urlscan.io logo urlscan.io
SecurityTrails logo

ps.popcash.net Open in urlscan Pro
35.172.1.212  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://three.traketiz.sbs/?utm_medium=a7f11d2e3e40a0a5ec42f943943ac1f95d625756&utm_campaign=May6adu&cid=wnd2fjtbiu7n8v5oi9...
Effective URL: http://ps.popcash.net/go/134600/317194
Submission: On April 21 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 11 domains to perform 8 HTTP transactions. The main IP is 35.172.1.212, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ps.popcash.net. The Cisco Umbrella rank of the primary domain is 51767.
This is the only time ps.popcash.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Fulll_Version_iSetup.zip 35 MB application/zip
MIME: Zip archive data, at least v1.0 to extract
Size: 35 MB (37084691 bytes, 100% done)
Downloaded from: https://cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/Fulll_Version_iSetup.zip

Domain & IP information

IP Address AS Autonomous System
4 108.178.23.114 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.141.137.168 396982 (GOOGLE-CL...)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
1 1 34.91.142.64 396982 (GOOGLE-CL...)
1 5.9.7.122 24940 (HETZNER-AS)
1 1 51.161.115.163 16276 (OVH)
1 1 51.83.143.92 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 35.172.1.212 14618 (AMAZON-AES)
1 1 198.54.119.115 ()
1 162.159.135.233 ()
8 5
4    108.178.23.114 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
three.traketiz.sbs
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.lifetrouhgby.info
1    34.141.137.168 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.137.141.34.bc.googleusercontent.com
admoustache.go2affise.com
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
admoustache.media-412.com
1    34.91.142.64 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.142.91.34.bc.googleusercontent.com
harrenmedia.g2afse.com
1    5.9.7.122 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.122.7.9.5.clients.your-server.de
armr.trckswrm.com
1    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t5.hightid.com
1    51.83.143.92 (France)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
t10.blowingwnd.com
1    2606:4700:3034::ac43:c2cb (United States)

ASN13335 (CLOUDFLARENET, US)
popcash.net
2    35.172.1.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-1-212.compute-1.amazonaws.com
ps.popcash.net
1    198.54.119.115 (None, )

ASN- ()
lightyearsaheads.com
1    162.159.135.233 (None, )

ASN- ()
cdn.discordapp.com
Apex Domain
Subdomains		 Transfer
4 traketiz.sbs
three.traketiz.sbs
20 KB
3 popcash.net
popcash.net — Cisco Umbrella Rank: 24213
ps.popcash.net — Cisco Umbrella Rank: 51767
1 KB
3 lifetrouhgby.info
www.lifetrouhgby.info
6 KB
1 discordapp.com
cdn.discordapp.com
1 lightyearsaheads.com
lightyearsaheads.com
208 B
1 blowingwnd.com
t10.blowingwnd.com — Cisco Umbrella Rank: 129048
253 B
1 hightid.com
t5.hightid.com — Cisco Umbrella Rank: 64129
304 B
1 trckswrm.com
armr.trckswrm.com — Cisco Umbrella Rank: 83293
268 B
1 g2afse.com
harrenmedia.g2afse.com — Cisco Umbrella Rank: 786521
308 B
1 media-412.com
admoustache.media-412.com — Cisco Umbrella Rank: 844735
286 B
1 go2affise.com
admoustache.go2affise.com
299 B
8 11
Domain Requested by
4 three.traketiz.sbs three.traketiz.sbs
3 www.lifetrouhgby.info 2 redirects three.traketiz.sbs
2 ps.popcash.net 1 redirects armr.trckswrm.com
1 cdn.discordapp.com ps.popcash.net
1 lightyearsaheads.com 1 redirects
1 popcash.net 1 redirects
1 t10.blowingwnd.com 1 redirects
1 t5.hightid.com 1 redirects
1 armr.trckswrm.com www.lifetrouhgby.info
1 harrenmedia.g2afse.com 1 redirects
1 admoustache.media-412.com 1 redirects
1 admoustache.go2affise.com 1 redirects
8 12

This site contains no links.

Subject Issuer Validity Valid
three.traketiz.sbs
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
www.lifetrouhgby.info
R3		 2023-02-23 -
2023-05-24		 3 months crt.sh
armr.trckswrm.com
ZeroSSL RSA Domain Secure Site CA		 2023-04-21 -
2023-07-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-19 -
2023-11-19		 a year crt.sh

This page contains 1 frames:

Frame: https://cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/Fulll_Version_iSetup.zip
Frame ID: 8859BB19E0BEF7B110117638CF543766
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://three.traketiz.sbs/?utm_medium=a7f11d2e3e40a0a5ec42f943943ac1f95d625756&utm_campaign=May6adu&ci... Page URL
  2. https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://three.traketiz.sbs/proc.php?6a2d23825f35227edc8829291b44bf09729551b1 Page URL
  4. https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website... Page URL
  5. https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website... HTTP 302
    https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=3300087e5e83c73046b2430fce7530b8... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=49&sub1=3300087e5e83c73046b2430fce7530b8a... HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=644300b203bb5200017385b0&sub2=49 HTTP 302
    https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299... Page URL
  6. https://t5.hightid.com/a.php?p=c:yfde_8vmmhm66zo2l&d=61a75d3e6d6aed2ba344f105&pid=BCa3rhYAAAGHpbq6o... HTTP 302
    https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_107_&d1=1217p3t0dz HTTP 302
    https://popcash.net/world/go/134600/317194 HTTP 301
    http://ps.popcash.net/go/134600/317194 Page URL

Page Statistics

8
Requests

88 %
HTTPS

8 %
IPv6

11
Domains

12
Subdomains

5
IPs

5
Countries

26 kB
Transfer

39 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://three.traketiz.sbs/?utm_medium=a7f11d2e3e40a0a5ec42f943943ac1f95d625756&utm_campaign=May6adu&cid=wnd2fjtbiu7n8v5oi99mppfq Page URL
  2. https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  3. https://three.traketiz.sbs/proc.php?6a2d23825f35227edc8829291b44bf09729551b1 Page URL
  4. https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  5. https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=a5f4d2bcdacf3bff25f0cfac949e9bb2&eyer=0.6201332185062212&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=three.traketiz.sbs HTTP 302
    https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.6201332185062212&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=three.traketiz.sbs HTTP 302
    https://admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=3300087e5e83c73046b2430fce7530b8af0620421-202304-flb*5564926-3eb37*M7224618983163428940*sl_5564926-3eb37*4b223d6025a84f5b0e7417312f69bb816c6e1c9e*12034-41bbd30z*12034 HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=49&sub1=3300087e5e83c73046b2430fce7530b8af0620421-202304-flb*5564926-3eb37*M7224618983163428940*sl_5564926-3eb37*4b223d6025a84f5b0e7417312f69bb816c6e1c9e*12034-41bbd30z*12034&sub2=&sub3=&sub4=0&sub5=503 HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=644300b203bb5200017385b0&sub2=49 HTTP 302
    https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88 Page URL
  6. https://t5.hightid.com/a.php?p=c:yfde_8vmmhm66zo2l&d=61a75d3e6d6aed2ba344f105&pid=BCa3rhYAAAGHpbq6owAACm4AAABrAAABMgAAAAAP&s=107_ HTTP 302
    https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_107_&d1=1217p3t0dz HTTP 302
    https://popcash.net/world/go/134600/317194 HTTP 301
    http://ps.popcash.net/go/134600/317194 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=a5f4d2bcdacf3bff25f0cfac949e9bb2&eyer=0.6201332185062212&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=three.traketiz.sbs HTTP 302
  • https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.6201332185062212&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=three.traketiz.sbs HTTP 302
  • https://admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=3300087e5e83c73046b2430fce7530b8af0620421-202304-flb*5564926-3eb37*M7224618983163428940*sl_5564926-3eb37*4b223d6025a84f5b0e7417312f69bb816c6e1c9e*12034-41bbd30z*12034 HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=49&sub1=3300087e5e83c73046b2430fce7530b8af0620421-202304-flb*5564926-3eb37*M7224618983163428940*sl_5564926-3eb37*4b223d6025a84f5b0e7417312f69bb816c6e1c9e*12034-41bbd30z*12034&sub2=&sub3=&sub4=0&sub5=503 HTTP 302
  • https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=644300b203bb5200017385b0&sub2=49 HTTP 302
  • https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88
Request Chain 6
  • http://ps.popcash.net/ad/ad?p=134600&w=317194&t=1e14b0c117deb936&r=&vw=1600&vh=1200 HTTP 303
  • https://lightyearsaheads.com/ HTTP 301
  • https://cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/Fulll_Version_iSetup.zip

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
three.traketiz.sbs/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://three.traketiz.sbs/?utm_medium=a7f11d2e3e40a0a5ec42f943943ac1f95d625756&utm_campaign=May6adu&cid=wnd2fjtbiu7n8v5oi99mppfq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:31:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
three.traketiz.sbs/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: three.traketiz.sbs
URL: https://three.traketiz.sbs/?utm_medium=a7f11d2e3e40a0a5ec42f943943ac1f95d625756&utm_campaign=May6adu&cid=wnd2fjtbiu7n8v5oi99mppfq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
9862139fede4a432ffd341ed5fbbae0b6ed14c1ca9f836762f30e908dec8d1e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://three.traketiz.sbs/?utm_medium=a7f11d2e3e40a0a5ec42f943943ac1f95d625756&utm_campaign=May6adu&cid=wnd2fjtbiu7n8v5oi99mppfq
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:31:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
skip-button.jpg
three.traketiz.sbs/20190821/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://three.traketiz.sbs/20190821/skip-button.jpg
Requested by
Host: three.traketiz.sbs
URL: https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
f0eb9ece706d722ccab204bd08b56af28d95666e63d514c908a034243ceafa01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 21:31:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Wed, 21 Aug 2019 12:57:11 GMT
server
nginx
etag
"5d5d3fa7-2e32"
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
content-length
11826
expires
Sat, 22 Apr 2023 21:31:29 GMT
proc.php
three.traketiz.sbs/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://three.traketiz.sbs/proc.php?6a2d23825f35227edc8829291b44bf09729551b1
Requested by
Host: three.traketiz.sbs
URL: https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.178.23.114 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://three.traketiz.sbs/?utm_term=7224618983163428940&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 21:31:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.lifetrouhgby.info/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: three.traketiz.sbs
URL: https://three.traketiz.sbs/proc.php?6a2d23825f35227edc8829291b44bf09729551b1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://three.traketiz.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Fri, 21 Apr 2023 21:31:29 GMT
Transfer-Encoding
chunked
recommendation
armr.trckswrm.com/
Redirect Chain
  • https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcb...
  • https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcb...
  • https://admoustache.go2affise.com/sl?id=59a83ff913943bff7e8b4571&pid=503&sub1=3300087e5e83c73046b2430fce7530b8af0620421-202304-flb*5564926-3eb37*M7224618983163428940*sl_5564926-3eb37*4b223d6025a84f...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=49&sub1=3300087e5e83c73046b2430fce7530b8af0620421-202304-flb*5564926-3eb37*M7224618983163428940*sl_5564926-3eb37*4b223d6025a84f5...
  • https://harrenmedia.g2afse.com/sl?id=5fc763a729102be261cd5e90&pid=88&sub1=644300b203bb5200017385b0&sub2=49
  • https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88
212 B
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88
Requested by
Host: www.lifetrouhgby.info
URL: https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.9.7.122 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.122.7.9.5.clients.your-server.de
Software
/
Resource Hash
abadefea56ba690459c00e20d0c09c05351be4ce76a122372a36f531bdb9399d

Request headers

Referer
https://www.lifetrouhgby.info/?sl=5564926-3eb37&data1=Track1&data2=Track2&tag=M7224618983163428940&website=12034-41bbd30z&placement=12034&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

content-length
212
date
Fri, 21 Apr 2023 21:31:30 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 21 Apr 2023 21:31:30 GMT
location
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
Primary Request 317194
ps.popcash.net/go/134600/
Redirect Chain
  • https://t5.hightid.com/a.php?p=c:yfde_8vmmhm66zo2l&d=61a75d3e6d6aed2ba344f105&pid=BCa3rhYAAAGHpbq6owAACm4AAABrAAABMgAAAAAP&s=107_
  • https://t10.blowingwnd.com/e.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_107_&d1=1217p3t0dz
  • https://popcash.net/world/go/134600/317194
  • http://ps.popcash.net/go/134600/317194
426 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/134600/317194
Requested by
Host: armr.trckswrm.com
URL: https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88
Protocol
HTTP/1.1
Server
35.172.1.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-1-212.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0cabfe38a0a00868f94d7ed51ee22d674fb39c6306e6d63304e56f277e9ec44e

Request headers

Referer
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=107&pub_click_id=644300b2ec0d760001299b8c&pub_sub_id=&pub_sub_sub_id=88
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 21 Apr 2023 21:31:32 GMT
Server
nginx
Vary
Accept-Encoding
transfer-encoding
chunked

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
7bb8bc02a9762bb4-FRA
content-length
162
content-type
text/html
date
Fri, 21 Apr 2023 21:31:31 GMT
location
http://ps.popcash.net/go/134600/317194
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FEDCqDyHCSpFSwBNPDRTpZsDTqBbuiGcQNbphSUoaiKXPhuAVlyleKG3qfC6lW577veWWxlav89%2BeEXWRQH%2FyzmSEa8hKDLaLrZJZezcHa5nYTPPul%2FPSSS%2FHrl2elZPh8LZpAMZ8wF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Fulll_Version_iSetup.zip
cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=134600&w=317194&t=1e14b0c117deb936&r=&vw=1600&vh=1200
  • https://lightyearsaheads.com/
  • https://cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/Fulll_Version_iSetup.zip
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/Fulll_Version_iSetup.zip
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/134600/317194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.233 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9
referer
https://trakpls.beauty/redirect?target=BASE64aHR0cHM6Ly90aHJlZS50cmFrZXRpei5zYnMvP3V0bV9tZWRpdW09YTdmMTFkMmUzZTQwYTBhNWVjNDJmOTQzOTQzYWMxZjk1ZDYyNTc1NiZ1dG1fY2FtcGFpZ249TWF5NmFkdSZjaWQ9d25kMmZqdGJpdTduOHY1b2k5OW1wcGZx&ts=1682091865495&hash=kjC-btDtYoNqZg2hV8dUaNNJthXNIVvfvFw7vofZkqA&rm=DJ

Response headers

accept-ranges
bytes
age
526
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
7bb8bc0de85e928f-FRA
content-disposition
attachment; filename="Fulll_Version_iSetup.zip"
content-length
37084691
content-type
application/zip
date
Fri, 21 Apr 2023 21:31:33 GMT
etag
"1fe9b5742e7afbc73a48f18fa0f479a4"
expires
Sat, 20 Apr 2024 21:31:33 GMT
last-modified
Fri, 21 Apr 2023 17:12:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poaMDMkgk6YbihwlxboaaYuwaewRqONwPKXy11wdpznubeV1icj0T9y3xfbt9xSEx2GIegOBAhJ63yVCcSL%2B932DdpUzlqmPC7D00d5mE3%2BwworeYB0mVhfLYu2N13XuGxdfUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1682097127918294
x-goog-hash
crc32c=5mkeJg== md5=H+m1dC56+8c6SPGPoPR5pA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
37084691
x-guploader-uploadid
ADPycdtvDBLgx7c7gsnxtLZy9i2lLWnrDqJmRUJT7GZLz_9S6kngC83Slwstt-mOdH8-q-Oa88gMIyGKh8UHCm2xY4onCWleoJAK
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp

Redirect headers

content-length
707
content-type
text/html
date
Fri, 21 Apr 2023 21:31:33 GMT
location
https://cdn.discordapp.com/attachments/1095479535090282496/1099019752669724732/Fulll_Version_iSetup.zip
server
LiteSpeed
x-turbo-charged-by
LiteSpeed

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| x number| y

4 Cookies

Domain/Path Name / Value
three.traketiz.sbs/ Name: u
Value: 9a657091018a5983779bf5acdb1b54d8
three.traketiz.sbs/ Name: split
Value: b
admoustache.media-412.com/ Name: afclick
Value: 644300b203bb5200017385b0
harrenmedia.g2afse.com/ Name: afclick
Value: 644300b2ec0d760001299b8c