfUj7CWGV8I1XtOmNALgB9UEFLe9FC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
706
content-type
text/html;charset=UTF-8
date
Sun, 10 Mar 2024 16:50:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Location
https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b316d219c&source=509038.3fae3e750bc28820b316d219c&query=dlscord%2520gift&search_referrer_domain=adfpoint.com&keyword=*&campaign_id=1316659&ip=193.32.248.228&source_subid=3fae3e750bc28820b316d219c&bid=0.0003
jsdata
cas.avalon.perfdrive.com/ 		360 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://optimalscreen3.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sun, 10 Mar 2024 16:50:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
360
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		255 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
http://optimalscreen3.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Sun, 10 Mar 2024 16:50:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
content-type
text/plain; charset=UTF-8
redirect
track.wewearegogogo.com/ 		418 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly91bHRpbWVvLWRvd25sb2FkZXIuY29tLz9zaWQ9YXJycA&ts=1710089446395&hash=GT7ThGtkS7zpGkYSGurEkIlbh0NHrvlDcaDkzXgFX0w&rm=DJ
Requested by
Host: track.wewearegogogo.com
URL: https://track.wewearegogogo.com/4bc96bcd-d1c4-406a-bcbd-9dfb79d83803?pubfeed=509038&subid=3fae3e750bc28820b316d219c&source=509038.3fae3e750bc28820b316d219c&query=dlscord%2520gift&search_referrer_domain=adfpoint.com&keyword=*&campaign_id=1316659&ip=193.32.248.228&source_subid=3fae3e750bc28820b316d219c&bid=0.0003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-16-63.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4aba87f796c5ed21c8bb9687e9b220961b4ff14badd259ba6f224c07e114a093

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
418
content-type
text/html;charset=UTF-8
date
Sun, 10 Mar 2024 16:50:46 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
Primary Request /
ultimeo-downloader.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ultimeo-downloader.com/?sid=arrp
Requested by
Host: track.wewearegogogo.com
URL: https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly91bHRpbWVvLWRvd25sb2FkZXIuY29tLz9zaWQ9YXJycA&ts=1710089446395&hash=GT7ThGtkS7zpGkYSGurEkIlbh0NHrvlDcaDkzXgFX0w&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d05cac70950d6dae23feb76188e27307270769051d573ee2fed2fc3903e86151

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8624ce40dc3b92ce-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 10 Mar 2024 16:50:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FMPckiXuqIldiKqLQvYq%2FzrSpmEQDOOBzkbGoJXbXT9v9F8UqRQUEX7frDVdJhrvKZMEW%2B3oJZujIupd9g%2BYElBSMWAWyN%2FRsSIaBRAlRTJKixBCkligvej33PG3%2FkPstlCecAzv0BHXrtesmVzkjiaXLPv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.min.css
ultimeo-downloader.com/css/ 		46 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ultimeo-downloader.com/css/app.min.css?4176450977
Requested by
Host: ultimeo-downloader.com
URL: https://ultimeo-downloader.com/?sid=arrp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb86291c46df89a439ec8f87d66deaa419280e9eed0aaa22478a1db1c83ee5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/?sid=arrp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2024 15:24:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2623
etag
W/"65cf7e4a-b7aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUrwb3g6pJ9vpB%2Fkl6KhX5uX%2FKlzm9x%2F7aSwVNoCsLs4obTFnZ2YE6JckCpFDYbz44v6A%2B%2F6NFp5NBdTZbmQrkertdAI6gWrF%2BKwzBgTWDibr6PLoKLS5jMD3B8%2BM0n1n9nzFVecULLyGLhL5bMzIyDpJCHH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8624ce415d9092ce-CPH
alt-svc
h3=":443"; ma=86400
logo.png
ultimeo-downloader.com/assets/images/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultimeo-downloader.com/assets/images/logo.png
Requested by
Host: ultimeo-downloader.com
URL: https://ultimeo-downloader.com/?sid=arrp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2325e107181a4143df0468b50bd92216401233747ec0ed718566c6785ae3181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/?sid=arrp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:46 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2024 14:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2623
etag
"65cf6f7e-19f6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cauUohaHBIQXjiBTrJDDNgZHZw3ZJST6tRwIsMsiGG%2Brgdw2%2BX%2BpUcYzrv%2FmqiPbyz4eTLglXFDo90KJVDbrjWF11UhRP%2FwnxCVvNvdYhlplxQPaX6Ub2NT%2BfBIH9SP5jheINyUFPGZFvavWTA8Bjog%2FAzo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
8624ce415d9392ce-CPH
alt-svc
h3=":443"; ma=86400
content-length
106349
bg_pic_1.png
ultimeo-downloader.com/assets/images/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultimeo-downloader.com/assets/images/bg_pic_1.png
Requested by
Host: ultimeo-downloader.com
URL: https://ultimeo-downloader.com/?sid=arrp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656a3a09f1d1d778b6006482441b329ce8df75b359642a02c5bb5002aaaf0275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/?sid=arrp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:46 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2024 14:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2020
etag
"65cf6f7e-36bc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAJ886%2FqLlddbkV%2BQErB%2F1WG9f8jVTw2oAVD8R6eirm19oR4mvyspEDg2vF1WvUqUKHPyXHbBgiVlyPaUpv2vZVIOif0yXcfll1JujJI8o3WNbG9b8%2BqrQ3ux1HTUhPl7aZT89VfGke3V0%2By6kk4JGvivE2G"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
8624ce415d9692ce-CPH
alt-svc
h3=":443"; ma=86400
content-length
224193
bg_pic_2.png
ultimeo-downloader.com/assets/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultimeo-downloader.com/assets/images/bg_pic_2.png
Requested by
Host: ultimeo-downloader.com
URL: https://ultimeo-downloader.com/?sid=arrp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c670c182b20177098346bec30b26c5e65b235c0f1dcd447295935481f5453d15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/?sid=arrp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:46 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2024 14:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2020
etag
"65cf6f7e-3e84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vV9bwasDKw6bWn%2B4n%2F%2BysMLW35wY4NFCDslI%2FTLlxpXrPYrCdZNRxyNe92whECQeLkEZjE%2BoO83j0epM8xcfZLZf%2FEzzAuUEE5wmq2nvVQrwv%2BMpZWWmhYT88PCku%2B1xNq%2B5l93m5iy0zSPjGwR1kEpRurB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
8624ce416da592ce-CPH
alt-svc
h3=":443"; ma=86400
content-length
16004
pic.png
ultimeo-downloader.com/assets/images/ 		363 KB
364 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ultimeo-downloader.com/assets/images/pic.png
Requested by
Host: ultimeo-downloader.com
URL: https://ultimeo-downloader.com/?sid=arrp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4424711791a631f1421c785b4446c3c6203ce61a81adaaa7c7124188a0e149da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/?sid=arrp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:46 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Feb 2024 14:21:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2623
etag
"65cf6f7e-5ad6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjBLRf1zsjccbMiiipQXIMTqcIKzj2fK7dkirKDC8Db1Rdn9in5IlN5Dk2x9G75B5H7hRocsyRXq%2FpMx1Cb%2BDp3fW68BB293jHzR2Q8kerI61byo3QQuZy9Yx28kpiPdRO8n0gKsItEZdibd6cjf8%2BimgWs6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
8624ce416da992ce-CPH
alt-svc
h3=":443"; ma=86400
content-length
372079
js
www.googletagmanager.com/gtag/ 		292 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K6113ETGXV
Requested by
Host: ultimeo-downloader.com
URL: https://ultimeo-downloader.com/?sid=arrp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e901fe04cb2a05b0e47ad0d7bfa96bca90e3b3b4bb4c93d43c7da508f4118276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 16:50:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98552
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Mar 2024 16:50:46 GMT
truncated
/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6379258d7751044f2a12466b160290a01f9391278776820919235f004029c808

Request headers

Referer
Origin
https://ultimeo-downloader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1eeaadca1a4bba2caa906234efdec9d1314cb7aee723a0205fe945f8bf5b28b

Request headers

Referer
Origin
https://ultimeo-downloader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c206be395693418cfd985c02138da43b7857189130fd31ed6a87925ab17878f7

Request headers

Referer
Origin
https://ultimeo-downloader.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type
application/octet-stream
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K6113ETGXV&gtm=45je4360v9178145775za200&_p=1710089446667&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=758517960.1710089447&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710089446&sct=1&seg=0&dl=https%3A%2F%2Fultimeo-downloader.com%2F%3Fsid%3Darrp&dt=UlV.%20Ultimate%20downloader%20for%20Vimeo&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=460
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K6113ETGXV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ultimeo-downloader.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 16:50:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ultimeo-downloader.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

14 Cookies

Domain/Path Name / Value
.optimalscreen3.online/ Name: __ssds
Value: 2
.optimalscreen3.online/ Name: __ssuzjsr2
Value: a9be0cd8e
.optimalscreen3.online/ Name: __uzmaj2
Value: 0e3a34b3-1d29-45cc-8470-e24ab7ed4622
.optimalscreen3.online/ Name: __uzmbj2
Value: 1710089446
.optimalscreen3.online/ Name: __uzmcj2
Value: 840951064929
.optimalscreen3.online/ Name: __uzmdj2
Value: 1710089446
.optimalscreen3.online/ Name: __uzmlj2
Value: X6klKb/c/56WuYqlyb2nk5BuHHZBv1CPmdmlzVsdsFA=
.optimalscreen3.online/ Name: __uzmfj2
Value: 7f6000bfb2715b-c643-474c-9962-1bd656ee02ee17100894461520-21b23180f6c33da810
.track.wewearegogogo.com/ Name: 4bc96bcd-d1c4-406a-bcbd-9dfb79d83803-v4
Value: F-pBq6iDMIUmPoIAoiwsLwBzK9xrl--WNSJETLa3LpM
.track.wewearegogogo.com/ Name: cc-v4
Value: fM%2FdMbOB%2FT2KgaS5SuHAe5qL5%2BH0tASTWEFsmcVW4MbvCCchIcKAODdB3Y12kZNndSw6CriLNywZpFL%2B56azlMmrANvrltDuZ%2Bhso6HvLlZaEOQ1ERmral%2BLVJFYIn2oVHfZ7w6Yby2XaNGvu%2BRtQg%3D%3D
.ultimeo-downloader.com/ Name: uiv_sid
Value: arrp
.ultimeo-downloader.com/ Name: uiv_install
Value: 1
.ultimeo-downloader.com/ Name: _ga
Value: GA1.1.758517960.1710089447
.ultimeo-downloader.com/ Name: _ga_K6113ETGXV
Value: GS1.1.1710089446.1.0.1710089446.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.perfdrive.com
dlscord-gift.xyz
domaincntrol.com
img.sedoparking.com
optimalscreen3.online
region1.google-analytics.com
track.wewearegogogo.com
ultimeo-downloader.com
ww2.dlscord-gift.xyz
www.googletagmanager.com
xml-v4.optimalscreen1.online
xml.sedodna.com
130.211.29.114
15.197.224.234
173.239.53.32
18.156.16.63
2001:4860:4802:32::36
205.234.175.175
2606:4700::6812:1b2d
2a00:1450:4001:812::2008
2a06:98c1:3121::3
35.241.15.240
64.190.63.136
64.225.91.73
4424711791a631f1421c785b4446c3c6203ce61a81adaaa7c7124188a0e149da
4aba87f796c5ed21c8bb9687e9b220961b4ff14badd259ba6f224c07e114a093
6379258d7751044f2a12466b160290a01f9391278776820919235f004029c808
656a3a09f1d1d778b6006482441b329ce8df75b359642a02c5bb5002aaaf0275
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
acb86291c46df89a439ec8f87d66deaa419280e9eed0aaa22478a1db1c83ee5f
b2325e107181a4143df0468b50bd92216401233747ec0ed718566c6785ae3181
b989c9831d309eb028f2993d7cbb299c18b65ae52ed04b2ffcf2da05cad0de09
c1eeaadca1a4bba2caa906234efdec9d1314cb7aee723a0205fe945f8bf5b28b
c206be395693418cfd985c02138da43b7857189130fd31ed6a87925ab17878f7
c670c182b20177098346bec30b26c5e65b235c0f1dcd447295935481f5453d15
d05cac70950d6dae23feb76188e27307270769051d573ee2fed2fc3903e86151
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e901fe04cb2a05b0e47ad0d7bfa96bca90e3b3b4bb4c93d43c7da508f4118276