urlscan.io logo urlscan.io
SecurityTrails logo

ak.labtrffc.com Open in urlscan Pro
51.83.143.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3oTOTJr
Effective URL: https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930
Submission: On January 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 7 HTTP transactions. The main IP is 51.83.143.92, located in Poland and belongs to OVH, FR. The main domain is ak.labtrffc.com.
TLS certificate: Issued by R3 on December 25th 2020. Valid for: 3 months.
This is the only time ak.labtrffc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 31.170.100.125 201942 (SOLTIA)
1 3 67.212.173.78 32475 (SINGLEHOP...)
1 1 104.27.131.164 13335 (CLOUDFLAR...)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
1 2 51.83.143.92 16276 (OVH)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
7 5
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    31.170.100.125 (Spain)

ASN201942 (SOLTIA, ES)
track.crancis.com
3    67.212.173.78 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
bxt1.shaperal.com
1    104.27.131.164 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.armorads.com
1    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
go.whiteanemone.xyz
2    51.83.143.92 (Poland)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
guay.labtrffc.com
ak.labtrffc.com
2    2606:4700:3034::ac43:bbbc (United States)

ASN13335 (CLOUDFLARENET, US)
popmyads.com
Apex Domain
Subdomains		 Transfer
3 shaperal.com
bxt1.shaperal.com
7 KB
2 popmyads.com
popmyads.com
2 KB
2 labtrffc.com
guay.labtrffc.com
ak.labtrffc.com
957 B
1 whiteanemone.xyz
go.whiteanemone.xyz
236 B
1 armorads.com
tracking.armorads.com
1 KB
1 crancis.com
track.crancis.com
453 B
1 bit.ly
bit.ly
375 B
0 amung.us Failed
whos.amung.us Failed
7 8
Domain Requested by
3 bxt1.shaperal.com 1 redirects bxt1.shaperal.com
2 popmyads.com 1 redirects bxt1.shaperal.com
1 ak.labtrffc.com ak.labtrffc.com
1 guay.labtrffc.com 1 redirects
1 go.whiteanemone.xyz 1 redirects
1 tracking.armorads.com 1 redirects
1 track.crancis.com
1 bit.ly 1 redirects
0 whos.amung.us Failed popmyads.com
7 9

This site contains no links.

Subject Issuer Validity Valid
track.crancis.com
R3		 2020-12-29 -
2021-03-29		 3 months crt.sh
bxt1.shaperal.com
Let's Encrypt Authority X3		 2020-11-25 -
2021-02-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
lone-star.landingtrack.com
R3		 2020-12-25 -
2021-03-25		 3 months crt.sh

This page contains 1 frames:

Frame: https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930&bv=1
Frame ID: B4144F71D8941B30A348F0A56A4952FC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/3oTOTJr HTTP 301
    https://track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071... Page URL
  2. https://bxt1.shaperal.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M... Page URL
  3. https://bxt1.shaperal.com/?utm_term=6917350580356644952&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  4. https://bxt1.shaperal.com/proc.php?060eda8f787dc36c155d6ce1008f1c6175e6d789 HTTP 302
    http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6917350580356644952&sub2=976&sub3... HTTP 302
    https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid... HTTP 302
    https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocor... HTTP 302
    https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ== Page URL
  5. https://popmyads.com/go HTTP 302
    https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

71 %
HTTPS

14 %
IPv6

8
Domains

9
Subdomains

5
IPs

3
Countries

9 kB
Transfer

16 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3oTOTJr HTTP 301
    https://track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071a?Subid={Nike}&sub_pubid={39664}&externalid={YOUR_CLICKID_HERE}&lp=popup&lang=(us) Page URL
  2. https://bxt1.shaperal.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2021011320-002f3f2d83a7baf24e9d7fbe999026d9&kw1=M999M Page URL
  3. https://bxt1.shaperal.com/?utm_term=6917350580356644952&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f Page URL
  4. https://bxt1.shaperal.com/proc.php?060eda8f787dc36c155d6ce1008f1c6175e6d789 HTTP 302
    http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6917350580356644952&sub2=976&sub3=976-90c45c5z HTTP 302
    https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid=5fff5db7d402c0000179cd80&sub1=4-976&query=http%3A%2F%2Fcryptocore.xyz HTTP 302
    https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocore.xyz HTTP 302
    https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ== Page URL
  5. https://popmyads.com/go HTTP 302
    https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3oTOTJr HTTP 301
  • https://track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071a?Subid={Nike}&sub_pubid={39664}&externalid={YOUR_CLICKID_HERE}&lp=popup&lang=(us)
Request Chain 3
  • https://bxt1.shaperal.com/proc.php?060eda8f787dc36c155d6ce1008f1c6175e6d789 HTTP 302
  • http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6917350580356644952&sub2=976&sub3=976-90c45c5z HTTP 302
  • https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid=5fff5db7d402c0000179cd80&sub1=4-976&query=http%3A%2F%2Fcryptocore.xyz HTTP 302
  • https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocore.xyz HTTP 302
  • https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
024b1070-21fddc52-6b27a253-7c08-071a
track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/
Redirect Chain
  • https://bit.ly/3oTOTJr
  • https://track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071a?Subid={Nike}&sub_pubid={39664}&externalid={YOUR_CLICKID_HERE}&lp=popup&lang=(us)
244 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071a?Subid={Nike}&sub_pubid={39664}&externalid={YOUR_CLICKID_HERE}&lp=popup&lang=(us)
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.170.100.125 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software
nginx /
Resource Hash
8333d4ec45b3d2a372b1851a521c50d10f7cdb5bddcf3898f436058bba247450

Request headers

:method
GET
:authority
track.crancis.com
:scheme
https
:path
/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071a?Subid={Nike}&sub_pubid={39664}&externalid={YOUR_CLICKID_HERE}&lp=popup&lang=(us)
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Wed, 13 Jan 2021 20:53:05 GMT
content-type
text/html; charset=UTF-8
content-length
206
access-control-allow-origin
*
access-control-allow-headers
Content-Type
cache-control
no-cache, private
content-encoding
gzip
x-device
desktop
accept-ranges
bytes
age
0
tp-cache
MISS
vary
Accept-Encoding

Redirect headers

server
nginx
date
Wed, 13 Jan 2021 20:53:02 GMT
content-type
text/html; charset=utf-8
content-length
287
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://track.crancis.com/ofc/c23e6710-a1490dfa-be24e280-78b7-c859/024b1070-21fddc52-6b27a253-7c08-071a?Subid={Nike}&sub_pubid={39664}&externalid={YOUR_CLICKID_HERE}&lp=popup&lang=(us)
referrer-policy
unsafe-url
set-cookie
_bit=l0dkR2-1c378358156e0ee73f-00S; Domain=bit.ly; Expires=Mon, 12 Jul 2021 20:53:02 GMT
via
1.1 google
alt-svc
clear
/
bxt1.shaperal.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bxt1.shaperal.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2021011320-002f3f2d83a7baf24e9d7fbe999026d9&kw1=M999M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.212.173.78 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
1697a773c6e23b259407576ba987376d657a5620cd5f5af116ee0aacf5f09de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
bxt1.shaperal.com
:scheme
https
:path
/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2021011320-002f3f2d83a7baf24e9d7fbe999026d9&kw1=M999M
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Wed, 13 Jan 2021 20:53:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=ee9e3319686894fe0be8774187ce963a; expires=Thu, 13-Jan-2022 20:53:08 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
bxt1.shaperal.com/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bxt1.shaperal.com/?utm_term=6917350580356644952&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Requested by
Host: bxt1.shaperal.com
URL: https://bxt1.shaperal.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2021011320-002f3f2d83a7baf24e9d7fbe999026d9&kw1=M999M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.212.173.78 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
cece90598bc03aeaa5cf141e109b8558640fe1bea2beec62e033f89d8563317a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
bxt1.shaperal.com
:scheme
https
:path
/?utm_term=6917350580356644952&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://bxt1.shaperal.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2021011320-002f3f2d83a7baf24e9d7fbe999026d9&kw1=M999M
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=ee9e3319686894fe0be8774187ce963a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bxt1.shaperal.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2021011320-002f3f2d83a7baf24e9d7fbe999026d9&kw1=M999M

Response headers

server
nginx
date
Wed, 13 Jan 2021 20:53:09 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
aHR0cDovL3RyYWZmaXgyLmNvbQ==
popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/
Redirect Chain
  • https://bxt1.shaperal.com/proc.php?060eda8f787dc36c155d6ce1008f1c6175e6d789
  • http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6917350580356644952&sub2=976&sub3=976-90c45c5z
  • https://go.whiteanemone.xyz/redirect?feed=276309&auth=ebuQy0&url=http%3A%2F%2Fcryptocore.xyz&pub_clickid=5fff5db7d402c0000179cd80&sub1=4-976&query=http%3A%2F%2Fcryptocore.xyz
  • https://guay.labtrffc.com/l.php?p=c:l312xvi_932jkpeqt&d=5fe36418910f697781101d52&s=276309&d2=cryptocore.xyz
  • https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==
Requested by
Host: bxt1.shaperal.com
URL: https://bxt1.shaperal.com/?utm_term=6917350580356644952&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
383a7bb53fe8a97257b6fb7e09116a619a545cf22b96ed958095d0317fb38d5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

:method
GET
:authority
popmyads.com
:scheme
https
:path
/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bxt1.shaperal.com/?utm_term=6917350580356644952&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb5b081b78784b49a9b98f5fff1f8eef1f2e0f4bbe7e6fc878a9a90eedeecaa8d8c878d83c7ad8b99d5f8cbcaffcec9f2f3f085848291f5cafac8f8f8fffccdf3f1f0f1c6c7c45f#

Response headers

date
Wed, 13 Jan 2021 20:53:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da87d24163bc5d56ea953477472d586ca1610571194; expires=Fri, 12-Feb-21 20:53:14 GMT; path=/; domain=.popmyads.com; HttpOnly; SameSite=Lax __cf_bm=ed36ffb154e7b4e941535fdd2fa393f82d48bc81-1610571194-1800-AVijgpIe3IR92JOzfxcN1PcYPprVFX5nEeEZy0PMswktR9gjxy4a+bwsWp7TlDajX7QpLIE8WoTjRippx23D1J4=; path=/; expires=Wed, 13-Jan-21 21:23:14 GMT; domain=.popmyads.com; HttpOnly; Secure; SameSite=None
x-powered-by
PHP/7.1.33
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'
cf-cache-status
DYNAMIC
cf-request-id
079f1f3a4d00004a7454b96000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BB7WR1vU0HUJ%2F8xye3Knuaoox7%2FrY4eTs7%2FcX9JOSkAT%2BEU2rda18%2F7iRKdfLaPGfIt31q%2F7Hiq2a%2BBnucMejzEeclFaAwFQW6wMTlUwkAX%2FbIVaK7oUjOc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
611201707e044a74-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Wed, 13 Jan 2021 20:53:14 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
10ut8s57tx
Raund
1p
Location
https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==
popmyads.png
whos.amung.us/swidget/ 		0
0
Primary Request Cookie set u.php
ak.labtrffc.com/
Redirect Chain
  • https://popmyads.com/go
  • https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930
540 B
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.83.143.92 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3155458.ip-51-83-143.eu
Software
nginx /
Resource Hash
a57d6f151aa87b398e655dd1ee9eeffcbe2ea9b68fc410af66031995eb0bc17e

Request headers

Host
ak.labtrffc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://popmyads.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://popmyads.com/serve/52264/49052/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgyLmNvbQ==

Response headers

Server
nginx
Date
Wed, 13 Jan 2021 20:53:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bt-5f9a76a347eb6438d428a930=5fff5dbc4ccb91676936665e; expires=Sat, 16-Jan-2021 20:53:16 GMT; Max-Age=259200; path=/; domain=ak.labtrffc.com; HttpOnly
Content-Encoding
gzip

Redirect headers

date
Wed, 13 Jan 2021 20:53:15 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
set-cookie
wGprrBLT=2; expires=Wed, 13-Jan-2021 20:53:17 GMT; Max-Age=2; path=/
location
https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930
cf-cache-status
DYNAMIC
cf-request-id
079f1f3a8c00004a74fb265000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O5r8a%2BEB1hnhflA5tcdoO9h96mASiyeNT6sviIZ%2FIpJPqj6ArjENLwcNPcqqDh3UfH3ImskEiOtgwLKa46eXxjoiCi8dwfcUI5TCOv8WIo7abwUAwHbRKfQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61120170df254a74-FRA
u.php
ak.labtrffc.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png
Domain
ak.labtrffc.com
URL
https://ak.labtrffc.com/u.php?p=c:xecd97ulltzndt7xv&d=5f9a76a347eb6438d428a930&bv=1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
bxt1.shaperal.com/ Name: u
Value: ee9e3319686894fe0be8774187ce963a