www.thompsoncigar.com Open in urlscan Pro
2606:4700:4400::6812:2407 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mytelkomsel.com/
Effective URL:
https://www.thompsoncigar.com/gdpr.html?lctid=57027
Submission: On August 08 via manual (August 8th 2022, 4:55:25 pm UTC) from SG — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 13 HTTP transactions. The main IP is 2606:4700:4400::6812:2407, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thompsoncigar.com. The Cisco Umbrella rank of the primary domain is 654969.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 1st 2022. Valid for: a year.

This is the only time www.thompsoncigar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.233 103.224.182.233	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	162.55.54.68 162.55.54.68	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700:303... 2606:4700:3031::6815:dc3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::ac43:8065	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:10:... 2606:4700:10::6816:31a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2606:4700:440... 2606:4700:4400::6812:2407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	7

2 103.224.182.233 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-233.above.com

mytelkomsel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.54.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.54.55.162.clients.your-server.de

spidershopping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:dc3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

buybutwhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:8065 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.smartredirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:31a9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.linkconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::6812:2407 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.thompsoncigar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	thompsoncigar.com 1 redirects www.thompsoncigar.com — Cisco Umbrella Rank: 654969	24 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 158453	8 KB
2	buybutwhere.com 1 redirects buybutwhere.com — Cisco Umbrella Rank: 555927	3 KB
2	spidershopping.com spidershopping.com	1 KB
2	mytelkomsel.com 2 redirects mytelkomsel.com	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1249	5 KB
1	linkconnector.com 1 redirects www.linkconnector.com — Cisco Umbrella Rank: 41326	1 KB
1	smartredirect.de 1 redirects www.smartredirect.de — Cisco Umbrella Rank: 242322	797 B
1	clever-redirect.com clever-redirect.com — Cisco Umbrella Rank: 955687	697 B
13	9

	Domain	Requested by
5	www.thompsoncigar.com	1 redirects buybutwhere.com www.thompsoncigar.com static.cloudflareinsights.com
5	1redirc.com	1 redirects 1redirc.com
2	buybutwhere.com	1 redirects spidershopping.com
2	spidershopping.com	clever-redirect.com
2	mytelkomsel.com	2 redirects
1	static.cloudflareinsights.com	www.thompsoncigar.com
1	www.linkconnector.com	1 redirects
1	www.smartredirect.de	1 redirects
1	clever-redirect.com	1redirc.com
13	9

This site contains no links.

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
spidershopping.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-12`	a year	crt.sh
thompsoncigar.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.thompsoncigar.com/gdpr.html?lctid=57027
Frame ID: 7E2D0F0DB2770591E837C252D45D62BE
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ThompsonCigar.com

Page URL History Show full URLs

http://mytelkomsel.com/ HTTP 302
https://mytelkomsel.com/ HTTP 302
http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3p... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D15286... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb Page URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=thompsoncigar.com&s1=... Page URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dth... Page URL
https://buybutwhere.com/buy/with/o4/in?store=thompsoncigar.com&sid1=760841d69b9298a5e799f69e5eb83691... HTTP 302
https://buybutwhere.com/buy/in?store=thompsoncigar.com Page URL
https://www.smartredirect.de/redir/clickGate.php?u=jMIB0VkB&m=1&p=w5uTlnlezm&t=sLUNGdPJ&s=o462f13ff3e6718... HTTP 302
https://www.linkconnector.com/ta.php?lc=126110079805005955&url=https://www.thompsoncigar.com/&atid=at10665... HTTP 302
https://www.thompsoncigar.com/?lctid=57027 HTTP 302
https://www.thompsoncigar.com/gdpr.html?lctid=57027 Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

13
Requests

69 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

40 kB
Transfer

97 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mytelkomsel.com/ HTTP 302
https://mytelkomsel.com/ HTTP 302
http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D152862001%26sid%3D20220809025513c78da2b1829c2d72fb&s=j&enc=ThkdJd%2BxcL5Tpkjzvutccn49flBEK1VXOGNGQXBoYmJva3QzUFpaRWFnekFXbldUNkN3VjhQRUZadnhGL21VVC9MUXFFeUJHamJkTDRRdWt1dzJSUE5YcnhjUGRWUWUzcUFieXY2T1IzcjF1ZjB6Y0NqdEoxRUdXM2NzWEJmRzhMVEgwUTdmSE1sTXZnbUg4Uk5XcURsZjM2RmlWeW5ESDkreFBpdHNoU2VOT0cvMjI1d09yUUFUdHpkMndMRytpelZUSXJGRkdNU0drekoyUlBzbUJmS1g5RVFQQWdhQUpXTXFUQ0pjU284UzhJQTdNbndTeWh0YXJKOUp0dlovK3hpdG5naUh3a2hVY01yN0p4N1dUTGY3MTJtUTRGQ2tqOEZkWVRrVkc3TUIzNFgxcXJmeGlzUkxOcnpWemRGdlpQMUhjTW8vaUtkRW1maWVYNzdhbHB0R01CZWNKUmZvM2QrVUdTaXB6T0NqU1NDZFczTWVTb2pZbFdYK0t2TXpGaVRZWVIvZU5BOGhCZEY2R2FoRnQ0SU9aaFF0L01GMDlndXd1K0pka3ViNlFCSjIwMmRuYmxVckZrN0pSS2IvVkZqT3AwN2VuMUxIMFIxNm83cDJFTUlibnRuVFJqNWdFWTZRdXFITmpGQzMrYmdoWmpPblRLTWdwMlJnenQrR05GbWV3bHQ3VktKSnhobmI5YUorNlJrYkhYK2Ezb1JBcmJ3cC9sMmdQbFhYdFE2dHEwQVNvMjJyV1VSTUQwVzF4a3ZRS20xVVpLc2pkaHY1b1IrdUZ2ZjU0TjI0MkliU0VvQk5Eb0tndTFSRTJEUENEZFM4SGhqK2U4QWVUNE5EUGZlbi91YllLZzFZbFFUQi8wazhpRFh6cVp3N01ENEhUSEVVMS9paStuc2FJL1FidXdwZzlPRjRPNmJpSnpERi9rZDFmb0FCK2QwMnJrcDVvcStqSUcwbTVDZWhSSjQ3WHF2QW9FTkh2clB6cXk3NUFXOWNLQi9zSUo2c29PZzZrNWkxOUNLaFJTc3o1UDZ4L1hOOWkxTzdMWGl3RXBLdno2em80S28rYkwrcmtJR0ZLNmZNOWpHenNWS2tjWXZwNjhIN2pGRDhWR2w0bHB0dEl2YWRRUVNVWEJNM05aUG5mTWxFZ29jWHZnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb Page URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=thompsoncigar.com&s1=721614&s2=&s3=152862001&s5=cf&it=44&in=1 Page URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dthompsoncigar.com%26sid1%3D760841d69b9298a5e799f69e5eb83691%26nid%3D1&h=44b5ead8742145af3f4f72529fe25cbf Page URL
https://buybutwhere.com/buy/with/o4/in?store=thompsoncigar.com&sid1=760841d69b9298a5e799f69e5eb83691&nid=1 HTTP 302
https://buybutwhere.com/buy/in?store=thompsoncigar.com Page URL
https://www.smartredirect.de/redir/clickGate.php?u=jMIB0VkB&m=1&p=w5uTlnlezm&t=sLUNGdPJ&s=o462f13ff3e6718&url=https%3A%2F%2Fwww.thompsoncigar.com&r=https%3A%2F%2Fbuybutwhere.com%2Fwhere HTTP 302
https://www.linkconnector.com/ta.php?lc=126110079805005955&url=https://www.thompsoncigar.com/&atid=at106659_a112806_m1_p213371_t15572_cDE_so462f13ff3e6718&ntid=at106659 HTTP 302
https://www.thompsoncigar.com/?lctid=57027 HTTP 302
https://www.thompsoncigar.com/gdpr.html?lctid=57027 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mytelkomsel.com/ HTTP 302
https://mytelkomsel.com/ HTTP 302
http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D152862001%26sid%3D20220809025513c78da2b1829c2d72fb&s=j&enc=ThkdJd%2BxcL5Tpkjzvutccn49flBEK1VXOGNGQXBoYmJva3QzUFpaRWFnekFXbldUNkN3VjhQRUZadnhGL21VVC9MUXFFeUJHamJkTDRRdWt1dzJSUE5YcnhjUGRWUWUzcUFieXY2T1IzcjF1ZjB6Y0NqdEoxRUdXM2NzWEJmRzhMVEgwUTdmSE1sTXZnbUg4Uk5XcURsZjM2RmlWeW5ESDkreFBpdHNoU2VOT0cvMjI1d09yUUFUdHpkMndMRytpelZUSXJGRkdNU0drekoyUlBzbUJmS1g5RVFQQWdhQUpXTXFUQ0pjU284UzhJQTdNbndTeWh0YXJKOUp0dlovK3hpdG5naUh3a2hVY01yN0p4N1dUTGY3MTJtUTRGQ2tqOEZkWVRrVkc3TUIzNFgxcXJmeGlzUkxOcnpWemRGdlpQMUhjTW8vaUtkRW1maWVYNzdhbHB0R01CZWNKUmZvM2QrVUdTaXB6T0NqU1NDZFczTWVTb2pZbFdYK0t2TXpGaVRZWVIvZU5BOGhCZEY2R2FoRnQ0SU9aaFF0L01GMDlndXd1K0pka3ViNlFCSjIwMmRuYmxVckZrN0pSS2IvVkZqT3AwN2VuMUxIMFIxNm83cDJFTUlibnRuVFJqNWdFWTZRdXFITmpGQzMrYmdoWmpPblRLTWdwMlJnenQrR05GbWV3bHQ3VktKSnhobmI5YUorNlJrYkhYK2Ezb1JBcmJ3cC9sMmdQbFhYdFE2dHEwQVNvMjJyV1VSTUQwVzF4a3ZRS20xVVpLc2pkaHY1b1IrdUZ2ZjU0TjI0MkliU0VvQk5Eb0tndTFSRTJEUENEZFM4SGhqK2U4QWVUNE5EUGZlbi91YllLZzFZbFFUQi8wazhpRFh6cVp3N01ENEhUSEVVMS9paStuc2FJL1FidXdwZzlPRjRPNmJpSnpERi9rZDFmb0FCK2QwMnJrcDVvcStqSUcwbTVDZWhSSjQ3WHF2QW9FTkh2clB6cXk3NUFXOWNLQi9zSUo2c29PZzZrNWkxOUNLaFJTc3o1UDZ4L1hOOWkxTzdMWGl3RXBLdno2em80S28rYkwrcmtJR0ZLNmZNOWpHenNWS2tjWXZwNjhIN2pGRDhWR2w0bHB0dEl2YWRRUVNVWEJNM05aUG5mTWxFZ29jWHZnPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb

Request Chain 7

https://buybutwhere.com/buy/with/o4/in?store=thompsoncigar.com&sid1=760841d69b9298a5e799f69e5eb83691&nid=1 HTTP 302
https://buybutwhere.com/buy/in?store=thompsoncigar.com

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://mytelkomsel.com/
https://mytelkomsel.com/
http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4S...

4 KB
2 KB

313ms
155ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5d4238d119b045f6aaebfd3dfa8b56411c74ce7691d29d01521b433256f86721

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2035
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Aug 2022 16:55:14 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Aug 2022 16:55:13 GMT
Location: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 306ms
153ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 16:55:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2022 02:14:38 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5e43329b8df80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 308ms
155ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 16:55:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jul 2022 02:14:38 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5e43329b8df80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 317ms
165ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=ThkdJd%2BxcL5Tpkjzvutccn49flBEK1VXOGNGQXBoYmJva3QzUFpaRWFnekFXbldUNkN3VjhQRUZadnhGL21VVC9MUXFFeUJHamJkTDRRdWt1dzJSUE5YcnhjUGRWUWUzcUFieXY2T1IzcjF1ZjB6Y0NqdEoxRUdXM2NzWEJmRzhMVEgwUTdmSE1sTXZnbUg4Uk5XcURsZjM2RmlWeW5ESDkreFBpdHNoU2VOT0cvMjI1d09yUUFUdHpkMndMRytpelZUSXJGRkdNU0drekoyUlBzbUJmS1g5RVFQQWdhQUpXTXFUQ0pjU284UzhJQTdNbndTeWh0YXJKOUp0dlovK3hpdG5naUh3a2hVY01yN0p4N1dUTGY3MTJtUTRGQ2tqOEZkWVRrVkc3TUIzNFgxcXJmeGlzUkxOcnpWemRGdlpQMUhjTW8vaUtkRW1maWVYNzdhbHB0R01CZWNKUmZvM2QrVUdTaXB6T0NqU1NDZFczTWVTb2pZbFdYK0t2TXpGaVRZWVIvZU5BOGhCZEY2R2FoRnQ0SU9aaFF0L01GMDlndXd1K0pka3ViNlFCSjIwMmRuYmxVckZrN0pSS2IvVkZqT3AwN2VuMUxIMFIxNm83cDJFTUlibnRuVFJqNWdFWTZRdXFITmpGQzMrYmdoWmpPblRLTWdwMlJnenQrR05GbWV3bHQ3VktKSnhobmI5YUorNlJrYkhYK2Ezb1JBcmJ3cC9sMmdQbFhYdFE2dHEwQVNvMjJyV1VSTUQwVzF4a3ZRS20xVVpLc2pkaHY1b1IrdUZ2ZjU0TjI0MkliU0VvQk5Eb0tndTFSRTJEUENEZFM4SGhqK2U4QWVUNE5EUGZlbi91YllLZzFZbFFUQi8wazhpRFh6cVp3N01ENEhUSEVVMS9paStuc2FJL1FidXdwZzlPRjRPNmJpSnpERi9rZDFmb0FCK2QwMnJrcDVvcStqSUcwbTVDZWhSSjQ3WHF2QW9FTkh2clB6cXk3NUFXOWNLQi9zSUo2c29PZzZrNWkxOUNLaFJTc3o1UDZ4L1hOOWkxTzdMWGl3RXBLdno2em80S28rYkwrcmtJR0ZLNmZNOWpHenNWS2tjWXZwNjhIN2pGRDhWR2w0bHB0dEl2YWRRUVNVWEJNM05aUG5mTWxFZ29jWHZnPT0%3D&rand=0.8123045389418913
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=00DHLtAonxUSnczLupo9AX49flVGMEFKT3ZlQk5zRXhnWW5pQmhuRlVhMituN2s2S3pDUWVVWEovd1RXY3RSRjV4RjR2cWx1QzVORUdiZVdtUWhMRE5IR1VtcmNVNXd2MHZYZkcxSUR0UDg2K0lSSDRFSGhFZ3BzQWZwS1U4SjFzUWptMkpvNXprUFBpMmlweWxBWFJzSEVoaXZPdmNERFlmMEx2WExjV3NoVExyTGpsamZJb1BFMlA0T21MSGUrY21WMnhQa0E3Nk0zL0p6LyttNitxTHN6VUF3Ky9yNm4yaEc1TDVoNVkyWFR0SG4xTnlKS3daclN3bkJ1M3Z6K0tONGNPbHl3aEpzRkVFTHdIb0pTbEt0NVNuZ3BtcEpjS0o5VS8wcU8zdXVSb0phcjR3NzVNQ1kvejJ1MFlnYU1Ya1NpbUxFaGRheGlCcVlqdUJuWTRTdzVHZURYc0ltRjhUQjRXclBvQURjcWxLUCtrT3gyVUxPWkR0VDVMMTMybG5IRE84SGRzdEoybHVabWVIY3hZaDl3RlUvTnl3N1hqK2FGYlFLdk5jU3pWRnNtVGtsZHhOZkRoOXI0Y2h1VVNwU3lsaDVnOUZib1JmY21jUWRUTksrZFkrNUV2N1ByVGw5S2FZTjVZZUMyUGgxcUZCQThXMExodFgyMUtZREpwZ0xYTFBjV3pOakRHcS9OdzhOM1dZQjk5VXN2YWFzWnJrWTM0UlpsclVGWGRIQ2hSc285TldpQXY5OW9IZS9WNU1OVXhPSld3RGw0ZExOREVLeW5YNXR2Zi90S1JqUzNiRHZHUDVmZGdEblp0cFF0QjVxbThFczVZWVV4WjlqZWpwSklXbVRvTjZoUTlVbENEOWc0UjA0SkZPa3hOVFc5TlRrL0FaNDRtdUhETVU4RUZtcS9pQzZrMGE1UXAxSXlyTjRCRnFpUStFVmJwZ2ErTmlWTlA0TWQvRUtJL1d3Ri83VndJOGgrQ0FTeVgrRTNxVnptR0dQV3RDdnluRHRXUVluMDJyVlRyYVZqc3hkVlNVNW0xNXdFd0NJdTQ1OFdRdm9PbjBiWHc9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 08 Aug 2022 16:55:15 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D152862001%26sid%3D20220809025513c78da2b1829c2d72fb&s=j&enc=ThkdJd%2BxcL5Tpkjzvutccn49flBEK1VXOGNGQXBoYmJva3...
https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb

348 B
697 B

130ms
71ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 348
content-type: text/html; charset=UTF-8
date: Mon, 08 Aug 2022 16:55:15 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 08 Aug 2022 16:55:15 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb
Server: Apache/2.4.38 (Debian)

GET
H2 200 a
spidershopping.com/search/ 388 B
761 B 139ms
80ms Document
text/html 162.55.54.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=thompsoncigar.com&s1=721614&s2=&s3=152862001&s5=cf&it=44&in=1
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=152862001&sid=20220809025513c78da2b1829c2d72fb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.54.55.162.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 388
content-type: text/html; charset=UTF-8
date: Mon, 08 Aug 2022 16:55:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

GET
H2 200 r
spidershopping.com/search/ 311 B
340 B 13ms
13ms Document
text/html 162.55.54.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dthompsoncigar.com%26sid1%3D760841d69b9298a5e799f69e5eb83691%26nid%3D1&h=44b5ead8742145af3f4f72529fe25cbf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.54.55.162.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=thompsoncigar.com&s1=721614&s2=&s3=152862001&s5=cf&it=44&in=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 311
content-type: text/html; charset=UTF-8
date: Mon, 08 Aug 2022 16:55:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

GET
H2

200

in
buybutwhere.com/buy/
Redirect Chain

https://buybutwhere.com/buy/with/o4/in?store=thompsoncigar.com&sid1=760841d69b9298a5e799f69e5eb83691&nid=1
https://buybutwhere.com/buy/in?store=thompsoncigar.com

1 KB
1 KB

70ms
69ms

Document
text/html

2606:4700:3031::6815:dc3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buybutwhere.com/buy/in?store=thompsoncigar.com
Requested by: Host: spidershopping.com
URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dthompsoncigar.com%26sid1%3D760841d69b9298a5e799f69e5eb83691%26nid%3D1&h=44b5ead8742145af3f4f72529fe25cbf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:dc3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dthompsoncigar.com%26sid1%3D760841d69b9298a5e799f69e5eb83691%26nid%3D1&h=44b5ead8742145af3f4f72529fe25cbf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7379c754dec3bb89-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 08 Aug 2022 16:55:16 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnletnPjE6nXVdw%2BazZUd%2BJO%2F70BlQ1ql4XFd7Ew3L94wo9z6TM%2Flda1VgBY9CL5%2FukF9Tnbu6voAjHiLlq9AgOiWhMgcawjOlduWy8W7UOHEjf7%2FpYKxET1aslZAyUMwCsO40qOhgkM9mdLjPU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7379c7546ddabb89-FRA
content-type: text/html; charset=UTF-8
date: Mon, 08 Aug 2022 16:55:15 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://buybutwhere.com/buy/in?store=thompsoncigar.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E1P0xJwYntUMXizRSx43Z79QUaE6oHwSInfJz3aDSH1sRJh%2FnhbzNY3mhbFl49rZjlX7g8AImrscVGShsGAJMDD5TIGmuFUJ6w3o7QVw10yniu%2FnC%2FRELzqOGKLp96hKaSppIZYcf2OXq%2BnQ3o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3

200

Primary Request gdpr.html Show response
www.thompsoncigar.com/
Redirect Chain

https://www.smartredirect.de/redir/clickGate.php?u=jMIB0VkB&m=1&p=w5uTlnlezm&t=sLUNGdPJ&s=o462f13ff3e6718&url=https%3A%2F%2Fwww.thompsoncigar.com&r=https%3A%2F%2Fbuybutwhere.com%2Fwhere
https://www.linkconnector.com/ta.php?lc=126110079805005955&url=https://www.thompsoncigar.com/&atid=at106659_a112806_m1_p213371_t15572_cDE_so462f13ff3e6718&ntid=at106659
https://www.thompsoncigar.com/?lctid=57027
https://www.thompsoncigar.com/gdpr.html?lctid=57027

19 KB
14 KB

168ms
144ms

Document
text/html

2606:4700:4400::6812:2407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thompsoncigar.com/gdpr.html?lctid=57027

Requested by

Host: buybutwhere.com
URL: https://buybutwhere.com/buy/in?store=thompsoncigar.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2407 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc3314683fb3e972eda7d80bf266c3f6e73b611acd3bf6a67efb8ab0649ddbe1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' localhost:* *.helios.bethss.com helios.bethss.com adobe.com
Strict-Transport-Security	max-age=60; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buybutwhere.com/buy/in?store=thompsoncigar.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7379c75bbda69bb9-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' localhost:* *.helios.bethss.com helios.bethss.com adobe.com
content-type: text/html
date: Mon, 08 Aug 2022 16:55:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 15 Oct 2019 16:38:46 GMT
server: cloudflare
strict-transport-security: max-age=60; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace: 2B9CBA445C3AC86263CFC41BDBFEFAEA50BF394A5548E2B45E1EC8E2A800
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7379c75b6bb891d7-FRA
content-length: 0
date: Mon, 08 Aug 2022 16:55:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.thompsoncigar.com/gdpr.html?lctid=57027
server: cloudflare
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.thompsoncigar.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 24ms
23ms Script
text/javascript 2606:4700:4400::6812:2407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thompsoncigar.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.thompsoncigar.com
URL: https://www.thompsoncigar.com/gdpr.html?lctid=57027

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2407 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thompsoncigar.com/gdpr.html?lctid=57027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 7379c75cbf799bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6f99ec19f8359005b8ce88c1424442943d4d27ff528ac8fb5380317f8485eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 104ms
63ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.thompsoncigar.com
URL: https://www.thompsoncigar.com/gdpr.html?lctid=57027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.thompsoncigar.com/
Origin: https://www.thompsoncigar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 16:55:17 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7379c75d1a6d922c-FRA

POST
H3 204 result Show response
www.thompsoncigar.com/cdn-cgi/bm/cv/ 0
454 B 20ms
20ms XHR
text/plain 2606:4700:4400::6812:2407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thompsoncigar.com/cdn-cgi/bm/cv/result?req_id=7379c75bbda69bb9
Requested by: Host: www.thompsoncigar.com
URL: https://www.thompsoncigar.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:2407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thompsoncigar.com/gdpr.html?lctid=57027
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 08 Aug 2022 16:55:17 GMT
server: cloudflare
cf-ray: 7379c75d79cf9bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

POST
H3 200 rum Show response
www.thompsoncigar.com/cdn-cgi/ 0
170 B 20ms
19ms XHR
text/plain 2606:4700:4400::6812:2407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thompsoncigar.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:2407 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thompsoncigar.com/gdpr.html?lctid=57027
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Mon, 08 Aug 2022 16:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.thompsoncigar.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7379c75d99fc9bb9-FRA
vary: Origin

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mytelkomsel.com/	1970-01-20 14:42:17	Name: __tad Value: 1659977712.1830874
.1redirc.com/	1970-01-20 13:51:53	Name: __dsnsid Value: 20220809025513c78da2b1829c2d72fb
clever-redirect.com/	1970-01-20 05:07:44	Name: bf37b4e2e42a5e578bbe21be34d603d2 Value: 8b954812d392c21146340ae93c5d3651aa50f1b311ec89966eeb57e47ab19ae2a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22bf37b4e2e42a5e578bbe21be34d603d2%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
spidershopping.com/	1970-01-20 05:07:44	Name: 53ddaf3e0e28127a4164c9cc2124faf4 Value: d4334530eda0bdb3b5b0c2884f2153c2e0024c3eff71fd5358e7d1f1b7fb29fda%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2253ddaf3e0e28127a4164c9cc2124faf4%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
buybutwhere.com/	1970-01-20 05:06:24	Name: XSRF-TOKEN Value: eyJpdiI6ImNhZTZ1d214YitIQmtRR3daTWdnTHc9PSIsInZhbHVlIjoiSHhBWWYvcDcyMHdCZjNlcEM1YlhFTXVJTTB2UFM3SWhMOFl6cDl0YjdvRmR3QTFXMUFlNEtkdFo3dXBkSHBINktVR0NEdDREd3ZDUTdqKyt5bGhyRk9tOVV1ak1XdU5PS29sbGlTSzcrUy9NWGw5Y0RwMkNoL1ZrcjZMTy9pN1IiLCJtYWMiOiI1OGUyMGI3NmFkYWMzYzg0MTJjMWYzOGVlMjMxOTUyNTY2YzkyZDc0MmU1ZTMzNTEwNzU2MGM5Mjg3Zjc4ZTVlIiwidGFnIjoiIn0%3D
buybutwhere.com/	1970-01-20 05:06:24	Name: buybutwhere_session Value: eyJpdiI6ImcxN3NRM1BkVjZ1enUrUlh2dXZtU3c9PSIsInZhbHVlIjoiT3FrWnl0RjM3QTJpdThYRmlSVWxrNzFYdndBcEdDRmxEZ2FOaHBtSFNzYjdoTUtQQmFuQmFDQU1OWitmdmExU29DNjR2eGV2Vm5KL1d4NUE1bE9sOHk4b1Q3MGpNbldPTWtDNHMzaWFWM0hxQjJXRHFBY21UWGFPeDZqVnhVS3giLCJtYWMiOiJkNmRjMGVjYzlkNTFiYTc5MzcxNTBjMWY2N2IyZmJlMDFiYjg3ODczNzQ1ODhiY2E3NDJiYmYwYzZiOGUzZmUxIiwidGFnIjoiIn0%3D
.linkconnector.com/	1970-01-20 14:42:17	Name: LCID Value: LC1659977716.6319379
.linkconnector.com/	1970-01-20 14:42:17	Name: LastIP Value: 2a03%3A1b20%3A6%3Af011%3A%3A6e
.linkconnector.com/	1970-01-20 14:42:17	Name: LastIP_Date Value: 2022-08-08+09%3A55%3A16
.linkconnector.com/	1970-01-20 14:42:17	Name: lc_dnk Value: 1
.linkconnector.com/	1970-01-20 14:42:17	Name: LCXX Value: 126110079805005955%7C2022-08-08+09%3A55%3A16%7Chttps%3A%2F%2Fbuybutwhere.com%2F
www.thompsoncigar.com/	1970-01-20 05:06:24	Name: NSC_WT_QSPE_UD_TTM Value: ffffffffaf2b1fc145525d5f4f58455e445a4a42378b
.thompsoncigar.com/	1970-01-20 05:06:19	Name: __cf_bm Value: Jr7.3.IKSjerGzqUzdydeCoM6lACyfbbGdqlpNDJYTQ-1659977717-0-AYeWORiuOsjnvEkcKKBmbW5Rx9xj46vEVbP+gseakgtf/b7r/Cdpy6UeQ7j9VqnrTOYUUgO+ndg9VSHWSMxV18NU0nEP4OWjAYe2KdlSPdjozISOC6oR7REV/MfY+RVt4SjlKMJ2bHGeg5tajEEzFvQxAllg/QhQTMkPgKfoMrgF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
buybutwhere.com
clever-redirect.com
mytelkomsel.com
spidershopping.com
static.cloudflareinsights.com
www.linkconnector.com
www.smartredirect.de
www.thompsoncigar.com
103.224.182.206
103.224.182.233
162.55.54.68
2606:4700:10::6816:31a9
2606:4700:3031::6815:dc3
2606:4700:3036::ac43:8065
2606:4700:4400::6812:2407
2606:4700:440e::ac40:9c1a
78.46.197.88
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
5d4238d119b045f6aaebfd3dfa8b56411c74ce7691d29d01521b433256f86721
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
bc3314683fb3e972eda7d80bf266c3f6e73b611acd3bf6a67efb8ab0649ddbe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f99ec19f8359005b8ce88c1424442943d4d27ff528ac8fb5380317f8485eb0
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.thompsoncigar.com Open in urlscan Pro 2606:4700:4400::6812:2407 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

69 %HTTPS

56 %IPv6

9 Domains

9 Subdomains

7 IPs

3 Countries

40 kBTransfer

97 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

13 Cookies

Indicators

www.thompsoncigar.com Open in urlscan Pro
2606:4700:4400::6812:2407 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

69 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

40 kB
Transfer

97 kB
Size

13
Cookies

13 HTTP transactions
1 data transactions