vvip-claimviral22.oqgaj.tk Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vvip-claimviral22.oqgaj.tk/
Submission: On August 01 via automatic, source certstream-suspicious (August 1st 2022, 2:36:55 pm UTC) — Scanned from NL

Summary HTTP 93 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 39 IPs in 10 countries across 38 domains to perform 93 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is vvip-claimviral22.oqgaj.tk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 23rd 2022. Valid for: a year.

This is the only time vvip-claimviral22.oqgaj.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:d725	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.23.136 13.32.23.136	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400e:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	104.18.183.224 104.18.183.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2.21.184.200 2.21.184.200	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
1	52.35.234.121 52.35.234.121	16509 (AMAZON-02) (AMAZON-02)
1	99.86.240.83 99.86.240.83	16509 (AMAZON-02) (AMAZON-02)
2 2	35.158.235.153 35.158.235.153	16509 (AMAZON-02) (AMAZON-02)
3 4	3.125.141.139 3.125.141.139	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.51.122.125 52.51.122.125	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.205.242 103.229.205.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5 6	142.251.37.98 142.251.37.98	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	52.58.28.168 52.58.28.168	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
93	39

4 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

vvip-claimviral22.oqgaj.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:d725 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otnolatrnup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.23.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-136.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:810::200a (Ireland)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

restlesscompeldescend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.18.183.224 (None, )

ASN13335 (CLOUDFLARENET, US)

static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.234.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-234-121.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-83.vie50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.235.153 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-235-153.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.125.141.139 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-141-139.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.122.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-122-125.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.242 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.37.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.63 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.28.168 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-28-168.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mediafire.com static.mediafire.com — Cisco Umbrella Rank: 50402	80 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2112 adservice.google.com — Cisco Umbrella Rank: 96 translate.google.com — Cisco Umbrella Rank: 1449 www.google.com — Cisco Umbrella Rank: 10	245 KB
11	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 stats.g.doubleclick.net — Cisco Umbrella Rank: 117 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	284 KB
9	openx.net 1 redirects jp-u.openx.net — Cisco Umbrella Rank: 9165 eu-u.openx.net — Cisco Umbrella Rank: 2116 us-u.openx.net — Cisco Umbrella Rank: 391	1 KB
8	media.net contextual.media.net — Cisco Umbrella Rank: 515 c21lg-d.media.net — Cisco Umbrella Rank: 1908 cs.media.net — Cisco Umbrella Rank: 1487	15 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	2 KB
4	oqgaj.tk vvip-claimviral22.oqgaj.tk	89 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com — Cisco Umbrella Rank: 874	68 KB
3	gstatic.com www.gstatic.com	4 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1210	162 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	173 KB
3	otnolatrnup.com cdn.otnolatrnup.com — Cisco Umbrella Rank: 69081 otnolatrnup.com — Cisco Umbrella Rank: 55830	73 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
3	adsco.re c.adsco.re — Cisco Umbrella Rank: 22052 6.adsco.re — Cisco Umbrella Rank: 22975 4.adsco.re — Cisco Umbrella Rank: 25215	23 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 897	1 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 397 dis.criteo.com — Cisco Umbrella Rank: 713	912 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	529 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 606	926 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	2 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5346	744 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 792	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1308	1 KB
2	restlesscompeldescend.com restlesscompeldescend.com
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4126 api.amplitude.com — Cisco Umbrella Rank: 1334	22 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 824	493 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 534	375 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 771	669 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 452	494 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 474	643 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 481	430 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2172	258 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 485	6 KB
1	googlesyndication.com 6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com	4 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 8803	501 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1311	5 KB
1	google.co.id adservice.google.co.id — Cisco Umbrella Rank: 13538	792 B
1	btloader.com btloader.com — Cisco Umbrella Rank: 1186	6 KB
0	sonobi.com Failed sync.go.sonobi.com Failed
93	38

	Domain	Requested by
15	static.mediafire.com	vvip-claimviral22.oqgaj.tk
8	fundingchoicesmessages.google.com	vvip-claimviral22.oqgaj.tk
6	cm.g.doubleclick.net	5 redirects jp-u.openx.net
6	contextual.media.net	vvip-claimviral22.oqgaj.tk contextual.media.net
4	x.bidswitch.net	3 redirects contextual.media.net
4	eu-u.openx.net	jp-u.openx.net
4	securepubads.g.doubleclick.net	vvip-claimviral22.oqgaj.tk securepubads.g.doubleclick.net
4	vvip-claimviral22.oqgaj.tk	vvip-claimviral22.oqgaj.tk
3	us-u.openx.net	jp-u.openx.net
3	www.gstatic.com	vvip-claimviral22.oqgaj.tk translate.googleapis.com
3	translate.googleapis.com	vvip-claimviral22.oqgaj.tk
3	www.googletagmanager.com	vvip-claimviral22.oqgaj.tk www.googletagmanager.com
2	rtb.mfadsrvr.com	2 redirects
2	match.adsrvr.org	jp-u.openx.net contextual.media.net
2	c1.adform.net	2 redirects
2	ib.adnxs.com	2 redirects
2	pool.admedo.com	2 redirects
2	pm.w55c.net	2 redirects
2	jp-u.openx.net	1 redirects vvip-claimviral22.oqgaj.tk
2	www.google.com	vvip-claimviral22.oqgaj.tk
2	ad-delivery.net	vvip-claimviral22.oqgaj.tk
2	restlesscompeldescend.com	vvip-claimviral22.oqgaj.tk
2	otnolatrnup.com	vvip-claimviral22.oqgaj.tk cdn.otnolatrnup.com
2	www.google-analytics.com	vvip-claimviral22.oqgaj.tk www.google-analytics.com
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	dis.criteo.com	1 redirects
1	cs.media.net	contextual.media.net
1	c21lg-d.media.net	contextual.media.net
1	p.rfihub.com	1 redirects
1	gum.criteo.com	contextual.media.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	match.prod.bidr.io	jp-u.openx.net
1	vc.hotjar.io	script.hotjar.com
1	api.amplitude.com	cdn.amplitude.com
1	vars.hotjar.com	static.hotjar.com
1	ads.pubmatic.com	vvip-claimviral22.oqgaj.tk
1	6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com	vvip-claimviral22.oqgaj.tk
1	www.google.nl	vvip-claimviral22.oqgaj.tk
1	script.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.hotjar.com	www.googletagmanager.com
1	static.cloudflareinsights.com	vvip-claimviral22.oqgaj.tk
1	4.adsco.re	vvip-claimviral22.oqgaj.tk
1	6.adsco.re	vvip-claimviral22.oqgaj.tk
1	translate.google.com	vvip-claimviral22.oqgaj.tk
1	adservice.google.com	vvip-claimviral22.oqgaj.tk
1	adservice.google.co.id	vvip-claimviral22.oqgaj.tk
1	btloader.com	vvip-claimviral22.oqgaj.tk
1	cdn.amplitude.com	vvip-claimviral22.oqgaj.tk
1	cdn.otnolatrnup.com	vvip-claimviral22.oqgaj.tk
1	c.adsco.re	vvip-claimviral22.oqgaj.tk
0	sync.go.sonobi.com Failed	contextual.media.net
93	55

This site contains links to these domains. Also see Links.

Domain
translate.google.com
www.mediafire.com
chatsexyy.com
prf.hn
windows.microsoft.com
blog.mediafire.com
vividengine.com
mediafire.zendesk.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-23` - `2023-06-22`	a year	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.co.id GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
restlesscompeldescend.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
*.mediafire.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-28` - `2022-09-28`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://vvip-claimviral22.oqgaj.tk/
Frame ID: 98D39DE6510475E1D7F4EC1B4DE33AD5
Requests: 66 HTTP requests in this frame

Frame: https://6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86BF94CEB3584D418F24F9068956D980
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 552782014398740A1C155E2EC2214FDD
Requests: 1 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Frame ID: E1A28B22DE860E7C4BAFA8B9B1B78361
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Frame ID: 379614B330A29B768026D44290A7615F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 2695C7B7AF1A47119D63181B350F53B8
Requests: 11 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: 9E3C6E2A0802E24408749BEF1DFFBB19
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0EEFDFC0118FCD34BAEB9BD24074DE03
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3023662110239048000V10&type=rkt&refUrl=&vid=93646111733023662110239048000V10&ovsid=5109685623855170769
Frame ID: AB465A6E108AAD58AC37AA3A08F00059
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chika 20 Juta

Detected technologies

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

93
Requests

85 %
HTTPS

44 %
IPv6

38
Domains

55
Subdomains

39
IPs

10
Countries

1286 kB
Transfer

4068 kB
Size

62
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Terjemahan

Search URL Search Domain Scan URL

URL: https://www.mediafire.com/file/8qmkghg8sxum157/Perawanku%20hilang%20oleh%20Ayah%20tiri.mp4/file

Search URL Search Domain Scan URL

URL: https://www.mediafire.com/download_repair.php?qkey=8qmkghg8sxum157&dkey=iqm50w7787u&template=4&origin=click_button
Title: Not working? Repair your download

Search URL Search Domain Scan URL

URL: https://chatsexyy.com/
Title: Copy for messenger

Search URL Search Domain Scan URL

URL: https://prf.hn/click/camref:1011ldfGx/destination:https:/shop.pinnaclesys.com/1534/purl-ESDPNST25STML?coupon=MEDIAFIRE10
Title: Pinnacle Studio

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/en-US/windows/products/windows-media-player
Title: Windows Media Player

Search URL Search Domain Scan URL

URL: http://blog.mediafire.com/
Title: Company Blog

Search URL Search Domain Scan URL

URL: https://vividengine.com/
Title: On-Demand Video Encoding

Search URL Search Domain Scan URL

URL: https://mediafire.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/mediafire

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediafire

Search URL Search Domain Scan URL

URL: https://twitter.com/mediafire
Title: Twitter Page

Search URL Search Domain Scan URL

URL: https://blog.mediafire.com/
Title: MediaFire Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://jp-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0 HTTP 302
https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Request Chain 72

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=egBsoglU1Oiwxl5

Request Chain 73

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=401e5a69-792f-4e95-8996-3efb85d6ecdd HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=401e5a69-792f-4e95-8996-3efb85d6ecdd HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8ec5c41a-ae12-40af-baa6-915c6d5a93c8&user_group=1&ssp=openx&bsw_param=401e5a69-792f-4e95-8996-3efb85d6ecdd HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=401e5a69-792f-4e95-8996-3efb85d6ecdd&gdpr=&gdpr_consent=

Request Chain 74

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1771861093063586155

Request Chain 76

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1df762e7-e504-4400-813f-6c951eb28f4e

Request Chain 77

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pq5VVW2pAFElr1IHMKodWjn_AwEl-VUDbKUPQgdH

Request Chain 78

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8315410656540275178

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZjMGMwZTEtN2I3OC02ZmQ4LTU4MzYtMTM4YTBjMDE0ODc5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZjMGMwZTEtN2I3OC02ZmQ4LTU4MzYtMTM4YTBjMDE0ODc5&google_tc=

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEYJPakQKIO7joq0QUE1JOc&google_cver=1

Request Chain 83

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3023662110239048000V10%26type%3Drkt%26refUrl%3D%26vid%3D93646111733023662110239048000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3023662110239048000V10&type=rkt&refUrl=&vid=93646111733023662110239048000V10&ovsid=5109685623855170769

Request Chain 86

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAyMzY2MjExMDIzOTA0ODAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAyMzY2MjExMDIzOTA0ODAwMFYxMA%3D%3D&google_sc=1&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHWFPEaOqIOQzj2lHR2HZeg&google_cver=1

Request Chain 87

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=7d44e977-b2a6-4cd1-ab69-8281f0188afc

Request Chain 89

https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3023662110239048000V10%26type%3Dzem%26refUrl%3D%26vid%3D93646111733023662110239048000V10%26ovsid%3D__ZUID__ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=zem&refUrl=&vid=93646111733023662110239048000V10&ovsid=

Request Chain 90

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3023662110239048000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3023662110239048000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=cc0cd9a8-90d8-4ecd-a408-f62ead028fd2&cs=1

Request Chain 92

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3023662110239048000V10%26type%3Damb%26refUrl%3D%26vid%3D93646111733023662110239048000V10%26ovsid%3D%23USER_ID%23 HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=amb&refUrl=&vid=93646111733023662110239048000V10&ovsid=3981601788965450587

93 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vvip-claimviral22.oqgaj.tk/ 320 KB
88 KB 5185ms
5113ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ff051d9b2bc547b07a8faa6f81c311b170156d7a2855e87fb666536b0546c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 733f4ec6eb95b78a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 01 Aug 2022 14:36:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4gUORaHY%2BLepQHMfrb0aNICaesnt7WwUUfC%2FB5bcrO5Re38WfJCYqFVzhJGS%2BheRtDU6VFPIIlbmyQTZCrD1zglOqacgTaaC8w8hfIWBABqXYVrKxCJjh%2FTJXoVCbQBBSWxwtACxHgTKTBaFlSnSMmWyILG0Nf1AA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 / Show response
c.adsco.re/ 61 KB
22 KB 123ms
53ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 3112162
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 733f4eeb7a69b7df-AMS
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 01 Sep 2022 14:36:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 108ms
33ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5689
date: Mon, 01 Aug 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 01 Aug 2022 15:02:00 GMT

GET
H2 200 infinity.js.aspx Show response
cdn.otnolatrnup.com/Scripts/ 199 KB
68 KB 59ms
38ms Script
application/x-javascript 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48d843fd4833658a036005ffb64460c130a1dae363b4e817c47cbb02ac0ad653

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Aug 2022 14:34:09 GMT
server: cloudflare
age: 44
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, no-transform, max-age=900
cf-ray: 733f4eed087fb8dc-AMS
content-type: application/x-javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
69 KB 120ms
43ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35b8a8a66dcdb061771076fdecd5e24b70a2ff6363e076487d0494476bd56884

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70548
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Aug 2022 14:36:50 GMT

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 743ms
661ms Script
application/javascript 13.32.23.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.23.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-23-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Origin: https://vvip-claimviral22.oqgaj.tk
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:51 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22154
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
server: AmazonS3
etag: "660c3b546f2a131de50b69b91f26c636"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: kI8VDy2mizSGS3snQvPzIF-pdGOUG8EDEd_tHKvxX_Q2We-YspdRwA==

GET
H2 404 prebid5.17.0.js
vvip-claimviral22.oqgaj.tk/js/ 0
0 715ms
710ms Script
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vvip-claimviral22.oqgaj.tk/js/prebid5.17.0.js
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvZ24oTV0qJ38OohHBAD3dRtWW4nnDY6EIkD3ZGsPh28EnfrfcrycPtFQLGcj4BPQ%2FL2UsKAQijVmSxi56ml3mVsfN3mAQr5KtmrSfQ2s1sUX9WFF19RGX2YAK1TmGJvWr45QCPvDDy1XEx%2BSX6lgWu4dUSHHUI6BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 733f4eecee4fb78a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 214ms
118ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

7a0bb324d8418e7f147141edbc2bc4b6a63acc6a617a1ac76622243bb92771c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28379
x-xss-protection: 0
server: sffe
etag: "1290 / 749 of 1000 / last-modified: 1659352055"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Aug 2022 14:36:50 GMT

GET
H2 200 AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8= Show response
fundingchoicesmessages.google.com/f/ 21 KB
9 KB 166ms
71ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrjtEH6OsIEa1eMxJNrJTV18lP5XKGKMJi5rI13IlsGpcs5yT-0hk0wJuzpkaKFvH14rtURv0da3wnJCfhkp8=

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3570d9a75268830c2d349b6fa3c5dc3897253ee5ee3d968d755ee55d4afa0df0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1fN5AHw_GuG0kWjjvI_NHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1fN5AHw_GuG0kWjjvI_NHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1fN5AHw_GuG0kWjjvI_NHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1fN5AHw_GuG0kWjjvI_NHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 01 Aug 2022 14:36:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 164ms
89ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e77f39847970acaf2352e0d306d02ea9d55381ed330f443f1ede2ac6a978881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41871
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Aug 2022 14:36:50 GMT

GET
H2 200 tag Show response
btloader.com/ 12 KB
6 KB 129ms
40ms Script
application/javascript 2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 692
content-length: 5389
last-modified: Mon, 01 Aug 2022 14:21:39 GMT
server: cloudflare
etag: "df48150a5a0b6d5007577a68caccbea9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbNmls8%2BoTNGXDcW3MjSiPw6rNhhXSxv3oSeXuMjpKwjIWlabhgwmozF6sSxGrC97HFpNwX7y1SNSMBtkt4GGCfQBa%2BCYkoMfEsh7xAUEay0qi1bnvuson4Q06keoIVTO6AKc3VQuTG%2FgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400, no-transform
accept-ranges: bytes
cf-ray: 733f4eed7de40c19-AMS

GET
H2 200 pubads_impl_2022050301.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 47ms
35ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050301.js?cb=31067436

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 17:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127789
x-xss-protection: 0
last-modified: Tue, 03 May 2022 08:34:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Jul 2023 17:08:22 GMT

GET
H2 200 AGSKWxVU9te3i_RziQs18lWEFJNYWQBus-l4kH7M8Pgd7LopbJeF0CsDdTNhjBQMZapQBUlFR8GddIjNbuX4pVnhu4ubKwOViVApoW4QOr5R4Y5nOwb8aT3ZNB1vTX1iGF6WWOZBBX0GR8UjKo8hKXSdmUvii_b2z82uBihWxEfFVzdi_eiJNvA8SOLxtP7g Show response
fundingchoicesmessages.google.com/f/ 283 KB
59 KB 95ms
84ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVU9te3i_RziQs18lWEFJNYWQBus-l4kH7M8Pgd7LopbJeF0CsDdTNhjBQMZapQBUlFR8GddIjNbuX4pVnhu4ubKwOViVApoW4QOr5R4Y5nOwb8aT3ZNB1vTX1iGF6WWOZBBX0GR8UjKo8hKXSdmUvii_b2z82uBihWxEfFVzdi_eiJNvA8SOLxtP7g?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUxOTEyODc4LDQwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzhxbWtnaGc4c3h1bTE1Ny9jaWthMjBqdC5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

591cc662dc5e885a2e24298edb312d088faab5c19453c8aa0a444e0270a6096a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N2B71pAmjCPqj7ZPPtQiaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N2B71pAmjCPqj7ZPPtQiaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-N2B71pAmjCPqj7ZPPtQiaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N2B71pAmjCPqj7ZPPtQiaQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 01 Aug 2022 14:36:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 109ms
27ms Stylesheet
text/css 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 01 Aug 2022 15:35:33 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.id.G1gscqZKkrs.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfoX6YLNVodQEcSwCHDYoexQlR_NUg/ 222 KB
76 KB 169ms
86ms Script
text/javascript 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.id.G1gscqZKkrs.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfoX6YLNVodQEcSwCHDYoexQlR_NUg/m=el_main

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34c5b83a863918156cb8da27b3fdd07a874e61e0c456f82f63ce6260382e47ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77550
x-xss-protection: 0
last-modified: Wed, 04 May 2022 07:14:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 14:36:49 GMT

GET
H2 200 183096492 Show response
fundingchoicesmessages.google.com/i/ 21 KB
8 KB 139ms
138ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/183096492?ers=3

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64878908fa9cf70885fa409b2844aa5aea4cef8c486d83a7a2c536cb0fd56be8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UL6DhTUV-GPxakl1fk8c9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-UL6DhTUV-GPxakl1fk8c9A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-UL6DhTUV-GPxakl1fk8c9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-UL6DhTUV-GPxakl1fk8c9A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.id/adsid/ 107 B
792 B 208ms
44ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.id/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Aug 2022 14:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
43ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mediafire.com

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Aug 2022 14:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 AGSKWxVTXrXBRnQmF_5yvIB4kPZ0vFICWCgjI3oZZuUNTlbC4-qiku4sj0GYbaaA2QNxU5lNRNdB1LIIG_MikfV9bs_Da3iQJgAgwua4RmIVLo8AAxHkzZdmOP4UqJsUsArN2z2dWqyA0dMxY5UdZFw4VBm1uMeyWujBl5NvhG9D6nvX7OX7fWYh25qTU5WY Show response
fundingchoicesmessages.google.com/f/ 283 KB
59 KB 148ms
147ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVTXrXBRnQmF_5yvIB4kPZ0vFICWCgjI3oZZuUNTlbC4-qiku4sj0GYbaaA2QNxU5lNRNdB1LIIG_MikfV9bs_Da3iQJgAgwua4RmIVLo8AAxHkzZdmOP4UqJsUsArN2z2dWqyA0dMxY5UdZFw4VBm1uMeyWujBl5NvhG9D6nvX7OX7fWYh25qTU5WY?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUxOTEyODgwLDk5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzhxbWtnaGc4c3h1bTE1Ny9jaWthMjBqdC5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40e6e441e85e4a10496c4ad89342a073f44a740c8df79ee9064917c8aabf596f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gRp9nuQKtE8U2mu4mTrqlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gRp9nuQKtE8U2mu4mTrqlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gRp9nuQKtE8U2mu4mTrqlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gRp9nuQKtE8U2mu4mTrqlQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 01 Aug 2022 14:36:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWxmSqpSF-0JJEUDRcW1hyGxAuZQzhioiCKqU6ysHts5qD9oQCkLAU6B2UFdBotv1RjD0ne0qBXR-XUXgeD7GjE3kQZajKGedNJCsjL-Z06L4xa62hMPtqebRvDM4WONTqGVR4QyaCYMF7sAamj08huQ8xIwtGCCMZ0SksTB_QYGt6zHBKWtcU7TaH- Show response
fundingchoicesmessages.google.com/f/ 283 KB
59 KB 144ms
143ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWxmSqpSF-0JJEUDRcW1hyGxAuZQzhioiCKqU6ysHts5qD9oQCkLAU6B2UFdBotv1RjD0ne0qBXR-XUXgeD7GjE3kQZajKGedNJCsjL-Z06L4xa62hMPtqebRvDM4WONTqGVR4QyaCYMF7sAamj08huQ8xIwtGCCMZ0SksTB_QYGt6zHBKWtcU7TaH-?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUxOTEyODgwLDI0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm1lZGlhZmlyZS5jb20vZmlsZS84cW1rZ2hnOHN4dW0xNTcvY2lrYTIwanQubXA0L2ZpbGUiLG51bGwsW11d

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a36affe74db310ef0e86bb3834dc50b7ff6df46ec8ff53c26c46659778112280

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zQybYNIrdCnP-idM0Vb95Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zQybYNIrdCnP-idM0Vb95Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-zQybYNIrdCnP-idM0Vb95Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-zQybYNIrdCnP-idM0Vb95Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 01 Aug 2022 14:36:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Tag.vrfy Show response
otnolatrnup.com/ 2 KB
3 KB 289ms
217ms Script
application/json 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.vrfy?time=-420&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=38573&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=420&fpe=1&bw=393&bh=737&res=393x873&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2F8qmkghg8sxum157%2FPerawanku%20hilang%20oleh%20Ayah%20tiri.mp4%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone&sig=BAYAYnYwrwFidjCvgAGBAcAAIDlAiEKzipeTuXNugDl01gAsQFhHok2kQ1yurgthndbZwQAgmsjhgMywMahUPKRO1ZGDvZE251pbS8IBfjO-LJbokzY
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 690d35d4ce1a031455236630a79add92d6656ded56cbe7be10702d52c8985724

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 733f4eeb8e0fb8dc-AMS
date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-adscore-status: null
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
content-type: application/json; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 AGSKWxXDIVTvNMTbv7RE0deeviE_zmcdH3wdk-8WiQ1dqzJtwK16YjnJAXtXMGHBJ9L7D8PPB1jZ_se2Cos8L4oKniLoj8LI8N_MAe7BlKj9y5m4eeCKo0EkKKmGYfB-btGai934BCuqdmRCoQZTINLcrIH49HOqBevtNmRZZqpv19e9NuctVSWmYudVOl9M Show response
fundingchoicesmessages.google.com/f/ 55 KB
20 KB 120ms
120ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXDIVTvNMTbv7RE0deeviE_zmcdH3wdk-8WiQ1dqzJtwK16YjnJAXtXMGHBJ9L7D8PPB1jZ_se2Cos8L4oKniLoj8LI8N_MAe7BlKj9y5m4eeCKo0EkKKmGYfB-btGai934BCuqdmRCoQZTINLcrIH49HOqBevtNmRZZqpv19e9NuctVSWmYudVOl9M?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjUxOTEyODgwLDM3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlLzhxbWtnaGc4c3h1bTE1Ny9jaWthMjBqdC5tcDQvZmlsZSIsbnVsbCxbXV0

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d592e9ad6b7cbe3d5b22075c6d5fb2ae619a151255f8ac1080c5f880d83ee49

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HZ-Jo-DLn7fQcX5YLKV84w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HZ-Jo-DLn7fQcX5YLKV84w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-HZ-Jo-DLn7fQcX5YLKV84w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-HZ-Jo-DLn7fQcX5YLKV84w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 01 Aug 2022 14:36:50 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 417ms
33ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 12:24:42 GMT
x-content-type-options: nosniff
age: 7928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 01 Aug 2023 12:24:42 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
26 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googHeadTranslate

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99b5d109fc8a5b32f6a1df70e71168b3c47fb9a8db434c6438092d5dbd42ab69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
restlesscompeldescend.com/6d20476f57c6553422700c48cffe0421/ 0
0 489ms
132ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://restlesscompeldescend.com/6d20476f57c6553422700c48cffe0421/invoke.js
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 01 Aug 2022 14:36:50 GMT
Server: nginx/1.17.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 403
Forbidden 55e2fcbccf56620b0a03c404f966e180.js
restlesscompeldescend.com/55/e2/fc/ 0
0 688ms
120ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://restlesscompeldescend.com/55/e2/fc/55e2fcbccf56620b0a03c404f966e180.js
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 01 Aug 2022 14:36:50 GMT
Server: nginx/1.17.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 /
6.adsco.re/ 0
421 B 113ms
35ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Origin: https://vvip-claimviral22.oqgaj.tk
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://vvip-claimviral22.oqgaj.tk
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 733f4eed6b29b7e5-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
474 B 140ms
35ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Origin: https://vvip-claimviral22.oqgaj.tk
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 01 Aug 2022 14:36:50 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://vvip-claimviral22.oqgaj.tk
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 412ms
80ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Origin: https://vvip-claimviral22.oqgaj.tk
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 733f4ef00f54b7fb-AMS

GET
H2 200 px.gif
ad-delivery.net/ 43 B
935 B 349ms
35ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 01 Aug 2022 14:36:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1698649
x-guploader-uploadid: ADPycdt3c3h19uy1o_fw5nPAxRXa6oLSu6nCwm6Et9JqIULj3ymBg86oeD03ziT4vRI23Pn0IkiY4L5wNrGFZOMtVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkMZaQgtQNcS%2BbxZhnII7fFuoHNBNoHSy7dUoiDwpH33%2FF9GqRwrOVd9aUSikLlnGNwPPpDlU%2FnZ05i%2F122BtY8IQ4xxCI0DtuIOTwSnqvx9jtvOhEIErgBEKGiSiF73WuZ8kTK1eGIQyQuTJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 733f4ef00dc8415a-AMS
expires: Tue, 12 Jul 2022 22:51:04 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 340ms
36ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.025827361453174325
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Mon, 01 Aug 2022 14:36:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1698649
x-guploader-uploadid: ADPycdt3c3h19uy1o_fw5nPAxRXa6oLSu6nCwm6Et9JqIULj3ymBg86oeD03ziT4vRI23Pn0IkiY4L5wNrGFZOMtVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AM9LKLadDiYFykSS0lvnxRPXLKro5FqPy%2FUswmKPhQxLUjQHagB99yXyZBDSRPlVB75aLqR8IERxCNbKai87NuiNvua893GIho0dv6%2BnspfbGc%2BWMbA2U3iiY%2F0DZJEUdu0ngcByxH8EHwcsgA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 733f4ef00dc9415a-AMS
expires: Tue, 12 Jul 2022 22:51:04 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
958 B 318ms
33ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:29:48 GMT
x-content-type-options: nosniff
age: 422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 01 Aug 2023 14:29:48 GMT

GET
H2 200 mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 163ms
89ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
server: cloudflare
age: 1570
etag: W/"5813cfb2-d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b86b987-AMS

GET
H2 200 twitter.svg
static.mediafire.com/images/icons/svg_light/ 949 B
999 B 163ms
90ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/twitter.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 48
etag: W/"627185bd-3b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed9bedb987-AMS

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_light/ 401 B
573 B 164ms
90ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/facebook.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 610
etag: W/"627185bd-191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed9beeb987-AMS

GET
H2 404 usa.svg
vvip-claimviral22.oqgaj.tk/images/flags_svg/ 315 B
315 B 730ms
728ms Image
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vvip-claimviral22.oqgaj.tk/images/flags_svg/usa.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQnFdb7rJwC3Sjd6qjMTe40w86Qk16meeVNtweq7edftj9KePW4ZY3IXwJc39jXI7aMyBFCN2HAfY8pPpzzdGXIpDqoXYqsS9foVVTRZ3qFKI4dXcu8bF3HbabK5iImPlAUrYqp81gcJFfVYZ3Y6yqMahYrKfQ%2FPGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 733f4eecee53b78a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 arrow_dropdown.svg
vvip-claimviral22.oqgaj.tk/images/icons/svg_dark/ 315 B
315 B 703ms
701ms Image
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vvip-claimviral22.oqgaj.tk/images/icons/svg_dark/arrow_dropdown.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ROwWssbriUHPCGAihf1Y2zPKDTwleXt3n6D%2FZ8wCDdWBhIH8GfttYDCsUM8jxJXFhRCVwEKoewclGJjkWsfG5gPudb%2BmukguxJHzMB3bfrtxPeZf9yb35Dpb8%2BtgLIKScPsW0i7RhGD5OMBTrr5nXtmvniectwQWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 733f4eecee57b78a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 147ms
89ms Image
image/png 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
cf-cache-status: HIT
age: 578193
cf-polished: status=not_needed
content-length: 1872
last-modified: Fri, 11 Mar 2016 23:22:56 GMT
server: cloudflare
etag: "56e35350-750"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 21:59:39 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 733f4eed9bf1b987-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 download.svg
static.mediafire.com/images/icons/svg_light/ 348 B
725 B 97ms
44ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/download.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 1416
etag: W/"627185bd-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b8fb987-AMS

GET
H2 200 link.svg
static.mediafire.com/images/icons/svg_dark/ 375 B
527 B 230ms
177ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/link.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
etag: W/"627185bd-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b92b987-AMS

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_dark/ 389 B
565 B 143ms
90ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/facebook.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 5467
etag: W/"627185bd-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed9beab987-AMS

GET
H2 200 share.svg
static.mediafire.com/images/icons/svg_dark/ 737 B
711 B 99ms
47ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/share.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 1416
etag: W/"627185bd-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b93b987-AMS

GET
H2 200 add.svg
static.mediafire.com/images/icons/svg_dark/ 199 B
438 B 108ms
56ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/add.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 1416
etag: W/"627185bd-c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b90b987-AMS

GET
H2 200 world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
53 KB 101ms
61ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 1536
etag: W/"627185bd-23ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b8cb987-AMS

GET
H2 200 continent-as.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 43 KB
16 KB 109ms
69ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/continent-as.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 588
etag: W/"627185bd-aae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b8bb987-AMS

GET
H2 200 idn.svg
static.mediafire.com/images/flags_svg/ 238 B
462 B 90ms
51ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/flags_svg/idn.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 1767
etag: W/"627185bd-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4eed7b89b987-AMS

GET
H3 200 Tag.engine Show response
otnolatrnup.com/ 2 KB
3 KB 239ms
206ms Script
application/json 2606:4700::6813:d725
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=37130&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1600&bh=1200&res=1600x1200&curl=https%3A%2F%2Fvvip-claimviral22.oqgaj.tk%2F&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone
Requested by: Host: cdn.otnolatrnup.com
URL: https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:d725 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 85cf9df0f3ed17d9ee629099bbcff3b97ad84cb175393008ff21f2d2798b7e0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
cache-control: private, no-transform
cf-ray: 733f4eedcc9eb92a-AMS
content-type: application/json; charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 106ms
39ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1274752624&t=pageview&_s=1&dl=https%3A%2F%2Fvvip-claimviral22.oqgaj.tk%2F&ul=en-us&de=UTF-8&dt=Chika%2020%20Juta&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAAC~&jid=1071336543&gjid=614183585&cid=544222379.1659364610&tid=UA-829541-1&_gid=1403448760.1659364610&_r=1&gtm=2ou7r0&cd1=unregistered&cd7=legacy&cd3=archive&cd4=4&cd5=mp4&cd8=%2F10%2F20%2F50%2F100%2F&z=1115806765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vvip-claimviral22.oqgaj.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
62 KB 110ms
41ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fece83afc03289ebe2fc0bda3515ac72b1dd8d48dd5a7ead3af2c214b1c3d670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63600
x-xss-protection: 0
expires: Mon, 01 Aug 2022 14:36:50 GMT

GET
H2 200 hotjar-1232118.js Show response
static.hotjar.com/c/ 5 KB
3 KB 284ms
34ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

29fab10f493ab649cc668bddf33aff8254d326b11406b6b3381020c4664092ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/54421d129975cc3ec891b53eeb8a3e97
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: n0iw1G10CZjkVlNHJUJlp72YjJRzCZsZYPX4BMiZtE3BgdvvtDIupQ==

GET
H3 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.awfR3CWDsM0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptojeoYzxmmyibuaeKfCZRX9zrag/ 241 KB
83 KB 83ms
29ms Script
text/javascript 2a00:1450:400e:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.nl.awfR3CWDsM0.O/d=1/exm=el_conf/ed=1/rs=AN8SPfptojeoYzxmmyibuaeKfCZRX9zrag/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.nl.awfR3CWDsM0.O/d=1/rs=AN8SPfptojeoYzxmmyibuaeKfCZRX9zrag/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84fa267100dd31a07814a593c9ae4066789526799e1772823e43342e58101b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 17:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 334011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84754
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 03:13:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 17:49:59 GMT

GET
H3 200 pubads_impl_2022072102.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
129 KB 99ms
33ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072102.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 10:41:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131883
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 17:43:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 01 Aug 2023 10:41:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 48 B
86 B 108ms
42ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=vvip-claimviral22.oqgaj.tk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

44312ceff05d2ea7e248539ea933b7e37c38d366ace01f7db1415fc0d04c5c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
expires: Mon, 01 Aug 2022 14:36:50 GMT

POST
H3 204 AGSKWxWNr2L24Ohtn3EHUTZ8GCYH7PcPibShRC45-qyh0NPEWe0-8--uq5T_zjhkp9ngKeICQDn0VwC9-Li0K_ik51kWJwqoMUbLT09eleANdHVutaa3PZXalgV4QzZy90EruRytwIkxTF1DD_jzrV4jEiBRIhWEHci2wKbvbUi5O3HE-vdiedRMcGxrNplp Show response
fundingchoicesmessages.google.com/el/ 0
28 B 123ms
56ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNr2L24Ohtn3EHUTZ8GCYH7PcPibShRC45-qyh0NPEWe0-8--uq5T_zjhkp9ngKeICQDn0VwC9-Li0K_ik51kWJwqoMUbLT09eleANdHVutaa3PZXalgV4QzZy90EruRytwIkxTF1DD_jzrV4jEiBRIhWEHci2wKbvbUi5O3HE-vdiedRMcGxrNplp

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.nl.1BWT0N5mPRw.es5.O/d=1/rs=AJlcJMwkTAM52oIJQ313wOQEfN4LkhSIUw/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ocQ0mYDln_0gdlShGWyYHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ocQ0mYDln_0gdlShGWyYHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vvip-claimviral22.oqgaj.tk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-ocQ0mYDln_0gdlShGWyYHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ocQ0mYDln_0gdlShGWyYHw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWNr2L24Ohtn3EHUTZ8GCYH7PcPibShRC45-qyh0NPEWe0-8--uq5T_zjhkp9ngKeICQDn0VwC9-Li0K_ik51kWJwqoMUbLT09eleANdHVutaa3PZXalgV4QzZy90EruRytwIkxTF1DD_jzrV4jEiBRIhWEHci2wKbvbUi5O3HE-vdiedRMcGxrNplp Show response
fundingchoicesmessages.google.com/el/ 0
28 B 112ms
46ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-stShxqeH89BDTrnPgEU2NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-stShxqeH89BDTrnPgEU2NA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vvip-claimviral22.oqgaj.tk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-stShxqeH89BDTrnPgEU2NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-stShxqeH89BDTrnPgEU2NA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 107ms
35ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-829541-1&cid=544222379.1659364610&jid=1071336543&gjid=614183585&_gid=1403448760.1659364610&_u=aEBAAUAAEAAAAC~&z=1702732796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Aug 2022 14:36:50 GMT
content-type: text/plain
access-control-allow-origin: https://vvip-claimviral22.oqgaj.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
355 B 104ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=2oe7r0&_p=1274752624&_z=ccd.v9B&cid=544222379.1659364610&ul=en-us&sr=1600x1200&_s=1&sid=1659364610&sct=1&seg=0&dl=https%3A%2F%2Fvvip-claimviral22.oqgaj.tk%2F&dt=Chika%2020%20Juta&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vvip-claimviral22.oqgaj.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.5c91593e915a450b09ce.js Show response
script.hotjar.com/ 248 KB
64 KB 418ms
40ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5c91593e915a450b09ce.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

c44151905a3d42e3ff041fc1c5bb730ec5b9a4860ec70361a1edaded928d8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 13:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2923
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64745
access-control-allow-origin: *
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
etag: "1daabef90b011fcad2e95b483d7b3f1c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xpze8zkv5oIxaS0bwKUe8mam7OIwy8x0ypIXJBiYzTObllNgWbdKcA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 356ms
57ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=544222379.1659364610&jid=1071336543&_u=aEBAAUAAEAAAAC~&z=1368281632

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 355ms
56ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=544222379.1659364610&jid=1071336543&_u=aEBAAUAAEAAAAC~&z=1368281632

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 504 B
600 B 41ms
41ms Image
image/png 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead29755d607f44ae932646ccde384e04b666bd25433ab9bf5e53fb9296745bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
cf-cache-status: HIT
age: 578224
cf-polished: origSize=583
content-length: 504
last-modified: Fri, 11 Mar 2016 23:22:56 GMT
server: cloudflare
etag: "56e35350-247"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 21:59:39 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 733f4ef0db31b987-AMS
cf-bgj: imgq:100,h2pri

GET
H2 200 container.html Show response
6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86BF 6 KB
4 KB 163ms
36ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 20223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 08:59:48 GMT
expires: Tue, 01 Aug 2023 08:59:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5527 783 B
1 KB 53ms
45ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4db0bd379f39b72b3a19f6d5a838de2cd96ebc22426f7a3d80b3121360e9dfc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ERUO27bNqLwlSuAYEKNUuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ERUO27bNqLwlSuAYEKNUuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 14:36:50 GMT
expires: Mon, 01 Aug 2022 14:36:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

pd Show response
jp-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://jp-u.openx.net/w/1.0/pd?plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

1006 B
563 B

65ms
36ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a2512053b37868c3158f1f584ed082ae489bf94b7aab139c1b32b72586188eb5

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 544
content-type: text/html
date: Mon, 01 Aug 2022 14:36:51 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 01 Aug 2022 14:36:51 GMT
location: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3796 15 KB
6 KB 464ms
43ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158936
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=44204
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 01 Aug 2022 14:36:51 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 02 Aug 2022 02:53:35 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2695 34 KB
12 KB 178ms
71ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID

Requested by

Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7a1793d71d8853cc8e14be8576efbc7f38e4a19244bb5296018806572d73208d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 11719
content-type: text/html; charset=UTF-8
date: Mon, 01 Aug 2022 14:36:51 GMT
expires: Wed, 03 Aug 2022 14:36:51 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 105ms
36ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:28:35 GMT
x-content-type-options: nosniff
age: 495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 01 Aug 2023 14:28:35 GMT

GET
H2 200 flag.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 234 B
278 B 68ms
68ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/flag.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 793
etag: W/"627185bd-ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4ef12becb987-AMS

GET
H2 200 mf_round.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 1 KB
856 B 53ms
53ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/mf_round.svg
Requested by: Host: vvip-claimviral22.oqgaj.tk
URL: https://vvip-claimviral22.oqgaj.tk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 284
etag: W/"627185bd-5b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 733f4ef12bf4b987-AMS

GET
H2 200 box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response
vars.hotjar.com/ Frame 9E3C 2 KB
1 KB 104ms
34ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2924
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 13:48:07 GMT
etag: "b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-id: QFi0O7eZ4w5hLwcHjeazRob7vi0X0AcwaQn9lqqRlBNiNm8HokqkuQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 569ms
181ms XHR
text/html 52.35.234.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.234.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-234-121.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vvip-claimviral22.oqgaj.tk/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 01 Aug 2022 14:36:51 GMT
trace-id: Root=1-62e7e503-65fe6c196e3438285ef57116
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame 0EEF 2 KB
2 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 204 1232118 Show response
vc.hotjar.io/sessions/ 0
258 B 203ms
85ms XHR
text/plain 99.86.240.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1232118?s=0.25&r=0.1738308376037223
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5c91593e915a450b09ce.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-83.vie50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vvip-claimviral22.oqgaj.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:51 GMT
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: VIE50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: bOBBBJ3Vyj94weCBeHIU4lYDFWuUc2hmRJuQkLfXhZy9RDd2a_RUWg==

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=egBsoglU1Oiwxl5

43 B
61 B

35ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=egBsoglU1Oiwxl5
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Aug 2022 14:36:50 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0e0b7d4089fc3e73e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=egBsoglU1Oiwxl5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=401e5a69-792f-4e95-8996-3efb85d6ecdd
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=401e5a69-792f-4e95-8996-3efb85d6ecdd
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8ec5c41a-ae12-40af-baa6-915c6d5a93c8&user_group=1&ssp=openx&bsw_param=401e5a69-792f-4e95-8996-3efb85d6ecdd
https://us-u.openx.net/w/1.0/sd?id=537072968&val=401e5a69-792f-4e95-8996-3efb85d6ecdd&gdpr=&gdpr_consent=

43 B
61 B

32ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=401e5a69-792f-4e95-8996-3efb85d6ecdd&gdpr=&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=401e5a69-792f-4e95-8996-3efb85d6ecdd&gdpr=&gdpr_consent=
Date: Mon, 01 Aug 2022 14:36:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1771861093063586155

43 B
106 B

47ms
34ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1771861093063586155
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Aug 2022 14:36:51 GMT
X-Proxy-Origin: 31.204.153.182; 31.204.153.182; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 00aee9af-f0e7-4b9f-b061-d0c366c8b5cd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=1771861093063586155
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ox
match.prod.bidr.io/cookie-sync/ Frame E1A2 43 B
430 B 200ms
42ms Image
image/gif 52.51.122.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ox

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.122.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-122-125.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 01 Aug 2022 14:36:51 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1df762e7-e504-4400-813f-6c951eb28f4e

43 B
61 B

33ms
33ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1df762e7-e504-4400-813f-6c951eb28f4e
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:52 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 01 Aug 2022 14:36:52 GMT
Server: MT3 4475 c1dc35a master nrt-pixel-x6 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1df762e7-e504-4400-813f-6c951eb28f4e
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 01 Aug 2022 14:36:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pq5VVW2pAFElr1IHMKodWjn_AwEl-VUDbKUPQgdH

43 B
180 B

48ms
34ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pq5VVW2pAFElr1IHMKodWjn_AwEl-VUDbKUPQgdH
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pq5VVW2pAFElr1IHMKodWjn_AwEl-VUDbKUPQgdH
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8315410656540275178

43 B
61 B

39ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8315410656540275178
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8315410656540275178
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E1A2 70 B
264 B 163ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=43af132b-b20f-317c-4dd6-4933c6e38619&gdpr=0
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZjMGMwZTEtN2I3OC02ZmQ4LTU4MzYtMTM4YTBjMDE0ODc5
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZjMGMwZTEtN2I3OC02ZmQ4LTU4MzYtMTM4YTBjMDE0ODc5&google_tc=

170 B
188 B

144ms
63ms

Image
image/png

142.251.37.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZjMGMwZTEtN2I3OC02ZmQ4LTU4MzYtMTM4YTBjMDE0ODc5&google_tc=

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0

Protocol

Server

142.251.37.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s13-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmZjMGMwZTEtN2I3OC02ZmQ4LTU4MzYtMTM4YTBjMDE0ODc5&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E1A2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEYJPakQKIO7joq0QUE1JOc&google_cver=1

43 B
61 B

42ms
41ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEYJPakQKIO7joq0QUE1JOc&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=74c7d33a-f978-474b-98bd-3e72347fbee9&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEYJPakQKIO7joq0QUE1JOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 2695 60 B
382 B 113ms
37ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:36:50 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1675
strict-transport-security: max-age=31536000; preload;
content-length: 174
expires: 60

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame AB46
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3023662110239048000V10%26type%3Drkt%26refUrl%3D%26vid%3D936461117330236621102390480...
https://contextual.media.net/cksync.html?cs=8&vsid=3023662110239048000V10&type=rkt&refUrl=&vid=93646111733023662110239048000V10&ovsid=5109685623855170769

219 B
652 B

72ms
72ms

Document
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3023662110239048000V10&type=rkt&refUrl=&vid=93646111733023662110239048000V10&ovsid=5109685623855170769

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 219
content-type: text/html;charset=UTF-8
date: Mon, 01 Aug 2022 14:36:51 GMT
expires: Mon, 01 Aug 2022 14:36:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Mon, 01 Aug 2022 14:36:51 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3023662110239048000V10&type=rkt&refUrl=&vid=93646111733023662110239048000V10&ovsid=5109685623855170769
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 2695 35 B
329 B 257ms
181ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3023662110239048000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Aug 2022 14:36:51 GMT
Server: Jetty(9.4.35.v20201120)
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 01 Aug 2022 14:36:51 GMT

GET us
sync.go.sonobi.com/ Frame 2695 0
0

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 2695
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAyMzY2MjExMDIzOTA0ODAwMFYxMA%3D%3D&google_sc=1
https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzAyMzY2MjExMDIzOTA0ODAwMFYxMA%3D%3D&google_sc=1&google_tc=
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHWFPEaOqIOQzj2lHR2HZeg&google_cver=1

45 B
610 B

511ms
52ms

Image
image/gif

23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHWFPEaOqIOQzj2lHR2HZeg&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: HTTP/1.1
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Aug 2022 14:36:51 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 45
X-MNET-HL2: E
Expires: Mon, 01 Aug 2022 14:36:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHWFPEaOqIOQzj2lHR2HZeg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 2695
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=7d44e977-b2a6-4cd1-ab69-8281f0188afc

45 B
616 B

72ms
65ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=7d44e977-b2a6-4cd1-ab69-8281f0188afc

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 01 Aug 2022 14:36:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 01 Aug 2022 14:36:51 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=7d44e977-b2a6-4cd1-ab69-8281f0188afc
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2760442
content-length: 0
expires: Mon, 01 Aug 2022 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 2695 43 B
220 B 327ms
33ms Image
image/gif 3.125.141.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.141.139 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-141-139.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 01 Aug 2022 14:36:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cksync.php
contextual.media.net/ Frame 2695
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3023662110239048000V10%26type%3Dzem%26refUrl%3D%26vid%3D93646111733023662110239048...
https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=zem&refUrl=&vid=93646111733023662110239048000V10&ovsid=

44 B
291 B

54ms
54ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=zem&refUrl=&vid=93646111733023662110239048000V10&ovsid=

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 01 Aug 2022 14:36:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Mon, 01 Aug 2022 14:36:51 GMT

Redirect headers

Location: https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=zem&refUrl=&vid=93646111733023662110239048000V10&ovsid=
Pragma: no-cache
Date: Mon, 01 Aug 2022 14:36:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 176
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync.php
contextual.media.net/ Frame 2695
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3023662110239048000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3023662110239048000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=cc0cd9a8-90d8-4ecd-a408-f62ead028fd2&cs=1

45 B
464 B

68ms
68ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=cc0cd9a8-90d8-4ecd-a408-f62ead028fd2&cs=1

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 01 Aug 2022 14:36:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 01 Aug 2022 14:36:51 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=cc0cd9a8-90d8-4ecd-a408-f62ead028fd2&cs=1
Date: Mon, 01 Aug 2022 14:36:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2695 70 B
265 B 134ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C273%2C2028%2C2027%2C2025%2C237%2C117%2C97%2C99%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C3020%2C173%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C3014%2C337%2C338%2C77%2C38%2C182%2C261%2C141%2C262%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Aug 2022 14:36:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

cksync.php
contextual.media.net/ Frame 2695
Redirect Chain

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3023662110239048000V10%26type%3Damb%26refUrl%3D%26vid%3D93646111733023662110239048000V10%26ov...
https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=amb&refUrl=&vid=93646111733023662110239048000V10&ovsid=3981601788965450587

45 B
454 B

65ms
65ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=amb&refUrl=&vid=93646111733023662110239048000V10&ovsid=3981601788965450587

Requested by

Protocol

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 01 Aug 2022 14:36:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 01 Aug 2022 14:36:51 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=amb&refUrl=&vid=93646111733023662110239048000V10&ovsid=3981601788965450587
pragma: no-cache
date: Mon, 01 Aug 2022 14:36:50 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3023662110239048000V10&type=son&refUrl=&vid=93646111733023662110239048000V10&ovsid=[UID]

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
otnolatrnup.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
otnolatrnup.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
otnolatrnup.com/	1970-01-23 20:36:23	Name: IUID Value: b50abd2f-56ae-4f0b-b6bd-3b691cb07514
otnolatrnup.com/	1969-12-31 23:59:59	Name: ISSH Value: 64F8A8
otnolatrnup.com/	1969-12-31 23:59:59	Name: VMI Value:
otnolatrnup.com/	1970-01-23 20:36:23	Name: CHN Value: #[]
otnolatrnup.com/	1970-01-23 20:36:23	Name: MSSH Value: #{}
otnolatrnup.com/	1970-01-23 20:36:23	Name: MSRH Value: #{}
otnolatrnup.com/	1970-01-23 20:36:23	Name: ILP Value: null
otnolatrnup.com/	1970-01-23 20:36:23	Name: ILPLU Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-23 20:36:23	Name: ILEALC Value: #1/1/0001 12:00:00 AM
otnolatrnup.com/	1970-01-20 04:56:19	Name: ILMPF Value: #False
otnolatrnup.com/	1970-01-23 20:36:23	Name: IPMPLU Value: #
otnolatrnup.com/	1970-01-23 20:36:23	Name: IPMUID Value: #
otnolatrnup.com/	1970-01-23 20:36:23	Name: BSWUID Value: #
otnolatrnup.com/	1970-01-23 20:36:23	Name: IBL Value: #[]
vvip-claimviral22.oqgaj.tk/	1969-12-31 23:59:59	Name: g36FastPopSessionRequestNumber Value: 1
.oqgaj.tk/	1970-01-20 04:57:31	Name: _gid Value: GA1.2.1403448760.1659364610
.oqgaj.tk/	1970-01-20 04:56:04	Name: _gat_gtag_UA_829541_1 Value: 1
.mediafire.com/	1970-01-20 04:56:06	Name: __cf_bm Value: jMIi8aTFHqtIhw7lJLGgrrKUd4DVcfrUgSXBYoNW.Z4-1659364610-0-ASuSBj0//8s7TPBqCIvq90WsIfSZJrlO0tfuaEEw3vYUJVShyb+fcBfrcvx5Zd7FNyUep4KVTOOHDKAiv0NquYg=
otnolatrnup.com/	1970-01-23 20:36:23	Name: ISH Value: #{"101":[{"SId":"64F8A8","D":"22/8/1T7:36:49"},{"SId":"64F8A8","D":"22/8/1T7:36:50"}]}
otnolatrnup.com/	1970-01-23 20:36:23	Name: ISH_Q Value: #[101,101]
.oqgaj.tk/	1970-01-20 22:27:16	Name: _ga_K68XP6D85D Value: GS1.1.1659364610.1.0.1659364610.0
.oqgaj.tk/	1970-01-20 22:27:16	Name: _ga Value: GA1.1.544222379.1659364610
.oqgaj.tk/	1970-01-20 13:41:40	Name: amp_28916b Value: GNufpmB8lvDIvbzYizXyHt...1g9ctd4rf.1g9ctd4rf.0.1.1
.openx.net/	1970-01-20 13:41:40	Name: i Value: 90032c72-1b88-0e8b-1700-81dba2c4b5e4\|1659364611
.oqgaj.tk/	1970-01-20 13:41:40	Name: _hjSessionUser_1232118 Value: eyJpZCI6ImJhYTM1YjNmLWJkMDctNWMyNi1hOTVjLWEyZDFlMDQ5M2MyYiIsImNyZWF0ZWQiOjE2NTkzNjQ2MTEwNjIsImV4aXN0aW5nIjpmYWxzZX0=
.oqgaj.tk/	1970-01-20 04:56:06	Name: _hjFirstSeen Value: 1
vvip-claimviral22.oqgaj.tk/	1970-01-20 04:56:04	Name: _hjIncludedInSessionSample Value: 1
.oqgaj.tk/	1970-01-20 04:56:06	Name: _hjSession_1232118 Value: eyJpZCI6IjYyOTUzYWI2LWZkNTAtNGI4OC05OTgzLWVkMTUzMThhMjljYSIsImNyZWF0ZWQiOjE2NTkzNjQ2MTExMDQsImluU2FtcGxlIjp0cnVlfQ==
.oqgaj.tk/	1970-01-20 04:56:06	Name: _hjAbsoluteSessionInProgress Value: 1
.openx.net/	1970-01-20 05:17:40	Name: pd Value: v2\|1659364611\|mOgeginskin0vNomiygu
.media.net/	1970-01-20 13:41:40	Name: visitor-id Value: 3023662110239048000V10
.adnxs.com/	1970-01-20 07:05:40	Name: uuid2 Value: 1771861093063586155
.quantserve.com/	1970-01-20 07:05:40	Name: d Value: EMwBDAHgJoqsMA
.quantserve.com/	1970-01-20 14:26:19	Name: mc Value: 62e7e503-3be86-81c3c-eead9
.w55c.net/	1970-01-20 14:26:19	Name: wfivefivec Value: egBsoglU1Oiwxl5
.turn.com/	1970-01-20 09:15:16	Name: uid Value: 3981601788965450587
.adform.net/	1970-01-20 05:40:43	Name: C Value: 1
.w55c.net/	1970-01-20 05:39:16	Name: matchopenx Value: 5
.adform.net/	1970-01-20 06:22:28	Name: uid Value: 8315410656540275178
.criteo.com/	1970-01-20 14:17:40	Name: uid Value: 7d44e977-b2a6-4cd1-ab69-8281f0188afc
.media.net/	1970-01-20 13:41:40	Name: data-amb Value: 3981601788965450587~~8
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrYwNTU0NzA3sxTiM9QNrjBMcTF0DnCNr_IEALRHF-4lAAAA
.rfihub.com/	1970-01-20 14:17:40	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMrYwNTU0NzA3sxTiM9QNrjBMcTF0DnCNr_IEALRHF-4lAAAA
.media.net/	1970-01-20 05:39:16	Name: data-c Value: 7d44e977-b2a6-4cd1-ab69-8281f0188afc~~1
.media.net/	1970-01-20 05:39:16	Name: data-c-ts Value: 1659364611
.doubleclick.net/	1970-01-20 14:17:40	Name: IDE Value: AHWqTUl9KNdPt9CsOCEegu8PGNvjdMtdkAiPZI6vaXnU7E_ALLNKbj-7i_xqy_FHgMo
.mfadsrvr.com/	1970-01-20 22:27:16	Name: tuuid Value: cc0cd9a8-90d8-4ecd-a408-f62ead028fd2
.mfadsrvr.com/	1970-01-20 22:27:16	Name: c Value: 1659364611
.mfadsrvr.com/	1970-01-20 22:27:16	Name: tuuid_lu Value: 1659364611
.bidswitch.net/	1970-01-20 13:41:40	Name: tuuid Value: 401e5a69-792f-4e95-8996-3efb85d6ecdd
.bidswitch.net/	1970-01-20 13:41:40	Name: c Value: 1659364611
.bidswitch.net/	1970-01-20 13:41:40	Name: tuuid_lu Value: 1659364611
.media.net/	1970-01-20 13:40:14	Name: data-rk Value: 5109685623855170769~~8
.mfadsrvr.com/	1970-01-20 22:27:16	Name: ssh Value: !medianet,1659364611
.media.net/	1970-01-20 13:41:40	Name: data-mf Value: cc0cd9a8-90d8-4ecd-a408-f62ead028fd2~~1
pool.admedo.com/	1970-01-20 13:41:40	Name: tuuid Value: 8ec5c41a-ae12-40af-baa6-915c6d5a93c8
pool.admedo.com/	1970-01-20 13:41:40	Name: c Value: 1659364611
.media.net/	1970-01-20 05:16:14	Name: data-g Value: CAESEHWFPEaOqIOQzj2lHR2HZeg~~8
pool.admedo.com/	1970-01-20 13:41:40	Name: tuuid_lu Value: 1659364612
.mathtag.com/	1970-01-20 14:21:59	Name: uuid Value: 1df762e7-e504-4400-813f-6c951eb28f4e

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://restlesscompeldescend.com/55/e2/fc/55e2fcbccf56620b0a03c404f966e180.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://restlesscompeldescend.com/6d20476f57c6553422700c48cffe0421/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://vvip-claimviral22.oqgaj.tk/images/icons/svg_dark/arrow_dropdown.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vvip-claimviral22.oqgaj.tk/js/prebid5.17.0.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vvip-claimviral22.oqgaj.tk/images/flags_svg/usa.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
6edfe475f37a9482ea913363350d3f6a.safeframe.googlesyndication.com
ad-delivery.net
ad.turn.com
ads.pubmatic.com
adservice.google.co.id
adservice.google.com
api.amplitude.com
b1sync.zemanta.com
btloader.com
c.adsco.re
c1.adform.net
c21lg-d.media.net
cdn.amplitude.com
cdn.otnolatrnup.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
dis.criteo.com
eu-u.openx.net
fundingchoicesmessages.google.com
gum.criteo.com
ib.adnxs.com
jp-u.openx.net
match.adsrvr.org
match.prod.bidr.io
otnolatrnup.com
p.rfihub.com
pixel.quantserve.com
pm.w55c.net
pool.admedo.com
region1.google-analytics.com
restlesscompeldescend.com
rtb.mfadsrvr.com
script.hotjar.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.hotjar.com
static.mediafire.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
translate.google.com
translate.googleapis.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
vvip-claimviral22.oqgaj.tk
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
sync.go.sonobi.com
103.229.205.242
104.18.183.224
13.32.23.136
142.250.185.98
142.251.37.98
162.252.214.5
178.250.0.163
18.66.139.84
18.66.97.53
185.89.210.82
192.243.59.13
193.0.160.128
2.18.235.93
2.21.184.200
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.35.228.23
2606:4700:20::681a:346
2606:4700:20::ac43:4686
2606:4700:440e::6812:2fe6
2606:4700::6811:a6ba
2606:4700::6813:d725
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9c
2a00:1450:400e:810::200a
2a02:2638::1c
2a06:98c1:3121::c
3.125.141.139
34.98.64.218
35.158.235.153
35.210.53.219
37.157.4.28
52.222.236.63
52.223.40.198
52.35.234.121
52.51.122.125
52.58.28.168
70.42.32.63
99.86.240.83
02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a
082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
29fab10f493ab649cc668bddf33aff8254d326b11406b6b3381020c4664092ab
2d592e9ad6b7cbe3d5b22075c6d5fb2ae619a151255f8ac1080c5f880d83ee49
30ff051d9b2bc547b07a8faa6f81c311b170156d7a2855e87fb666536b0546c7
34c5b83a863918156cb8da27b3fdd07a874e61e0c456f82f63ce6260382e47ee
3570d9a75268830c2d349b6fa3c5dc3897253ee5ee3d968d755ee55d4afa0df0
35b8a8a66dcdb061771076fdecd5e24b70a2ff6363e076487d0494476bd56884
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
40e6e441e85e4a10496c4ad89342a073f44a740c8df79ee9064917c8aabf596f
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
44312ceff05d2ea7e248539ea933b7e37c38d366ace01f7db1415fc0d04c5c1b
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
48d843fd4833658a036005ffb64460c130a1dae363b4e817c47cbb02ac0ad653
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
591cc662dc5e885a2e24298edb312d088faab5c19453c8aa0a444e0270a6096a
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
64878908fa9cf70885fa409b2844aa5aea4cef8c486d83a7a2c536cb0fd56be8
690d35d4ce1a031455236630a79add92d6656ded56cbe7be10702d52c8985724
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a0bb324d8418e7f147141edbc2bc4b6a63acc6a617a1ac76622243bb92771c0
7a1793d71d8853cc8e14be8576efbc7f38e4a19244bb5296018806572d73208d
7e77f39847970acaf2352e0d306d02ea9d55381ed330f443f1ede2ac6a978881
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84fa267100dd31a07814a593c9ae4066789526799e1772823e43342e58101b75
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85cf9df0f3ed17d9ee629099bbcff3b97ad84cb175393008ff21f2d2798b7e0f
8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5
8cc13350e5c65223229a458ee1986bd13f4914bf953484681d70665643669c02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99b5d109fc8a5b32f6a1df70e71168b3c47fb9a8db434c6438092d5dbd42ab69
9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2512053b37868c3158f1f584ed082ae489bf94b7aab139c1b32b72586188eb5
a36affe74db310ef0e86bb3834dc50b7ff6df46ec8ff53c26c46659778112280
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b5629bff9f7cf70baed7df75fbde4ab28280e2a687c8f4712b06a03d52666d73
b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705
bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce
c44151905a3d42e3ff041fc1c5bb730ec5b9a4860ec70361a1edaded928d8988
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ead29755d607f44ae932646ccde384e04b666bd25433ab9bf5e53fb9296745bb
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f
f1a67642fc97b508ce07cf6df329022bf5184a1c573044dc021e0d6e64688c64
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f4db0bd379f39b72b3a19f6d5a838de2cd96ebc22426f7a3d80b3121360e9dfc
f52a0c7d9fa7ae8e45916c491ae7193f9a1e289f128f05264122c53d8da970db
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fece83afc03289ebe2fc0bda3515ac72b1dd8d48dd5a7ead3af2c214b1c3d670

vvip-claimviral22.oqgaj.tk Open in urlscan Pro 2a06:98c1:3121::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

93 Requests

85 %HTTPS

44 %IPv6

38 Domains

55 Subdomains

39 IPs

10 Countries

1286 kBTransfer

4068 kBSize

62 Cookies

13 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vvip-claimviral22.oqgaj.tk Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

85 %
HTTPS

44 %
IPv6

38
Domains

55
Subdomains

39
IPs

10
Countries

1286 kB
Transfer

4068 kB
Size

62
Cookies

93 HTTP transactions
1 data transactions