urlscan.io logo urlscan.io
SecurityTrails logo

nindscity.com Open in urlscan Pro
2606:4700:3033::ac43:9d43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1698363500970.noisilyjiperve.co.uk/
Effective URL: https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744...
Submission: On October 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 15 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3033::ac43:9d43, located in United States and belongs to CLOUDFLARENET, US. The main domain is nindscity.com. The Cisco Umbrella rank of the primary domain is 380092.
TLS certificate: Issued by GTS CA 1P5 on October 3rd 2023. Valid for: 3 months.
This is the only time nindscity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 172.104.190.11 63949 (AKAMAI-LI...)
2 3 51.68.82.147 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 3.216.219.191 14618 (AMAZON-AES)
1 1 2600:1f18:66d... 14618 (AMAZON-AES)
2 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 206.81.6.225 14061 (DIGITALOC...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.21.8.204 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
15 11
3    172.104.190.11 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-190-11.ip.linodeusercontent.com
1698363500970.noisilyjiperve.co.uk
1698466759537.frailkiflesh.top
1698466760136.meltediance.info
3    51.68.82.147 (France)

ASN16276 (OVH, FR)
www.lifeyourseflt.info
1    34.147.1.177 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
admoustache.media-412.com
4    2606:4700:3037::ac43:cceb (United States)

ASN13335 (CLOUDFLARENET, US)
www.cogliatu.com
1    2606:4700:3033::ac43:b9bc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    3.216.219.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-219-191.compute-1.amazonaws.com
sherouscolvered.com
1    2600:1f18:66d3:cb20:2fc8:3500:476f:5243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nt-npltfpro.com
3    2606:4700:3030::6815:cef (United States)

ASN13335 (CLOUDFLARENET, US)
adspredictiv.com
2    206.81.6.225 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
tr-bouncer.com
2    2606:4700:3033::ac43:9d43 (United States)

ASN13335 (CLOUDFLARENET, US)
nindscity.com
2    104.21.8.204 (None, )

ASN13335 (CLOUDFLARENET, US)
feed.cn-rtb.com
t.cn-rtb.com
1    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
1    2606:4700:3034::6815:513 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
2    2606:4700:20::681a:7e4 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ocmhood.com
Apex Domain
Subdomains		 Transfer
4 cogliatu.com
www.cogliatu.com
6 KB
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 46381
t.ocmhood.com — Cisco Umbrella Rank: 11204
13 KB
3 adspredictiv.com
adspredictiv.com
5 KB
3 lifeyourseflt.info
www.lifeyourseflt.info
5 KB
2 cn-rtb.com
feed.cn-rtb.com — Cisco Umbrella Rank: 59165
t.cn-rtb.com — Cisco Umbrella Rank: 66477
834 B
2 nindscity.com
nindscity.com — Cisco Umbrella Rank: 380092
21 KB
2 tr-bouncer.com
tr-bouncer.com — Cisco Umbrella Rank: 205716
4 KB
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 48810
757 B
1 nt-npltfpro.com
nt-npltfpro.com
3 KB
1 sherouscolvered.com
sherouscolvered.com
599 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 377313
1 KB
1 media-412.com
admoustache.media-412.com
269 B
1 meltediance.info
1698466760136.meltediance.info
295 B
1 frailkiflesh.top
1698466759537.frailkiflesh.top
452 B
1 noisilyjiperve.co.uk
1698363500970.noisilyjiperve.co.uk
452 B
15 15
Domain Requested by
4 www.cogliatu.com 1 redirects www.lifeyourseflt.info
www.cogliatu.com
3 adspredictiv.com 2 redirects www.cogliatu.com
3 www.lifeyourseflt.info 2 redirects
2 t.ocmhood.com sdk.ocmhood.com
2 nindscity.com tr-bouncer.com
nindscity.com
2 tr-bouncer.com 1 redirects adspredictiv.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 t.cn-rtb.com nindscity.com
1 sdk.ocmhood.com nindscity.com
1 feed.cn-rtb.com nindscity.com
1 nt-npltfpro.com 1 redirects
1 sherouscolvered.com 1 redirects
1 cdn.addlnk.com www.cogliatu.com
1 admoustache.media-412.com 1 redirects
1 1698466760136.meltediance.info 1 redirects
1 1698466759537.frailkiflesh.top 1 redirects
1 1698363500970.noisilyjiperve.co.uk 1 redirects
15 17

This site contains no links.

Subject Issuer Validity Valid
www.lifeyourseflt.info
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-10 -
2024-02-10		 a year crt.sh
addlnk.com
GTS CA 1P5		 2023-10-09 -
2024-01-07		 3 months crt.sh
adspredictiv.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
tr-bouncer.com
R3		 2023-09-02 -
2023-12-01		 3 months crt.sh
nindscity.com
GTS CA 1P5		 2023-10-03 -
2024-01-01		 3 months crt.sh
cn-rtb.com
GTS CA 1P5		 2023-10-16 -
2024-01-14		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Frame ID: 1F3570E1FB2548CEFFA5B8F84682A184
Requests: 15 HTTP requests in this frame

Frame: https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 5482BDE0AC8110191D99FA3867395102
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Allow

Page URL History Show full URLs

  1. http://1698363500970.noisilyjiperve.co.uk/ HTTP 302
    http://1698466759537.frailkiflesh.top/dc53f606-edc5-45ab-afce-ab85b762abc4?n=1&t=1698466759537&l_next=aHR0cHM6Ly93... HTTP 302
    http://1698466760136.meltediance.info/5fd0f42b-7a3e-468c-8ad2-f6197a9f2a04?n=2&t=1698466759537&l_next=aHR0cHM6Ly93... HTTP 302
    https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=76109c4a17d2a7856e3f13... HTTP 302
    https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.3512443481001... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004af130e42b47c381bbfd796b921... HTTP 302
    https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503 Page URL
  3. https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=5d45d13c_503&c1=pub4d86ee4ba96940fd9... HTTP 302
    https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d4... HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&su... Page URL
  4. https://adspredictiv.com/jump/next.php?stamat=m%257CajI2a393aQdH8BH0dEdHP3xP.8d6%252CXn-xi3Q4tlmBFQuy... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252Cw3Mitja_oGU3Bf-GH0dEdHP3xP.2d0%252Cj... HTTP 302
    https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000... Page URL
  5. https://tr-bouncer.com/r?zid=6421&uid=497&c_from=&pubid=3744083-887628016-2686539887&psubid=1698466... HTTP 302
    https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138... Page URL

Page Statistics

15
Requests

93 %
HTTPS

57 %
IPv6

15
Domains

17
Subdomains

11
IPs

5
Countries

53 kB
Transfer

110 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1698363500970.noisilyjiperve.co.uk/ HTTP 302
    http://1698466759537.frailkiflesh.top/dc53f606-edc5-45ab-afce-ab85b762abc4?n=1&t=1698466759537&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzYwLThmZTc1JmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
    http://1698466760136.meltediance.info/5fd0f42b-7a3e-468c-8ad2-f6197a9f2a04?n=2&t=1698466759537&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzYwLThmZTc1JmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
    https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=76109c4a17d2a7856e3f13519bac3f46&eyer=0.3512443481001333&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.3512443481001333&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004af130e42b47c381bbfd796b9214f9741028-202310-flb*5698360-8fe75**sl_5698360-8fe75*948ca2ad51314715930897ebc5bb7eec6e280cdf** HTTP 302
    https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503 Page URL
  3. https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=5d45d13c_503&c1=pub4d86ee4ba96940fd9804e61ea277e263 HTTP 302
    https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503&s2=w2nnaqa9aasp54ks2p6fjre8 HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503 Page URL
  4. https://adspredictiv.com/jump/next.php?stamat=m%257CajI2a393aQdH8BH0dEdHP3xP.8d6%252CXn-xi3Q4tlmBFQuyFmXaV0CvUO95WuKJwDC6gblPIgb-nKH_7PXrV7oxDqC5HuLsUT4K-jwS1P1ARJwylcYLmCjMJFrTJ5WiLEDcBbPUNqePkKTLgzoRa06VJunVtnDe0JOvin-GbQcl8O9VW4TgQbYJ1fogkLMrNz8gtgiWT1-z04l0XdSXHvcsnPFgWS6z&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503&cbur=0.9270737294628781&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252Cw3Mitja_oGU3Bf-GH0dEdHP3xP.2d0%252CjVhwXNkefSwlUw9i5P3A_15TCdE0wGEXnxCR5sHzkEh4tfY1EHagx27lVAO9yFkxDGde3fOFEdVHmYNC7NUo0KZ7-n45GpgQrU7wnGieCCUyl9PNeOdGhA4SsVbhJTw-GdVfstjJ-xtJWaXJpSA6kcVMXbqOCuiZMBqd2nmQ3AJOAQ085t6gXNx3fUSDTJykvLP6eeIWYvW1QUQVZjdsvg4CPGm3oDaTVSC_24Ak-B2M6feDuqIjiFJ7sfb862673plxu4Qmb-yNYaDKAxeICcrt0x1yw8A03n8gu3LmCF1ZsJ0nvQLmjqHNUPQcPv-BPzhPZfQ3OFKMj8DxHNj-D7vTS1ZRlWjbGA6mIMuQhGRpG-rpVd7Kx0PfWH4m1-ujyNQpV1-AjilPRQGQUjDL3wofSP61g927XlNfHIsRrIVFCFAx4jKFOjiFt9f49WmBkK7D5e7jC6TQ_ZEyKa7cNMHGWdo06QWJlLPUeeERMYKrwjrMZFPIKlx9tRA2RqVbULMpK780CkKZOLZvY2BizeHrn7CffzsdD293hFA-9KlTTJMdJ5crpQxpEjM4s9vAR3ZS-jFVcjGnmHejSWni4TRZ7QS1k_tjmCb_NaJo738S0Z0o6oWay4afp5M5KMWfg1wUmbgZ49mOyfhT3VI0vCZCDQpZOmSyekG_8cDPFHAejLtQ07-Y-mnYkV16KfXw HTTP 302
    https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49 Page URL
  5. https://tr-bouncer.com/r?zid=6421&uid=497&c_from=&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49&s1=&s2=&s3=&s4=&s5=&c_inif=n&c_key=4%7C8%7C24%7C24%7C1%7C0%7C1600%7C1200%7C18%7C19%7C-10%7C-10%7CPacific%2FHonolulu%7Cen-US%7CWin32%7CIntel%20Inc.%7CIntel%20Iris%20OpenGL%20Engine%7C11%7C16%7C4096%7C32%7C31%7C1%7C1%7C1%7C1023%7C4096%7C32%7C8192%7C8192%7C16384%7C64%7C1%7C16%7C16384%7C128%7C124%7C16384%7C14%7C128%7C7%7C8%7C8%7C4%7C2048%7C2048%7C15%7C72%7C65536%7C60%7C245760%7C245760%7C128%7C4%7C4&c_r=location HTTP 302
    https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1698363500970.noisilyjiperve.co.uk/ HTTP 302
  • http://1698466759537.frailkiflesh.top/dc53f606-edc5-45ab-afce-ab85b762abc4?n=1&t=1698466759537&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzYwLThmZTc1JmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
  • http://1698466760136.meltediance.info/5fd0f42b-7a3e-468c-8ad2-f6197a9f2a04?n=2&t=1698466759537&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzYwLThmZTc1JmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
  • https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=
Request Chain 1
  • https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=76109c4a17d2a7856e3f13519bac3f46&eyer=0.3512443481001333&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.3512443481001333&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004af130e42b47c381bbfd796b9214f9741028-202310-flb*5698360-8fe75**sl_5698360-8fe75*948ca2ad51314715930897ebc5bb7eec6e280cdf** HTTP 302
  • https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
Request Chain 3
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Request Chain 4
  • https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=5d45d13c_503&c1=pub4d86ee4ba96940fd9804e61ea277e263 HTTP 302
  • https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503&s2=w2nnaqa9aasp54ks2p6fjre8 HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503
Request Chain 6
  • https://adspredictiv.com/jump/next.php?stamat=m%257CajI2a393aQdH8BH0dEdHP3xP.8d6%252CXn-xi3Q4tlmBFQuyFmXaV0CvUO95WuKJwDC6gblPIgb-nKH_7PXrV7oxDqC5HuLsUT4K-jwS1P1ARJwylcYLmCjMJFrTJ5WiLEDcBbPUNqePkKTLgzoRa06VJunVtnDe0JOvin-GbQcl8O9VW4TgQbYJ1fogkLMrNz8gtgiWT1-z04l0XdSXHvcsnPFgWS6z&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503&cbur=0.9270737294628781&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252Cw3Mitja_oGU3Bf-GH0dEdHP3xP.2d0%252CjVhwXNkefSwlUw9i5P3A_15TCdE0wGEXnxCR5sHzkEh4tfY1EHagx27lVAO9yFkxDGde3fOFEdVHmYNC7NUo0KZ7-n45GpgQrU7wnGieCCUyl9PNeOdGhA4SsVbhJTw-GdVfstjJ-xtJWaXJpSA6kcVMXbqOCuiZMBqd2nmQ3AJOAQ085t6gXNx3fUSDTJykvLP6eeIWYvW1QUQVZjdsvg4CPGm3oDaTVSC_24Ak-B2M6feDuqIjiFJ7sfb862673plxu4Qmb-yNYaDKAxeICcrt0x1yw8A03n8gu3LmCF1ZsJ0nvQLmjqHNUPQcPv-BPzhPZfQ3OFKMj8DxHNj-D7vTS1ZRlWjbGA6mIMuQhGRpG-rpVd7Kx0PfWH4m1-ujyNQpV1-AjilPRQGQUjDL3wofSP61g927XlNfHIsRrIVFCFAx4jKFOjiFt9f49WmBkK7D5e7jC6TQ_ZEyKa7cNMHGWdo06QWJlLPUeeERMYKrwjrMZFPIKlx9tRA2RqVbULMpK780CkKZOLZvY2BizeHrn7CffzsdD293hFA-9KlTTJMdJ5crpQxpEjM4s9vAR3ZS-jFVcjGnmHejSWni4TRZ7QS1k_tjmCb_NaJo738S0Z0o6oWay4afp5M5KMWfg1wUmbgZ49mOyfhT3VI0vCZCDQpZOmSyekG_8cDPFHAejLtQ07-Y-mnYkV16KfXw HTTP 302
  • https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.lifeyourseflt.info/
Redirect Chain
  • http://1698363500970.noisilyjiperve.co.uk/
  • http://1698466759537.frailkiflesh.top/dc53f606-edc5-45ab-afce-ab85b762abc4?n=1&t=1698466759537&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzYwLThmZTc1JmRhdGExPVRyYWNrMSZkYXRhMj1UcmF...
  • http://1698466760136.meltediance.info/5fd0f42b-7a3e-468c-8ad2-f6197a9f2a04?n=2&t=1698466759537&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzYwLThmZTc1JmRhdGExPVRyYWNrMSZkYXRhMj1UcmF...
  • https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Sat, 28 Oct 2023 04:19:21 GMT
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
226
Content-Type
text/html; charset=utf-8
Date
Sat, 28 Oct 2023 04:19:20 GMT
Keep-Alive
timeout=5
Location
https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=
Vary
Accept
X-Powered-By
Express
a91581ead4
www.cogliatu.com/rc/
Redirect Chain
  • https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=76109c4a17d2a7856e3f13519bac3f46&eyer=0.3512443481001333&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.3512443481001333&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330004af130e42b47c381bbfd796b9214f9741028-202310-flb*5698360-8fe75**sl_5698360-8fe75*948ca2ad51314715930897ebc5bb7eec6e...
  • https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
Requested by
Host: www.lifeyourseflt.info
URL: https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de72f215234707a821f5b8d176d4fad59c0bbd863b1947a599af2f6dc1866b0

Request headers

Referer
https://www.lifeyourseflt.info/?sl=5698360-8fe75&data1=Track1&data2=Track2&tag=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d06150fa5f9aef-MIA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 28 Oct 2023 04:19:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgxQ0zG6wDIr7p8oanV%2BH%2F40YD0ARt3PncX4gqpCvIs2MNIAlL6s9NRp4CLfTEm8av0MRHFjVHrQYnxJ%2FJ%2BwVIWELgy9AGTHWHdejY9iWVoByiYnnlQvuCVjjX2w3fJ6iHonC86M%2BMjQN03aRm70"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 28 Oct 2023 04:19:22 GMT
location
https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: www.cogliatu.com
URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b9bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F43XHFKKB2787EKX
age
1989
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
fzjBikotBEIUIfGSULvefTJH8Onnas5qS9jybVOLIWpC7glPalum/1914l+4VQpNgZiuWwgGjXg=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWLQS98aMsWLN3O4RSEVwJRCZiEbe37XQhzcSfVQv%2FmIWdJlQ1ogmTcXYE96oOSWFtnJ%2FeVEJmPrsu6LKq%2BVm%2Fpum5w9vEwVjz%2FbZV1Mkh4gmWgyLs6jhrOU4wYvkH5G5XG1yajHBI2w9rvHtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
81d061546af74978-MIA
main.js
www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 5482
Redirect Chain
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Protocol
H2
Server
2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:23 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QTCxpBiLbTCSOH51Q5pUqV4GVEY5WYQVBIjBleEiz0T2PcErebO19xXF7d1fflokwV0N8nAI5hZ%2BKEZ4ux8R%2BbjA%2BSN4bfLPyQq7i%2BR9NCFxoL5v4QrFjqBxMEBcA5cY7QNA0f35HDz9xBJZpg0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
81d061550f3f9aef-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 28 Oct 2023 04:19:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZyF4RkmiovkZ8BHDopaLfh806G60scyIubkJfzG9JP8lN8tNHlU%2BiW6gkvzLZfQ7%2FsTVRgHVOTvswNxFkMg0ENxUhOLWBWUQ8B1TeL6Ixrriu%2FUEceaRhX2jU1dJBVx1ui1OTSRHL38hy1tnkq7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control
max-age=300, public
cf-ray
81d06154cef09aef-MIA
alt-svc
h3=":443"; ma=86400
next.php
adspredictiv.com/jump/
Redirect Chain
  • https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=5d45d13c_503&c1=pub4d86ee4ba96940fd9804e61ea277e263
  • https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503&s2=w2nnaqa9aasp54ks2p6fjre8
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503
Requested by
Host: www.cogliatu.com
URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.cogliatu.com/rc/a91581ead4?affclick=653c8bca158ea90001818b26&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d061582a2d8dcd-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 28 Oct 2023 04:19:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3rZLIqXQtTQCvP20hFfGhQIhr9JjP4CkaK0axoIXWUZ5CHwmPVLcivUl%2BBrEhwOXwgWV9OLtXz2EM6%2FIPN14QKx%2F9T8bzeXyWbOCnnDHZ7oUwjdMFw%2FzO9sGrHb06WRNZyFqWkzVLqw2dLIRtlB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Sat, 28 Oct 2023 04:19:23 GMT
location
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503
server
nginx
81d06150fa5f9aef
www.cogliatu.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 5482 		0
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/jsd/r/81d06150fa5f9aef
Requested by
Host: www.cogliatu.com
URL: https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 28 Oct 2023 04:19:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c11mqbmpmlWE8Sx9YGCB4EeRRbWPKHJb9xUtujVTbFS2d0lg56yJSOReauiP1ox3F2W%2BozIsL3tMvArqHumRr5LoJsYpNdZ70J9DX%2FKPpt8JjkddpodOe7gR3m%2FFzbPRIZhkR3IxFFGpYVrC%2Fhv%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
81d061564eb1b3ef-MIA
alt-svc
h3=":443"; ma=86400
d
tr-bouncer.com/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257CajI2a393aQdH8BH0dEdHP3xP.8d6%252CXn-xi3Q4tlmBFQuyFmXaV0CvUO95WuKJwDC6gblPIgb-nKH_7PXrV7oxDqC5HuLsUT4K-jwS1P1ARJwylcYLmCjMJFrTJ5WiLEDcBbPUNqePkKTL...
  • https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252Cw3Mitja_oGU3Bf-GH0dEdHP3xP.2d0%252CjVhwXNkefSwlUw9i5P3A_15TCdE0wGEXnxCR5sHzkEh4tfY1EHagx27lVAO9yFkxDGde3fOFEdVHmYNC7NUo0KZ7-n45GpgQr...
  • https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49
14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.81.6.225 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.3 /
Resource Hash
3b592a11e9471fe22ce0e9ef0ca16f7364c757defa39d0cc31d317e59f7a504a

Request headers

Referer
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=075019a6e3b04c418044cd2b2508baee2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_5d45d13c_503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 28 Oct 2023 04:19:24 GMT
Server
nginx/1.15.3
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d0615cf8bc2227-MIA
content-type
text/html; charset=utf-8
date
Sat, 28 Oct 2023 04:19:24 GMT
location
https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddbs%2FywM9xmwpkXZhVGZdGUbxGzqCB%2BBdBa5yTx%2BOXwHTgJF%2BsuhK02GGXpuAVtYU4yyh50e%2Fc4gVXh3aDMthBc2vaKy9dNmZLcVUTNdW8uZKQeAr0Sk8mBcjVtNKOTNjrXdrGXthIz7SIZL0wTk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
Primary Request -YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU
nindscity.com/
Redirect Chain
  • https://tr-bouncer.com/r?zid=6421&uid=497&c_from=&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49&s1=&s2=&s3=&s4=&s5=&c_inif=n&c_key=4%7C8%7C24%7C24%7C1%7C0...
  • https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
32 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Requested by
Host: tr-bouncer.com
URL: https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
752554b2ac3f46dff2afb7822078d2a02c10b098570127134bd219e846e8473e

Request headers

Referer
https://tr-bouncer.com/d?zid=6421&uid=497&pubid=3744083-887628016-2686539887&psubid=169846676310000TUSTV62001R550R1d05R1RR96V40d49
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81d06161e91a8dc6-MIA
content-encoding
br
content-type
text/html
date
Sat, 28 Oct 2023 04:19:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wM79Ot0x%2FwZ16XH7MFS6zxcCARLlzU%2Bbgak%2F5t2WvwKUvdEnZMBHmt3vd9ClIUpvdn%2FcZze4uAgHw3H5bvvwHtdmq31WMconjZDLy0ZuZDsOFuRsX2DpdMjqNGKPV1M05g482SagX8L8c%2BLa"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
223
Content-Type
text/html; charset=utf-8
Date
Sat, 28 Oct 2023 04:19:24 GMT
Location
https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Server
nginx/1.15.3
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ 		656 B
834 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=70443&uid=98e04288-6808-4a89-bbe1-20476f5ca646&kw=download%20install
Requested by
Host: nindscity.com
URL: https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
162bcd06cb588aea661b9539dd99adaa402b2d789c8216504888c983881a958e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nindscity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
model
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vd97gHSv3GQNTMHJgWgMoHN9JqxTbm6ZZLD8ycbhO5SrBa5cyGDqqsfQgIBRFJjy%2BT%2BPfR9q5s%2BxpnLE2LTrDxpNWj0jNUV0Dbg3lx6IPvQiQuJj0oFC5vB8OWoCpgtp9mc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
81d06163380f31ec-MIA
alt-svc
h3=":443"; ma=86400
conf.json
nindscity.com/hood/bmluZHNjaXR5LmNvbQ==/ 		49 B
405 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nindscity.com/hood/bmluZHNjaXR5LmNvbQ==/conf.json
Requested by
Host: nindscity.com
URL: https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 03 Oct 2023 08:56:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651bd733-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWdQY8lZ8yNOUZIr0jHeQYAsKkVRSBi6ZX6nhjVTKKKR5dQ0JB5Jm3HN5lu2SlaykDf82o6f%2BCon6kz1%2BJn5zgl6DlXnx9Kyj9gsYQyvEF9p8PQDVVRLPIaRIUSWzCMwSCexyhlWRByUfhP%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
81d06162aa128dc6-MIA
alt-svc
h3=":443"; ma=86400
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/jpeg
ht.js
sdk.ocmhood.com/sdk/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Requested by
Host: nindscity.com
URL: https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8

Request headers

Referer
https://nindscity.com/
Origin
https://nindscity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1858
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Fri, 21 Jul 2023 09:35:24 GMT
server
cloudflare
etag
W/"64ba515c-2e63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyaaBDTJzx4R657LJ6nbYKtV8KZLhDLmKKMU%2FkKfeB0%2BXapGJI%2BzfWMRdGOw%2BAFkksJwlmVm5HN3%2FKmi0N%2FQGZ%2FYtK4YXHS1L7Po8JYpa0sAl576ZsuiFp09U7JilVuSAfdb3LYjJnZphrLg3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
81d061687e0c5c67-MIA
imp
t.cn-rtb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.cn-rtb.com/imp?l2=tCRn9t09qn4PHHhqPHC647jxdO-XVbXpuAXbDr_fnT_SJ6ILjA43HUPYIAttA8Kx0dDTB1NBh7lkss1q_Kf7hP51MxTBtl9Of50gC7Yr9hX7E5qHYczF00QkOOn2BaVyyGg0L6tfFjCFCNY3y8lM9bOXF1YzWSbM4FuwnD0qu3kAkQzBRqV9vxdnYB38JHhH
Requested by
Host: nindscity.com
URL: https://nindscity.com/-YtRzZqF5F0ifTa4W0Ty9rr6Ly6ZNVJu4NXSFdpz2AU?clck=6421-3759-1100-914018-13138-1698466764&sid=3744083-887628016-2686539887&c_click_id=6421-3759-1100-914018-13138-1698466764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.8.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nindscity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jw62bbWt6HLoO8Zdf9y5FcSdpqpzFSKtgSeugMekPSXyDocPnQpCTH4TT2XkvsDgoPsQS%2BGv351OwDlVevZ7x0xi%2FnJ9LkYAtRj4LzYfdwvr%2BuoyBGYXsrTxO9ijyLU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
81d061653abd31ec-MIA
alt-svc
h3=":443"; ma=86400
NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js
cdn.ocmtag.com/tag/ 		279 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nindscity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 04:19:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6389
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 03 Oct 2023 07:27:50 GMT
server
cloudflare
etag
W/"651bc276-117"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75ZO6nFZP76AgPEJKGeypZkdejIr%2FFcAfCuZk8%2FIVWIu0GMnyAfGDmQ4Fw41zV7Znb7UErLGBKDTq4fHcg2ZgisdTVF3suxWM%2BL09n6e4kd3WgRUUYShPb88Rvc44c2Sz3A2bhkFkZyEXSwHcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
81d061694efa0992-MIA
activity
t.ocmhood.com/v2/ 		0
266 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nindscity.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 28 Oct 2023 04:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXyBowCZFTw3Z6AjeuKKCN2IbSkGdyxtem6YjgTuVI54g0F7%2FJRYtZbVA1%2FWj97AicMUEpZUJBUrJndB341aRpKCOdUTLsz5KTuTpfj8DdHhq4YwPu7YGQJ%2Buw16KdsMdVQaYPl2aWvUy84%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
81d0616a09d18d9d-MIA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
434 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nindscity.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 28 Oct 2023 04:19:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXqnBb3Hse%2B61jMCE2T3TbEJmrkvD60dQoitdSBtgKnGAEcCNB73fQUXDv%2FAkeuzo72A%2FqxmNFQoDk2905RJtiloZZO4QmEfqxiI1EBFoEUKA%2FLKKX3iF6SAjn3jilANVdZvOJLTa8ViiOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
81d0616a09d28d9d-MIA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block object| sParams string| cc function| Hood function| NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT

20 Cookies

Domain/Path Name / Value
admoustache.media-412.com/ Name: afclick
Value: 653c8bca158ea90001818b26
www.cogliatu.com/ Name: AWSALB
Value: T11XZyp76rcftX2X5PJ60VkXiSX8JSza8/cWYPzAFPRYz1vHFg2MNcWzue6BsAjae3UZxbJYz5MiVdGkiuun/72FzMBb/W7wQ1R0TSq7LMbNsJOsoSWDNaKiGxCI
.sherouscolvered.com/ Name: 48e1581e-25eb-44e8-8643-630ec6118413-v4
Value: 7ouoU4q6jjiWNH5xFkJdh85ihRF-QuVdAO57puFC8Z0
.sherouscolvered.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22w2nnaqa9aasp54ks2p6fjre8%22%2C%22caid%22%3A%2248e1581e-25eb-44e8-8643-630ec6118413%22%7D
.cogliatu.com/ Name: cf_clearance
Value: zMeP3WJnuQdViYqk_4jkBqND1pEYN1mKLuDdiuVRG7k-1698466763-0-1-e5ef4608.1530a87f.3407a175-0.2.1698466763
.nt-npltfpro.com/ Name: gdm_sid_v1_3_001
Value: 8k6yCCYTfj42H+tMheoIL/SdMgSkOAhNQTHIVGZFSDGldmqMDrWdJhvtrlu2Y8Wfr2mlTY3n4ihCzrbLZgLxsMvNG3/QK8Is12H4lWnXS+QeFl1lLBl+b+MeE/RmU8tvzBGaA49LuaDDqRFT1Rp39MYZgG4DGXfpjxyVSMAE8QESe1nnb7EAt7I4wRQO9lX9IpAjTAPnResD2WZIg1wdzrt4lJtXhGVqROMs9ansKbxWNjQWHAYFjS2RWZeOtTA25egQ/vHaRjzu7RTSr664K3xXT+cfGWOu53EHn7zvElTq1Guq2WOwSW2x86ebodKCPd4FRuinfJoQnygpu/2JbFgMYmL9EvRR5Lou7Rbjus0vMrGDJXBsxaNdYnWTNW8SYH0wGFb6RX4WufkLPRpXILjy3hX7XMiLro88Bx6dK5f9r1GSkAeMaA5Sop/H1gEE8IWw8uZNL7wndTOcCr9kkGjaNWUIpqswdbb298M9PGsxKwqCRBroNUjAieN0umue6w17SgTuVyetXAxzW298Yj4JOKeWIINuKMEYW4eVxlyMrHkieoZgHXeaQXa4UPFWsiAiAzTxnRRvaQyCPETkSD2kAtpdznRkq4nL//lx3/A0uM80Go3KGG9ddWve3/cPiS5UfXp9TUHMgSF4RnxPRwD7Puky/gdV+9X3FN2gnuwpddNYR/QqP7c/pK1wpspAwulkYAyZ6l6k3pcf6VzYTLbfhHmJBBXWvrRDc7UYdfjpdURZtdyagDPRkj9SLjEbG3u4LMjmP5NBq2iKS5+igXUtOuvGTPTPICZNGXILltSLE9KR60ZruvqE+r57VOCPNXHGe2LeT+R+RrI+PmHq+xiE4tzOvAZD5Jk1wZ6eptt1IOyzmV8LNYfbRnYQeugLIRrIPDUm0sSvXW7kIoRwCR/uEO1de0GCmlv9WtEBpwRqoouWJ7AT7CK9M3vvWoDm83Z6eqnyifiozKFCXHCdUtOlebTOklbIHSEJNVQNsqZN8Im4W4yQQ+GYmBXK3D5aeBoEuWP+Dt8l1FevlEwU9GJVel09tMxA7Pzrp+BbIMrN3a9UgOboETVlIL/Pjw6uPGeoCV2DSvwJPXBkbSi0/vLNS7pMmvCf531+FPYwe7jidFUDJszqGwFb0waqgjD2NbEU06tc2BaxUlttQvbnFw==
.nt-npltfpro.com/ Name: gdm_sid_v2_3_001
Value: 8k6yCCYTfj42H+tMheoIL/SdMgSkOAhNQTHIVGZFSDGldmqMDrWdJhvtrlu2Y8Wfr2mlTY3n4ihCzrbLZgLxsMvNG3/QK8Is12H4lWnXS+QeFl1lLBl+b+MeE/RmU8tvzBGaA49LuaDDqRFT1Rp39MYZgG4DGXfpjxyVSMAE8QESe1nnb7EAt7I4wRQO9lX9IpAjTAPnResD2WZIg1wdzrt4lJtXhGVqROMs9ansKbxWNjQWHAYFjS2RWZeOtTA25egQ/vHaRjzu7RTSr664K3xXT+cfGWOu53EHn7zvElTq1Guq2WOwSW2x86ebodKCPd4FRuinfJoQnygpu/2JbFgMYmL9EvRR5Lou7Rbjus0vMrGDJXBsxaNdYnWTNW8SYH0wGFb6RX4WufkLPRpXILjy3hX7XMiLro88Bx6dK5f9r1GSkAeMaA5Sop/H1gEE8IWw8uZNL7wndTOcCr9kkGjaNWUIpqswdbb298M9PGsxKwqCRBroNUjAieN0umue6w17SgTuVyetXAxzW298Yj4JOKeWIINuKMEYW4eVxlyMrHkieoZgHXeaQXa4UPFWsiAiAzTxnRRvaQyCPETkSD2kAtpdznRkq4nL//lx3/A0uM80Go3KGG9ddWve3/cPiS5UfXp9TUHMgSF4RnxPRwD7Puky/gdV+9X3FN2gnuwpddNYR/QqP7c/pK1wpspAwulkYAyZ6l6k3pcf6VzYTLbfhHmJBBXWvrRDc7UYdfjpdURZtdyagDPRkj9SLjEbG3u4LMjmP5NBq2iKS5+igXUtOuvGTPTPICZNGXILltSLE9KR60ZruvqE+r57VOCPNXHGe2LeT+R+RrI+PmHq+xiE4tzOvAZD5Jk1wZ6eptt1IOyzmV8LNYfbRnYQeugLIRrIPDUm0sSvXW7kIoRwCR/uEO1de0GCmlv9WtEBpwRqoouWJ7AT7CK9M3vvWoDm83Z6eqnyifiozKFCXHCdUtOlebTOklbIHSEJNVQNsqZN8Im4W4yQQ+GYmBXK3D5aeBoEuWP+Dt8l1FevlEwU9GJVel09tMxA7Pzrp+BbIMrN3a9UgOboETVlIL/Pjw6uPGeoCV2DSvwJPXBkbSi0/vLNS7pMmvCf531+FPYwe7jidFUDJszqGwFb0waqgjD2NbEU06tc2BaxUlttQvbnFw==
.nt-npltfpro.com/ Name: gdm_uid_v1_1_001
Value: CqevIN9bt/lqcJe5zTjrM4VUpxIpDT98Y9SaGsPBhDiIv3ds/OVJqxFnlkucLbgB
.nt-npltfpro.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xyl+z3sHn/j47bLE3hC2UC9gh7B7BZSwxSmX4QtDyQbooy
.nt-npltfpro.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.nt-npltfpro.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.nt-npltfpro.com/ Name: gdm_uid_v2_1_001
Value: CqevIN9bt/lqcJe5zTjrM4VUpxIpDT98Y9SaGsPBhDiIv3ds/OVJqxFnlkucLbgB
.nt-npltfpro.com/ Name: gdm_click_freq_v1_1_001
Value: O0bSZ3Md1bo7JW/RvsMNnzZ7yYzdz2LhRVtjfAfToXh8jftH15SKhIQBwm2BNZ3N
.nt-npltfpro.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xyl+z3sHn/j47bLE3hC2UC9gh7B7BZSwxSmX4QtDyQbooy
.nt-npltfpro.com/ Name: gdm_click_freq_v2_1_001
Value: O0bSZ3Md1bo7JW/RvsMNnzZ7yYzdz2LhRVtjfAfToXh8jftH15SKhIQBwm2BNZ3N
tr-bouncer.com/ Name: chrot
Value: 3759
tr-bouncer.com/ Name: chfrq
Value: eyIzNzU5Ijp7ImlkIjozNzU5LCJyZW1haW5kZXIiOjk5OX19
nindscity.com/ Name: session
Value: xrPaOb2HlkG_UJXt95DLPaq3NXzbW6TX
.nindscity.com/ Name: _ht_v
Value: 1698466766.3861327456
.nindscity.com/ Name: _ht_s
Value: 1698466766.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1698363500970.noisilyjiperve.co.uk
1698466759537.frailkiflesh.top
1698466760136.meltediance.info
admoustache.media-412.com
adspredictiv.com
cdn.addlnk.com
cdn.ocmtag.com
feed.cn-rtb.com
nindscity.com
nt-npltfpro.com
sdk.ocmhood.com
sherouscolvered.com
t.cn-rtb.com
t.ocmhood.com
tr-bouncer.com
www.cogliatu.com
www.lifeyourseflt.info
104.21.8.204
172.104.190.11
206.81.6.225
2600:1f18:66d3:cb20:2fc8:3500:476f:5243
2606:4700:20::681a:6e4
2606:4700:20::681a:7e4
2606:4700:3030::6815:cef
2606:4700:3033::ac43:9d43
2606:4700:3033::ac43:b9bc
2606:4700:3034::6815:513
2606:4700:3037::ac43:cceb
3.216.219.191
34.147.1.177
51.68.82.147
162bcd06cb588aea661b9539dd99adaa402b2d789c8216504888c983881a958e
260b073c6af7b2e361f1ba7f05d23007587adbdd79de704fc1999c9d64cd737e
3b592a11e9471fe22ce0e9ef0ca16f7364c757defa39d0cc31d317e59f7a504a
5de72f215234707a821f5b8d176d4fad59c0bbd863b1947a599af2f6dc1866b0
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
752554b2ac3f46dff2afb7822078d2a02c10b098570127134bd219e846e8473e
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2