remacolodra.click Open in urlscan Pro
159.223.7.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562
Effective URL:
https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&...
Submission: On July 09 via api (July 9th 2024, 10:53:52 pm UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 51 HTTP transactions. The main IP is 159.223.7.218, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is remacolodra.click.
TLS certificate: Issued by R3 on May 29th 2024. Valid for: 3 months.

This is the only time remacolodra.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.70.16.242 3.70.16.242	16509 (AMAZON-02) (AMAZON-02)
2	159.223.7.218 159.223.7.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
34	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	87.250.251.134 87.250.251.134	13238 (YANDEX) (YANDEX)
1	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
3 9	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
1	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
51	7

1 3.70.16.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-16-242.eu-central-1.compute.amazonaws.com

www.mediafortunes.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.223.7.218 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

remacolodra.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ubankroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.250.251.134 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: front-jsapi.slb.maps.yandex.net

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 87.250.250.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	ubankroll.com ubankroll.com — Cisco Umbrella Rank: 187393	359 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6602	4 KB
8	yandex.ru 1 redirects api-maps.yandex.ru — Cisco Umbrella Rank: 26313 mc.yandex.ru — Cisco Umbrella Rank: 2202	355 KB
2	remacolodra.click remacolodra.click	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	1 KB
1	mediafortunes.xyz 1 redirects www.mediafortunes.xyz	1 KB
51	6

	Domain	Requested by
34	ubankroll.com	remacolodra.click ubankroll.com
8	mc.yandex.com	2 redirects remacolodra.click mc.yandex.ru
6	api-maps.yandex.ru	remacolodra.click api-maps.yandex.ru
2	mc.yandex.ru	1 redirects remacolodra.click
2	remacolodra.click
1	fonts.googleapis.com	ubankroll.com
1	www.mediafortunes.xyz	1 redirects
51	7

This site contains no links.

Subject Issuer	Validity	Valid
remacolodra.click R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
ubankroll.com WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
api-maps.yandex.ru GlobalSign RSA OV SSL CA 2018	`2024-05-07` - `2024-10-31`	6 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh

This page contains 2 frames:

Primary Page: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Frame ID: E435335A0A4C0DB34363F18CF0F610A5
Requests: 50 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 40447B8FAD0159FC10E779BFF4D01467
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Congratulations!

Page URL History Show full URLs

http://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562 HTTP 307
https://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562 HTTP 302
https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e2... Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

721 kB
Transfer

1886 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562 HTTP 307
https://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562 HTTP 302
https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10425.zlDP96SL_AmoxnGBCgn69GcvaPhtK2feTrTzZPXUqBQIqut4PdREE3TGhsUEMkh7.xgObXLXXnBEL8F1cT986c0ObuSI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10425.PbPHGekyyUwHZaG6G55WP2_4dfEPjQZx3ak_I2iwNP__lMNoD1QU81WKLKj9SFxRzJJHyl22rSap80zGIs0onnw8bh7wgVA-kstDPWfAXo6qbz-gXp7dFmb0hnJ_A5zxCbSbuFTb0Buzo8AhSyt6Jd98nUZSJwg3tUrx_vrTUSnKNyg8n0BqyRRAFHUlL_ir6RLvugwWA_KINkxAyhy1BjSSoeoFcmtUwHozrGokpqY%2C.iy4an9XMtn8OyIj74NmWhBl93Dw%2C

Request Chain 44

https://mc.yandex.com/watch/53079421?wmode=7&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A447308985984%3Ahid%3A962510739%3Az%3A120%3Ai%3A20240710005348%3Aet%3A1720565629%3Ac%3A1%3Arn%3A318768758%3Arqn%3A1%3Au%3A1720565629898265785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2726%3Awv%3A2%3Ads%3A0%2C31%2C195%2C2%2C374%2C0%2C%2C1903%2C38%2C%2C%2C%2C2636%3Aco%3A0%3Acpf%3A1%3Ans%3A1720565625402%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720565629%3At%3ACongratulations!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/53079421/1?wmode=7&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A447308985984%3Ahid%3A962510739%3Az%3A120%3Ai%3A20240710005348%3Aet%3A1720565629%3Ac%3A1%3Arn%3A318768758%3Arqn%3A1%3Au%3A1720565629898265785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2726%3Awv%3A2%3Ads%3A0%2C31%2C195%2C2%2C374%2C0%2C%2C1903%2C38%2C%2C%2C%2C2636%3Aco%3A0%3Acpf%3A1%3Ans%3A1720565625402%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720565629%3At%3ACongratulations%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request WNbBFLtZ Show response
remacolodra.click/
Redirect Chain

http://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562
https://www.mediafortunes.xyz/go/758d4fa0-653a-4e24-aa50-cdb876bf7562
https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA

13 KB
4 KB

356ms
196ms

Document
text/html

159.223.7.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.223.7.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a5fcbff5657e0cce0eba695728d67a0a2b52ebd36524597d92cb6a987d68c70a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 09 Jul 2024 22:53:46 GMT
Expires: Tue, 09 Jul 2024 22:53:45 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-length: 396
content-type: text/html; charset=utf-8
date: Tue, 09 Jul 2024 22:53:45 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
server: openresty
vary: Accept
x-response-time: 11.464ms

GET
H3 200 jquery-1.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 95 KB
33 KB 55ms
25ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/jquery-1.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5517
etag: W/"6335adb1-17b8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GRupxZHWyFdmT7AVGbTS3tq3FnpxG5f1rvFmO3PCVPzZYpSLRhRuNW%2FLJlZwrKw0RkYsi61CEnbENaF10G4Qh2jvOpWF6r%2FNqsxxvboJEl5twG1XZTpwyeGnlMuZjkrV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbed239c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 placeholders-3.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 4 KB
2 KB 78ms
48ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/placeholders-3.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1314
etag: W/"6335adb2-10aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e754yRZAT%2BJjAwCXWcucWRUG%2FJQO6XYW75hDPe5xWLe4BiNrA7UXQZo5grhpUJGtaEyg35zc2V2eU%2FruqTiNnFgY2PyfnB%2F57y2%2F2MuzmiJSQp0%2Fc5GlbAYyNa9AK%2FxF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbed339c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 moment-with-locales-2.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 243 KB
64 KB 82ms
53ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/moment-with-locales-2.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a423b0df260fa67d26563563e00c2000944ac7aafceb7448eb303705168688e

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5518
etag: W/"6335adb2-3cd3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFtvpCHMj%2FXamw0kvpYikRi%2BeaH9MmVpcznYKV%2FXl65c5gY4QoBWjEhQQ3%2Fi1wK3hKL%2FAnmBYaK0i%2FT3%2BS7yuyqxH9W2P632A24%2BwM%2BdgPCE%2BiLfBQMf8PaaxAunox0h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbed639c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 dr-dtime.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 11 KB
5 KB 95ms
65ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/dr-dtime.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e9ea4a7e95033f8b55ce6f42329f0015c3907a4102d33c601ac4ca07c136cc8

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5517
etag: W/"6335ad9c-2b75"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wl%2BHnF60Rok%2F%2B1pJKC4Hu8IFoVzAT14TYBg4NimlRjcazq9ibpQjvgqct9PRkczujqGkBG4ZDdh3zRYEVvxESeNWQuNFN97f1WYR5uSJfX2IdaKz3AJacW6WHBPUW%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbed839c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 order_me.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 278 B
623 B 104ms
74ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/order_me.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f8997410c905d850137f82c7d79c53f641aa3b2b7b2f1bca45fd5ae14dcf8b

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5518
etag: W/"6335adb2-116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UgVNSBvhdxN7OFyqRVNJWF0cIE%2FP02yO31K8U5dXJm9Y4vq26kxFoSiEL%2F6W%2FQB3pm%2B0R%2BnUZNO%2F7jIp55eGYEtl1VKKoNv%2F5LWnLmHa4OPrnn7Mg9mVhN0WYJQJPaZv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbeda39c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 order_me.css
ubankroll.com/landings2023/en/goldenclub/files/ 4 KB
2 KB 104ms
74ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/order_me.css
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a44b93c05add6a06589460971a8236fc9522511bd2bf5cf8a046cb1cf631c0

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5518
etag: W/"6335adb2-1141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVFmmrcEfoB16Iy%2FB65exIbblZx7nL5mlLu7zvMm29dadL86DtNiWSR3jXRurif8Z03GyUCOXJikxv7LVy1qTBqGOHGHmol31GWJqVHJCxsGiLAlh8%2FCaBxiTNL9CS2%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a0be45bbedc39c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 validation.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 33 KB
10 KB 104ms
75ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/validation.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c356d4c2959b67ea64776caade0af584d1b65a1fbb1dc8d11420a5716aca631d

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5517
etag: W/"6335adb4-8332"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02XqvpiLquPPjjs7kzBpxMkelHlYAR4RvIRHLMCyKJHhygrEgxJfMSLHWba2SK6I4p0%2FYK1HVeooVSHMRSQg%2Fk%2BCQd7MRN%2BhOeDI4X%2BeyB0Z7E%2FQlX3IJTsux27ts7Hc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbedf39c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 video_avid.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 261 B
617 B 107ms
77ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/video_avid.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 613551cfa3b54cbad274e5013cb1919019103daeab9870dad05631c85bc75933

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5517
etag: W/"6335adb4-105"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aikJaXrM80jfRG5Var5I%2Ft265YOA0Us2w9dDJA4CfNMjvLn0P3haKm%2Bx53aXmJBaQQjTb7GSTZXjHRb3tV%2FNV13W0r2zWSuNmrLzv7JRu9oQFySIqHciadObBR%2BwbKZi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbee039c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
api-maps.yandex.ru/2.0-stable/ 71 KB
21 KB 520ms
91ms Script
text/javascript 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.0-stable/?load=package.standard&lang=en-US

Requested by

Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

front-jsapi.slb.maps.yandex.net

Software

Resource Hash

0e931e7bdb92bc40e05922a719bf5dfd918c87feb9270dc8c568d55bef3484f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: 0
date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-lighttpd-locale: en_US
etag: W/"11dc4-GvAfcsvaFRXKdEr8U+E1DbCZc24"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-req-id: 1720565626613085-8258580090213493349-r5ongbnq2acilx4m-BAL
x-xss-protection: 1; mode=block
x-start-time: 1720565626613085

GET
H3 200 returnDate.pt.js.download Show response
ubankroll.com/landings2023/en/goldenclub/js/ 1 KB
2 KB 377ms
347ms Script
application/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/js/returnDate.pt.js.download
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52a1ce93f7850fbdba61a19cdbd8c17405017ff36cc0d6a345ec85293a891afd

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Sep 2022 14:37:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6335adbb-500"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEKEv6q7TS2iuPbWQloTsklIKhLgZM3NlpyAPm9p5ErvuvNJm%2BPjLH8HOMLfSuwshcEd8Q5aFZn5VpkTyqVpgk5tMrfRN78V4jm4uTERhFlowKnMuNF0afeMY%2Fpi6lUj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8a0be45bbee239c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1280

GET
H3 200 sweetalert.css
ubankroll.com/landings2023/en/goldenclub/files/ 20 KB
4 KB 107ms
77ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/sweetalert.css
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4719d732cfa86d86903df60eb6ca13d17bdfa235c6d2f5f681302e2aa7d8ba77

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1314
etag: W/"6335adb3-50ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUnmWlyPg9h251ixYS0Y0G%2B%2FMA8H9q9lnAuMwJLavZJZWi4dNM65PI0%2BsHG9VZp1IU52vWkfa4sm6a2xtuL9zU%2BKjxPAN4ik6leU6h7UVmOGP2p7KO9IbZIkPNymGUIQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a0be45bbee439c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style_1.css
ubankroll.com/landings2023/en/goldenclub/files/ 104 KB
10 KB 107ms
77ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/style_1.css
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de5eefae0f01e92febc14a23d5252765731aacbdb4569b68191b4eee56620c5

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5518
etag: W/"6335adb3-19e10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNRTRn5rzIZVycZ91p5WL%2ByvwLUg1sBMujZO2g30znhiYpZvmtcdOEuxWuxqcnPhSbIjBuzEZ1hSH0RZ0aQfeXMed2y23kMnHbb25YcQZ0mVbB6oO04b5ASbhW5tvTjR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a0be45bbee639c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 e.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 64 B
529 B 107ms
77ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/e.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c4d7bad84e1c641d50c480ca3bafb19f5948fcec8051c0d038825716f0d14bc

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5517
etag: W/"6335adb1-40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DIAlggtwnkPsLA%2BtXqoIBKx6c8BQKRTIzf8jnyjTUxB%2Fn13F4N9eiuoKfDRXSFBhxLHgDA09JnjXRnt%2Fo6QhM5ELAvT%2FeXwE9aoTVLUtWaosMA0pHp66JT%2BLCXUaHxV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45bbee839c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 reward_1.png
ubankroll.com/landings2023/en/goldenclub/files/ 8 KB
8 KB 31ms
30ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/reward_1.png
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9ada41d72373538c475564b36df542658fc13c11e860362412443282f60fe2

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2571
etag: "6335adb3-1e47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BKHQV0uCEGKe8850rveR1xQ7e86PAJi7G2SHJPpKJ0ekByC%2Fxe0uE5neeIuLAe9h1sR%2BkENnE%2FHrbhBHs%2Bgi7G7gJr84nLHi8GK9an48dOBt%2Fw2dwLQbzzRahmMaz9z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45c0f1939c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7751

GET
H3 200 11.png
ubankroll.com/landings2023/en/goldenclub/files/ 7 KB
7 KB 31ms
31ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/11.png
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8e1b84a162585302fc9bcfd98966359f204f5fbece78a52335ab66cb389d95

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5727
etag: "6335ad9a-1a6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQYALWj1thI6R%2BE3yqzGESwdFl60Mp6TjjseymmIkTNp6xciHHOKpWWY4nHSKFAyJwOXs%2BD44q2yMri5j2%2FVsAZDbN%2BxS8OxTmjwP3aB9yvTGiqz56mZ7WeYk5Nk0Ss9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45c0f1a39c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6766

GET
H3 200 22.png
ubankroll.com/landings2023/en/goldenclub/files/ 50 KB
50 KB 24ms
23ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/22.png
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef4c23642a043a5793c62d985be9b8a69cb27f15fd71430a71539fc4dabc7de

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335ad9a-c66c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBIIvN%2BfiExCWuGubXfI%2FOpvKQAT6XO53IQLOq2q1lqloAULI7lL4SXb9ggD5keiwuO9rLCGtkTvN33jdcji%2FdCWEtYh4GmDE%2Bqxrw0JAYpoRi6fJEQqnZuc5wSY5K9Z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45c3f5239c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 50796

GET
H3 200 33.png
ubankroll.com/landings2023/en/goldenclub/files/ 3 KB
3 KB 25ms
24ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/33.png
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95386ce5d1e26b8dc460eef8439e3473c65ae590c6d9bf98b1a7b3591b47724c

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335ad9b-ac8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I89iIyowoXLcwtR3IaQVhQ5h%2FIQF4pLsLnloVQ%2ByHC4gynvcMh4oHqwgvSvCV0GAhAtftMfe%2F4%2BEQJP89Su3mNOBimFVgFjMbBo40oqduFE8JP8Q75CE8XdKRnZMETGs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45c3f5639c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2760

GET
H3 200 44.png
ubankroll.com/landings2023/en/goldenclub/files/ 80 KB
80 KB 31ms
30ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/44.png
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df517f30f672f63811849a128ccf48fbf3b6ea4079b5ee5f8548523dbadd377

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4284
etag: "6335ad9b-13f91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xwZS4Y%2BPg4wAzig2mrO0MD0Ydahdk%2BQn57teG%2FGfvoHY%2F%2B7ipx6Cul59%2BYrHaDUAvWxAsHF8VhA8NEeCaU6Vq38g0qS43w5xefytKqg9X6FouHoxm4eyJKi6hvt31Jz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45c7f8439c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 81809

GET
H3 200 img1.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 2 KB
2 KB 28ms
28ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img1.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a38826964bc3cab6c150187737002c19f10ed32e49de456610efa46d0f4d505

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb6-68c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnB44yJDcdARUE47WnIAXNjSwT%2FBHSKmyNAXj6ns2lObfLVAXVdk5K%2Foz1Dm8zl%2FceUM5Iv6td2qL68UKIg7PBgd3PIVbiuGFJF1or6UXPLOSNGCPydp7WAOfkW122HI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f099a39c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1676

GET
H3 200 img2.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 1 KB
2 KB 26ms
25ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img2.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb7-511"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FwCPM8ehF%2BMi7PAXLp1iZD%2FQLhf0KywtI1M%2B7us7cDRKgbs4gIUO57wFwGBqOKzvYR%2FztAkU18A4gFXA%2Bjpxh6TAeFS4mUl4ikWtqecEkj%2BJNjA%2BOnGC1n4BHky701Nn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f19a639c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1297

GET
H3 200 img3.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 1 KB
2 KB 28ms
26ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img3.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a926b8594e8b7764c73abaad56fddcca385882391b8c07300c11abfadfe72f

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb7-58a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4rrBk536PUaclvLalfKyT%2BRGEC1JiTSWofTg6j%2F6foeOs4QXC7hNPZf%2F5VhZzOIrTgN6LZ2YuI%2Ffy6N8M1iDI%2FnnZVGffcJQGwx%2BBplcEeZ7ngffZw37kCsinBIyzaB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39d739c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1418

GET
H3 200 img4.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 2 KB
2 KB 28ms
25ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img4.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1b498dfa96a398310bb0a0d677b1f4f22738bd4704669ba9fc0e350fd912b1

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4284
etag: "6335adb8-74e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpKGJAiljAzIiU48kkvAt94O1nU009C2Ht%2Bx8UO29bH4vrClLWAxRXh1G3KF0MJiXn0nXj7zsVsLFDY0B5DDZEZCfRB%2FTTrht8d%2Bc7JgOsDeFYf9DEDDB2xaLA%2FySCN9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39dd39c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1870

GET
H3 200 img5.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 2 KB
2 KB 29ms
27ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img5.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb8-7f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQvHDQEfPHTZuh6TfxjA283ibi66BO98BZJ0KweYZWSkbOnblwKIj3V9BaDIY9FTVZwIPwvyzrzKqfUKzl%2Bs6rCnIaQYOrpL6lzVkmW1pDJBzmXjeM1ixyBljTeMfrpi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39de39c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2037

GET
H3 200 img6.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 2 KB
3 KB 33ms
30ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img6.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb8-85f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6ImmlQLrHd%2B2%2Bw8QP6ULMeJfnNUvwiUeea3IPOzZwIjwyglsqIrUigeg3xe5%2B0XAJKDoGFfsznDpncClVcklMeYlkvbS9oAtgwLEWKn7e1POZMzNl1pBGhiksTHBeqb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39df39c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2143

GET
H3 200 img7.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 2 KB
3 KB 29ms
27ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img7.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb8-8d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMm1DVC4FOGd9EEXGcHbSrjnd1hhFN9wq5c%2FYeWoLVJyQsYWABstVdKo7BCgmC2u%2Fpjpqq8qxC6Ux9NYaU6RbQqlX7LVNPm%2FRGYSwvYck3bFt86yT%2FcYLHGFmFw5tITm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39e039c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2264

GET
H3 200 img8.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 2 KB
2 KB 29ms
27ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img8.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb9-648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHhqKv8abxFvpnmJHweOnBG5pjclp6iQRpygXHtyXylVy2Hp7B%2BsKzWB4QqBSgGBtVaG8xYpFGhACzz9qJRzaHFHy6akQwbtCqBhHDVmgUoBOjCwhM4Pyx0V7x5O7qKf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39e339c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1608

GET
H3 200 img9.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 1 KB
2 KB 30ms
28ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img9.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0c41ae4d2863b654e07cbdd30c89b7baec5edbac2094f84f798fba03d36b682

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb9-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJ7JgygP9J4aACXT%2F7c1ptGBy7kaSWklPyZX0v0njux4YxXWbU9RQipGX6V6QnSiwySy4n5UO5Vz4Yqr0%2BwnozkHg5yj54374oFfQiXIzR8FfDSRoDg23Waw2fDmFpue"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39e439c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1300

GET
H3 200 img10.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 1 KB
2 KB 28ms
27ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img10.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76c7f4319527ed36e818f914a7af159946b3c7c4a94659bcb51e36fcac0835a0

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb7-4ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJtJUpPP8BDQ3xUn%2BIhLUf2ZYJD81utrKpaR64Ae982lIKrq3%2FDLw0ZPsmBCkUQ%2BU9ICa9X776CUfcvPgzUNKsvJ2yEFd63AKU%2B6KzQzcXyR5MUBxITIeYCjXr3dJftm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39e539c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1230

GET
H3 200 img11.jpg
ubankroll.com/landings2023/en/goldenclub/img/ 1 KB
2 KB 30ms
29ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/img11.jpg
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df466b52a1935fc15c41dba604bcd1371ddc44a6baea9f93727c601bb966bddd

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2194
etag: "6335adb7-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XViJh0nTsgdlegpW%2F1RZd%2Fg0G5NoRi2%2FazlEG%2BnVAOuxWFAQa0S%2BJmus%2FpoZFFe5mVTriLZDk583Mr1H0Gp1x8ibNEJzKACIN5PcBc50d0jguXUa2hPc0WsePvm%2FxcF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be45f39e639c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1369

GET
H3 200 comment.js.download Show response
ubankroll.com/landings2023/en/goldenclub/js/ 3 KB
3 KB 340ms
340ms Script
application/octet-stream 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/js/comment.js.download
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72e3b6817e1fafd50792b2c33bc4416683a391aa1837bee1f43fdbc210c99ccc

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 29 Sep 2022 14:37:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6335adbb-b15"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaBCwARKU27WKXb4Bf1Aha0TEMeu5EUZnXITnu3py8WfkfPdvocqhTqQDnGl9kv1Z5pBg9r315AFHl282qnVnb17DZlt0ySdgxuHmkAG3nr62nkMR%2BT9aj7m8aBJLgrI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8a0be45c7f8739c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2837

GET
H3 200 scripts.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 2 KB
1010 B 23ms
23ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/scripts.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4e61e194bfe5687155f9eda6c5e0e237ab3820113cc400042448170d655b2e

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7055
etag: W/"6335adb3-8eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkgI0r2FI7XyP0dJWpn30vmYbbs38cF60kh%2Bwjq0Ckzt1AracoYMNkBufTz52nhhxBtLhJCNvj6lbWIKXa%2FpIVLqw6ltyhgQbZZAxVJCARvAI%2BSxr%2F17hj%2BbBHcbkcuP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45cbfdb39c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js.js Show response
ubankroll.com/landings2023/en/goldenclub/files/ 2 KB
1 KB 24ms
24ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/js.js
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b02209e9e655087a891138077a2cd5fd5e914caff6e4cf99cb4de4f2cb024a44

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1846
etag: W/"6335adb1-651"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjTqvYtMQDbyFCHcOO4xC3Yx1ayJSDwj4RpJY%2FkWweUbfWx2%2B6WTk%2Bwds1w%2BUL3KuSSLMkqeZiMICxyAfSzuOkndlrIXwDuz4mlxtWdVqKlfmw4ABryM%2F84di5omzOvr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8a0be45cdffa39c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 428ms
46ms Stylesheet
text/css 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700&subset=latin,cyrillic-ext

Requested by

Host: ubankroll.com
URL: https://ubankroll.com/landings2023/en/goldenclub/files/order_me.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ubankroll.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jul 2024 22:53:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jul 2024 22:53:46 GMT

GET
H2 200 combine Show response
api-maps.yandex.ru/2.0/ 859 KB
263 KB 70ms
69ms Script
text/javascript 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.0/combine?modules=3O3E8V04060q0807091c1d010j0*0-0d0.0g0!0s0)0Q1f1a1g5X0J5Y2F3Y3I3,3B3D3$355r5s5W0a504T136u3-1u1-193S3T3V3U3R3P5t5u7H45414247494X4)4(4!4.4_4*4-7$815g5i5l5m8*8E896y6g4q3(8R8P8M8N8O8X8W8Y1(1!6h565V5S7f7k7i7e1k1i0G0F$S5d5a5f6r6s6t1.6m1H4t4z4Q4Z4j4J$f$c$W$j-m$e$1$9$_$*-R-H-L-M-P-S-O005-050,$2$,0Z$a031b0(0_5x0u0b$--d0e576x0f0Y0X$Q7c4M0r2E3N527l-Y5$1*-F-D-E-06c-V1j2M2v2x2y2D323M3_6N3F7g39$M$G$37F54$q6L0W6d6w6M4S$b0K176v1r333Z0L0N0I5o$k1t1w5p7G4V51465e43-i44$7$i2N2O2L$m4U402c4$2K2H-p83847-825k5h-n-f5n8(8F8$6W6V6X6S3J1v757I7R5I5F585_5,6l6a556k5T6f6p5U6i$l9J-l-U-t5R7h1h$F$O5c5b0S0T7_0c$81_6o0O1A$B141K$u-G-N-I$g02$)$J$Z0$5y-b-k6P6_6Q6.0p1s88$o$n1q2w2l2A2r2B1Z-T6759-s$Y4o8U6b$t2p6Y6A666D6C6B$N0P2G2C$X4a0M0R0H$4482e2f$r1Q2n1J2i787776747973878!8G6R6I6H6K6F1B6n1M1S105K5Q5z5)5q$s69$D$R6*0t0h0l1y1D-w-K7d8-$H-h-g6O7b$y6)$d2g2a2o2t4x-21m4s808T6Z2b1z2m2s1)2I2k$06e4Y0U2u!n!m!o!l72856z$K$L!3!2!4!5!68v8w8l8n8m8o8i8A8C8B8D8x6T6E$T$5121T114,68-o$!0k-u-r53-W!Y4I$A$x8S6q6$2h1,2d!G$I.5.y_N_K_R_a_e-Z_f_b_d.6!P!O8u8k!T!U!V!S!W!p!r8y*g*f!F4W1F1Y1R1G1E5($z0n-v-3!X-5.4.K.M.v.F.D.U.0.B_V_P_T_M_w-J-z_i_n.t.l.r!N!I!L.O8p8t_u!d_g$C$V0i7m.h.f.e.H.R.d_F_y_I_B_D.a!k!h!f_p!c-q5.3)36303K3q6U&jsonp_prefix=ymaps

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.0-stable/?load=package.standard&lang=en-US

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

front-jsapi.slb.maps.yandex.net

Software

Resource Hash

85c2995f789497d5474f7e8e1dac95ddb6010e9b3c8ec8e80bda5c82bd333ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"d6dec-hBu4GV0+99qS3+hJJ+gXflUem1M"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-req-id: 1720565626776841-17412033200624472326-r5ongbnq2acilx4m-BAL
x-xss-protection: 1; mode=block
x-start-time: 1720565626776841

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
69 KB 564ms
68ms Script
application/javascript 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 07:33:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6684fede-112d7"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70359
expires: Tue, 09 Jul 2024 23:53:48 GMT

GET
H3 206 warning.mp3
ubankroll.com/landings2023/en/goldenclub/files/ 36 KB
36 KB 22ms
22ms Media
audio/mpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ubankroll.com/landings2023/en/goldenclub/files/warning.mp3
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c820917b430fc56fa585cb77622ca99016073bd0a4ce668684d57ed406f2075

Request headers

Referer: https://remacolodra.click/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2165
etag: "6335adb4-8e0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQzFSJ98y0wuC4MMvYGxTMIFUrJrGS5KSfSWrTPGql71LYjYp2nhMgkeQx%2BvfpW21EyGvTQ69xezyXDHLxc9Yek0Zk9O%2B4nJggWtixXgX3uiVnREEsY8TtYDMpDTb1OQ"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-36361/36362
cache-control: max-age=14400
cf-ray: 8a0be467487b39c4-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 36362

GET
H3 200 facebook-icons.png
ubankroll.com/landings2023/en/goldenclub/img/ 6 KB
7 KB 22ms
22ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/facebook-icons.png
Requested by: Host: ubankroll.com
URL: https://ubankroll.com/landings2023/en/goldenclub/files/style_1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a45444d13f9440735c76aa99f3771011687418ce6f69fc6ef5e7104a1ef6fa7

Request headers

Referer: https://ubankroll.com/landings2023/en/goldenclub/files/style_1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4286
etag: "6335adb6-18a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzdoK%2B%2FYbV%2FaozHFIzQTWfogj964LvTuCoTZ2VFqPGNaoQLVvEgsWkwaXo2bnryzExzgYJImp2gWdDIUQp5grh8Q6pHYp%2BUVNa63X39eFfNX6AOMKr8SW%2BHQ4dRDvZzk"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be467488439c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6306

GET
H3 200 facebook-icons2.png
ubankroll.com/landings2023/en/goldenclub/img/ 6 KB
6 KB 27ms
26ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubankroll.com/landings2023/en/goldenclub/img/facebook-icons2.png
Requested by: Host: ubankroll.com
URL: https://ubankroll.com/landings2023/en/goldenclub/files/style_1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa8d9bbd0afe26b0ed378e4fcb204738d96085699eae4baa7058109f4fe5e2c

Request headers

Referer: https://ubankroll.com/landings2023/en/goldenclub/files/style_1.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Sep 2022 14:37:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1314
etag: "6335adb6-169a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2tOpWzJ2ZrDfDIisZFbsRu1IsHkT2e%2BBcWvqB%2F9c8nR7wV7YVKQ6xYJ3hcKOHHhATcQpncWKJfo3QTuBnHlHKaEFsHkJ%2FrBP3ybYHMd%2BtPE%2BCq3XwWqQ5nleI%2FDtAuD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a0be467488539c4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5786

GET
H2 200 ef50ac9e93aaebe3299791c79f277f8e.cur
api-maps.yandex.ru/2.0/images/ 326 B
529 B 63ms
61ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.0/images/ef50ac9e93aaebe3299791c79f277f8e.cur
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
last-modified: Thu, 27 Jun 2024 09:09:19 GMT
etag: "667d2c3f-146"
content-type: application/octet-stream
x-req-id: 1720565628161705-5238133363131590935-r5ongbnq2acilx4m-BAL
accept-ranges: bytes
content-length: 326
x-start-time: 1720565628161705

GET
H2 200 3ce22e999d54bb9ca8150a59207f9d3e.cur
api-maps.yandex.ru/2.0/images/ 326 B
528 B 65ms
64ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.0/images/3ce22e999d54bb9ca8150a59207f9d3e.cur
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
last-modified: Thu, 27 Jun 2024 09:09:19 GMT
etag: "667d2c3f-146"
content-type: application/octet-stream
x-req-id: 1720565628161914-13712337155116423419-r5ongbnq2acilx4m-BAL
accept-ranges: bytes
content-length: 326
x-start-time: 1720565628161914

GET
H2 200 4965b66fe115b2f2ed500ece66514d86.cur
api-maps.yandex.ru/2.0/images/ 326 B
528 B 63ms
62ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.0/images/4965b66fe115b2f2ed500ece66514d86.cur
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
last-modified: Thu, 27 Jun 2024 09:09:19 GMT
etag: "667d2c3f-146"
content-type: application/octet-stream
x-req-id: 1720565628162069-3692626512853534007-r5ongbnq2acilx4m-BAL
accept-ranges: bytes
content-length: 326
x-start-time: 1720565628162069

GET
H2 200 77492cf358d8b12629399322926c93f2.cur
api-maps.yandex.ru/2.0/images/ 326 B
633 B 56ms
54ms Image
application/octet-stream 87.250.251.134
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.0/images/77492cf358d8b12629399322926c93f2.cur
Requested by: Host: remacolodra.click
URL: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.250.251.134 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: front-jsapi.slb.maps.yandex.net
Software: /
Resource Hash: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
last-modified: Thu, 27 Jun 2024 09:09:19 GMT
etag: "667d2c3f-146"
content-type: application/octet-stream
x-req-id: 1720565628162193-8838745844520165650-r5ongbnq2acilx4m-BAL
accept-ranges: bytes
content-length: 326
x-start-time: 1720565628162193

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10425.zlDP96SL_AmoxnGBCgn69GcvaPhtK2feTrTzZPXUqBQIqut4PdREE3TGhsUEMkh7.xgObXLXXnBEL8F1cT986c0ObuSI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10425.PbPHGekyyUwHZaG6G55WP2_4dfEPjQZx3ak_I2iwNP__lMNoD1QU81WKLKj9SFxRzJJHyl22rSap80zGIs0onnw8bh7wgVA-kstDPWfAXo6qbz-gXp7dFmb0hnJ_A5zxCbSbuFTb0B...

43 B
674 B

57ms
57ms

Image
image/gif

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10425.PbPHGekyyUwHZaG6G55WP2_4dfEPjQZx3ak_I2iwNP__lMNoD1QU81WKLKj9SFxRzJJHyl22rSap80zGIs0onnw8bh7wgVA-kstDPWfAXo6qbz-gXp7dFmb0hnJ_A5zxCbSbuFTb0Buzo8AhSyt6Jd98nUZSJwg3tUrx_vrTUSnKNyg8n0BqyRRAFHUlL_ir6RLvugwWA_KINkxAyhy1BjSSoeoFcmtUwHozrGokpqY%2C.iy4an9XMtn8OyIj74NmWhBl93Dw%2C

Requested by

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10425.PbPHGekyyUwHZaG6G55WP2_4dfEPjQZx3ak_I2iwNP__lMNoD1QU81WKLKj9SFxRzJJHyl22rSap80zGIs0onnw8bh7wgVA-kstDPWfAXo6qbz-gXp7dFmb0hnJ_A5zxCbSbuFTb0Buzo8AhSyt6Jd98nUZSJwg3tUrx_vrTUSnKNyg8n0BqyRRAFHUlL_ir6RLvugwWA_KINkxAyhy1BjSSoeoFcmtUwHozrGokpqY%2C.iy4an9XMtn8OyIj74NmWhBl93Dw%2C
date: Tue, 09 Jul 2024 22:53:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
572 B 62ms
62ms Image
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:53:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 07:33:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6684fede-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 09 Jul 2024 23:53:48 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/53079421/
Redirect Chain

https://mc.yandex.com/watch/53079421?wmode=7&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26sou...
https://mc.yandex.com/watch/53079421/1?wmode=7&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26s...

459 B
551 B

59ms
57ms

Fetch
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53079421/1?wmode=7&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A447308985984%3Ahid%3A962510739%3Az%3A120%3Ai%3A20240710005348%3Aet%3A1720565629%3Ac%3A1%3Arn%3A318768758%3Arqn%3A1%3Au%3A1720565629898265785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2726%3Awv%3A2%3Ads%3A0%2C31%2C195%2C2%2C374%2C0%2C%2C1903%2C38%2C%2C%2C%2C2636%3Aco%3A0%3Acpf%3A1%3Ans%3A1720565625402%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720565629%3At%3ACongratulations%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

a59b648c94f6e7d3773b86d17fbce59c19090b992f3592fdeb94dd076c8acd41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:53:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 09-Jul-2024 22:53:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://remacolodra.click
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 459
x-xss-protection: 1; mode=block
expires: Tue, 09-Jul-2024 22:53:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:53:48 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jul-2024 22:53:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53079421/1?wmode=7&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A447308985984%3Ahid%3A962510739%3Az%3A120%3Ai%3A20240710005348%3Aet%3A1720565629%3Ac%3A1%3Arn%3A318768758%3Arqn%3A1%3Au%3A1720565629898265785%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2726%3Awv%3A2%3Ads%3A0%2C31%2C195%2C2%2C374%2C0%2C%2C1903%2C38%2C%2C%2C%2C2636%3Aco%3A0%3Acpf%3A1%3Ans%3A1720565625402%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720565629%3At%3ACongratulations%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin: https://remacolodra.click
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 09-Jul-2024 22:53:48 GMT

GET
H/1.1 404
Not Found favicon.ico
remacolodra.click/ 548 B
696 B 13ms
13ms Other
text/html 159.223.7.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://remacolodra.click/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.223.7.218 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer: https://remacolodra.click/WNbBFLtZ?external_id=455sbrr4WsmK3B3yFkJEMA&ad_campaign_id=758d4fa0-653a-4e24-aa50-cdb876bf7562&source=&external_id=455sbrr4WsmK3B3yFkJEMA
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Tue, 09 Jul 2024 22:53:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 4044 0
0 456ms
52ms Document
text/html 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://remacolodra.click/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1048
content-type: text/html
date: Tue, 09 Jul 2024 22:53:49 GMT
etag: "6684fede-418"
expires: Tue, 09 Jul 2024 23:53:49 GMT
last-modified: Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

POST 53079421
mc.yandex.com/webvisor/ 0
0

POST
H2 200 53079421 Show response
mc.yandex.com/webvisor/ 43 B
73 B 111ms
66ms XHR
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/53079421?wv-part=1&wv-type=7&wmode=0&wv-hit=962510739&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&rn=782363143&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1720565632%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240710005351%3Au%3A1720565629898265785%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720565632&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:53:51 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jul-2024 22:53:51 GMT
content-type: image/gif
access-control-allow-origin: https://remacolodra.click
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 09-Jul-2024 22:53:51 GMT

POST
H2 200 53079421
mc.yandex.com/webvisor/ 43 B
0 60ms
58ms Fetch
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/53079421?wv-part=1&wv-type=7&wmode=0&wv-hit=962510739&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&rn=371895818&browser-info=we%3A1%3Aet%3A1720565632%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240710005351%3Au%3A1720565629898265785%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720565632&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://remacolodra.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jul 2024 22:53:52 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jul-2024 22:53:52 GMT
content-type: image/gif
access-control-allow-origin: https://remacolodra.click
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 09-Jul-2024 22:53:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/webvisor/53079421?wv-part=1&wv-type=7&wmode=0&wv-hit=962510739&page-url=https%3A%2F%2Fremacolodra.click%2FWNbBFLtZ%3Fexternal_id%3D455sbrr4WsmK3B3yFkJEMA%26ad_campaign_id%3D758d4fa0-653a-4e24-aa50-cdb876bf7562%26source%3D%26external_id%3D455sbrr4WsmK3B3yFkJEMA&rn=782363143&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1720565632%3Aw%3A1600x1200%3Av%3A1382%3Az%3A120%3Ai%3A20240710005351%3Au%3A1720565629898265785%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Ast%3A1720565632&t=gdpr(14)ti(1)

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.mediafortunes.xyz/	1970-01-21 06:41:41	Name: bemob-viewer-id Value: dcf38136-a643-410a-82c6-31f4889b00eb
.www.mediafortunes.xyz/	1970-01-20 21:57:32	Name: bemob-uniq-visit:758d4fa0-653a-4e24-aa50-cdb876bf7562 Value: 1
.www.mediafortunes.xyz/	1970-01-20 21:57:32	Name: bemob-rotation:758d4fa0-653a-4e24-aa50-cdb876bf7562:random:adb73936b4b807677eab174c79491ce4 Value: 0-0-0
.www.mediafortunes.xyz/	1970-01-20 22:39:17	Name: bemob-click-id Value: 455sbrr4WsmK3B3yFkJEMA
remacolodra.click/	1970-01-20 22:40:44	Name: _subid Value: 38qpn361nb9cu
remacolodra.click/	1970-01-21 07:32:05	Name: f014c Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM1NVwiOjE3MjA1NjU2MjV9LFwiY2FtcGFpZ25zXCI6e1wiMTNcIjoxNzIwNTY1NjI1fSxcInRpbWVcIjoxNzIwNTY1NjI1fSJ9.F512thbCrMAiT2M2SPIGPDcH7IfAcYRdBPL2WyQEtsM
remacolodra.click/	1970-01-20 22:40:44	Name: _token Value: uuid_38qpn361nb9cu_38qpn361nb9cu668dbf79e9d7a9.90236442
remacolodra.click/	1970-01-20 21:57:32	Name: randDate Value: 1718060026293
.yandex.ru/	1970-01-21 07:32:05	Name: i Value: R9GCAPt8UsocrsUFDtAs/gbSu3T3ALzlnqV/YPxEWNMmeWmxxqg1vZzp8+rnU5zDfqSIAgGaBmvWSGxxwvE0lg80JZQ=
.yandex.ru/	1970-01-21 07:32:05	Name: yandexuid Value: 6365126501720565626
.yandex.ru/	1970-01-21 06:41:41	Name: yashr Value: 9037216121720565628
.remacolodra.click/	1970-01-21 06:41:41	Name: _ym_uid Value: 1720565629898265785
.remacolodra.click/	1970-01-21 06:41:41	Name: _ym_d Value: 1720565629
.mc.yandex.com/	1970-01-20 21:56:06	Name: sync_cookie_csrf Value: 3449816384fake
.yandex.com/	1970-01-21 06:41:41	Name: yashr Value: 9999027201720565628
.remacolodra.click/	1970-01-20 21:57:17	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 21:56:06	Name: sync_cookie_csrf Value: 2009580008fake
.yandex.com/	1970-01-21 06:41:41	Name: yandexuid Value: 6365126501720565626
.yandex.com/	1970-01-21 06:41:41	Name: yuidss Value: 6365126501720565626
.yandex.com/	1970-01-21 07:32:05	Name: i Value: R9GCAPt8UsocrsUFDtAs/gbSu3T3ALzlnqV/YPxEWNMmeWmxxqg1vZzp8+rnU5zDfqSIAgGaBmvWSGxxwvE0lg80JZQ=
.yandex.com/	1970-01-21 07:32:05	Name: yp Value: 1720652028.yu.8857291991720565628
.mc.yandex.com/	1970-01-20 21:57:32	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1031569081720565628
.yandex.com/	1970-01-21 06:41:41	Name: ymex Value: 1723157628.oyu.8857291991720565628#1752101628.yrts.1720565628
.yandex.com/	1970-01-21 06:41:41	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 06:41:41	Name: bh Value: KgI/MA==
.remacolodra.click/	1970-01-20 21:56:07	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://remacolodra.click/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-maps.yandex.ru
fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
remacolodra.click
ubankroll.com
www.mediafortunes.xyz
mc.yandex.com
159.223.7.218
172.217.16.202
188.114.97.3
3.70.16.242
87.250.250.119
87.250.251.134
93.158.134.119
0a45444d13f9440735c76aa99f3771011687418ce6f69fc6ef5e7104a1ef6fa7
0e931e7bdb92bc40e05922a719bf5dfd918c87feb9270dc8c568d55bef3484f2
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
1a38826964bc3cab6c150187737002c19f10ed32e49de456610efa46d0f4d505
1ef4c23642a043a5793c62d985be9b8a69cb27f15fd71430a71539fc4dabc7de
2b8e1b84a162585302fc9bcfd98966359f204f5fbece78a52335ab66cb389d95
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
3c1b498dfa96a398310bb0a0d677b1f4f22738bd4704669ba9fc0e350fd912b1
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
4719d732cfa86d86903df60eb6ca13d17bdfa235c6d2f5f681302e2aa7d8ba77
4de5eefae0f01e92febc14a23d5252765731aacbdb4569b68191b4eee56620c5
4df517f30f672f63811849a128ccf48fbf3b6ea4079b5ee5f8548523dbadd377
52a1ce93f7850fbdba61a19cdbd8c17405017ff36cc0d6a345ec85293a891afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a423b0df260fa67d26563563e00c2000944ac7aafceb7448eb303705168688e
613551cfa3b54cbad274e5013cb1919019103daeab9870dad05631c85bc75933
72e3b6817e1fafd50792b2c33bc4416683a391aa1837bee1f43fdbc210c99ccc
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
76c7f4319527ed36e818f914a7af159946b3c7c4a94659bcb51e36fcac0835a0
7c4d7bad84e1c641d50c480ca3bafb19f5948fcec8051c0d038825716f0d14bc
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
84f8997410c905d850137f82c7d79c53f641aa3b2b7b2f1bca45fd5ae14dcf8b
85c2995f789497d5474f7e8e1dac95ddb6010e9b3c8ec8e80bda5c82bd333ca1
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
94a926b8594e8b7764c73abaad56fddcca385882391b8c07300c11abfadfe72f
95386ce5d1e26b8dc460eef8439e3473c65ae590c6d9bf98b1a7b3591b47724c
9c820917b430fc56fa585cb77622ca99016073bd0a4ce668684d57ed406f2075
9e9ea4a7e95033f8b55ce6f42329f0015c3907a4102d33c601ac4ca07c136cc8
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a59b648c94f6e7d3773b86d17fbce59c19090b992f3592fdeb94dd076c8acd41
a5fcbff5657e0cce0eba695728d67a0a2b52ebd36524597d92cb6a987d68c70a
b02209e9e655087a891138077a2cd5fd5e914caff6e4cf99cb4de4f2cb024a44
b0c41ae4d2863b654e07cbdd30c89b7baec5edbac2094f84f798fba03d36b682
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
bf4e61e194bfe5687155f9eda6c5e0e237ab3820113cc400042448170d655b2e
c2a44b93c05add6a06589460971a8236fc9522511bd2bf5cf8a046cb1cf631c0
c356d4c2959b67ea64776caade0af584d1b65a1fbb1dc8d11420a5716aca631d
cd9ada41d72373538c475564b36df542658fc13c11e860362412443282f60fe2
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
df466b52a1935fc15c41dba604bcd1371ddc44a6baea9f93727c601bb966bddd
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
efa8d9bbd0afe26b0ed378e4fcb204738d96085699eae4baa7058109f4fe5e2c
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

remacolodra.click Open in urlscan Pro 159.223.7.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

94 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

4 Countries

721 kBTransfer

1886 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

remacolodra.click Open in urlscan Pro
159.223.7.218 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

721 kB
Transfer

1886 kB
Size

27
Cookies

51 HTTP transactions
0 data transactions