Submitted URL: http://link.hrtechnologist.com/2uwTj9Af.php?tGZDtccxfwJlG=DjMCxCqxWMkxY177p3vg02ul1801mwbw011mo180ih6dyxgjl7====
Effective URL: http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown
Submission: On May 31 via api from BE — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 22 HTTP transactions. The main IP is 64.190.63.136, located in and belongs to . The main domain is ww1.servyourads.com.
This is the only time ww1.servyourads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.177.31.2 138687 (XDEER-AS-...)
1 209.236.123.242 30277 (DFW-DATAC...)
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 67.212.184.146 32475 (SINGLEHOP...)
4 6 51.68.81.31 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
1 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 34.91.142.64 396982 (GOOGLE-CL...)
1 94.237.99.118 202053 (UPCLOUD)
1 1 64.91.248.15 ()
1 64.190.63.136 ()
22 9
Domain Requested by
6 www.turbotrck.art 4 redirects rezi.turetou.com
6 rezi.turetou.com lynku.jukminung.com
rezi.turetou.com
tonic.eygenci.com
5 lynku.jukminung.com 1 redirects peepshowdrifter.com
lynku.jukminung.com
4 tonic.eygenci.com 1 redirects www.turbotrck.art
tonic.eygenci.com
2 cdn.addlnk.com lynku.jukminung.com
tonic.eygenci.com
1 ww1.servyourads.com
1 servyourads.com 1 redirects
1 1d656c28c28.trccmpnsl.com www.turbotrck.art
1 harrenmedia.g2afse.com 1 redirects
1 admoustache.media-412.com 1 redirects
1 peepshowdrifter.com
1 link.hrtechnologist.com 1 redirects
0 www.google.com Failed ww1.servyourads.com
22 13

This site contains no links.

Subject Issuer Validity Valid
peepshowdrifter.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-29 -
2023-10-29
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-20 -
2024-03-18
a year crt.sh
addlnk.com
GTS CA 1P5
2023-04-15 -
2023-07-14
3 months crt.sh
rezi.turetou.com
R3
2023-04-17 -
2023-07-16
3 months crt.sh
www.turbotrck.art
R3
2023-04-29 -
2023-07-28
3 months crt.sh
eygenci.com
E1
2023-05-21 -
2023-08-19
3 months crt.sh
*.trccmpnsl.com
R3
2023-05-05 -
2023-08-03
3 months crt.sh

This page contains 3 frames:

Primary Page: http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown
Frame ID: 1D58AFEF9A2314F5DE1A369E0F2846D0
Requests: 16 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Frame ID: 4D260300383559B9D85549E492072E79
Requests: 3 HTTP requests in this frame

Frame: https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Frame ID: 445080A79FC3070C193FBC0EEC5AABE3
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://link.hrtechnologist.com/2uwTj9Af.php?tGZDtccxfwJlG=DjMCxCqxWMkxY177p3vg02ul1801mwbw011mo180ih6dyxgjl... HTTP 302
    https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-1... Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1347800751&pubid=690040 Page URL
  3. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  4. https://rezi.turetou.com/?utm_term=7239231986617810945&utm_content=fdc2c69a9cafac9c949390a197959495ba... Page URL
  5. https://rezi.turetou.com/proc.php?389a97b4f2f4a419e8151ebd80d3ec68504cfd73 Page URL
  6. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website... Page URL
  7. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002cf9ae9537e5aff917d0bed2c32... HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503 Page URL
  8. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
  9. https://rezi.turetou.com/?utm_term=7239231990912778265&utm_content=fdc2c69a9cafac9c949390a197959495ba... Page URL
  10. https://rezi.turetou.com/proc.php?0530760ab33758476fd1b8616ef5e12f326c111a Page URL
  11. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website... Page URL
  12. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website... HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fd0172f37f519b... HTTP 302
    https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01 Page URL
  13. https://servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown HTTP 302
    http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown Page URL

Page Statistics

22
Requests

77 %
HTTPS

25 %
IPv6

12
Domains

13
Subdomains

9
IPs

4
Countries

62 kB
Transfer

133 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://link.hrtechnologist.com/2uwTj9Af.php?tGZDtccxfwJlG=DjMCxCqxWMkxY177p3vg02ul1801mwbw011mo180ih6dyxgjl7==== HTTP 302
    https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-114-218-24 Page URL
  2. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1347800751&pubid=690040 Page URL
  3. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub479ef91bdf0d44dabe5725bb7d4ac071&2=690040 Page URL
  4. https://rezi.turetou.com/?utm_term=7239231986617810945&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  5. https://rezi.turetou.com/proc.php?389a97b4f2f4a419e8151ebd80d3ec68504cfd73 Page URL
  6. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075 Page URL
  7. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075&eyeg=53e86651fece77259913d9107633b01f&eyer=0.43656114387953604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075&eyeg=3&eyer=0.43656114387953604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002cf9ae9537e5aff917d0bed2c3206b270531-202305-flb*5564921-b2be6*M7239231986617810945*sl_5564921-b2be6*51d8d64655cc4c37fce1e5cfc6f122098c8a0805*13260-bf2f31c1-8172cef6*13260 HTTP 302
    https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503 Page URL
  8. https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8063a697&cid=pubb491af67b6344a088bac36e443fb5733&2=503 Page URL
  9. https://rezi.turetou.com/?utm_term=7239231990912778265&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  10. https://rezi.turetou.com/proc.php?0530760ab33758476fd1b8616ef5e12f326c111a Page URL
  11. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  12. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=1a88d88f053163b9361fad2548c08e99&eyer=0.5529832284616221&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.5529832284616221&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
    https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fd0172f37f519bdfb0b9f05ba6dd1470531-202305-flb*5564921-b2be6*M7239231990912778265*sl_5564921-b2be6*3842a56dcbbc55c6ffb6f8eac3c9b23f0dd069f6*13260-c20be91f-60df3a4c*13260 HTTP 302
    https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01 Page URL
  13. https://servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown HTTP 302
    http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://link.hrtechnologist.com/2uwTj9Af.php?tGZDtccxfwJlG=DjMCxCqxWMkxY177p3vg02ul1801mwbw011mo180ih6dyxgjl7==== HTTP 302
  • https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-114-218-24
Request Chain 3
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Request Chain 10
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075&eyeg=53e86651fece77259913d9107633b01f&eyer=0.43656114387953604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075&eyeg=3&eyer=0.43656114387953604&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002cf9ae9537e5aff917d0bed2c3206b270531-202305-flb*5564921-b2be6*M7239231986617810945*sl_5564921-b2be6*51d8d64655cc4c37fce1e5cfc6f122098c8a0805*13260-bf2f31c1-8172cef6*13260 HTTP 302
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503
Request Chain 12
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Request Chain 19
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=1a88d88f053163b9361fad2548c08e99&eyer=0.5529832284616221&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.5529832284616221&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
  • https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fd0172f37f519bdfb0b9f05ba6dd1470531-202305-flb*5564921-b2be6*M7239231990912778265*sl_5564921-b2be6*3842a56dcbbc55c6ffb6f8eac3c9b23f0dd069f6*13260-c20be91f-60df3a4c*13260 HTTP 302
  • https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
436191964_217-114-218-24
peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/
Redirect Chain
  • http://link.hrtechnologist.com/2uwTj9Af.php?tGZDtccxfwJlG=DjMCxCqxWMkxY177p3vg02ul1801mwbw011mo180ih6dyxgjl7====
  • https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-114-218-24
137 B
450 B
Document
General
Full URL
https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-114-218-24
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.236.123.242 , United States, ASN30277 (DFW-DATACENTER, US),
Reverse DNS
209.236.123.242
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
137
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 May 2023 06:37:21 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 May 2023 06:37:20 GMT
Location
https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-114-218-24
Server
Apache
9e8aef8068
lynku.jukminung.com/rc/
2 KB
2 KB
Document
General
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1347800751&pubid=690040
Requested by
Host: peepshowdrifter.com
URL: https://peepshowdrifter.com/1761255ce270185b800/1_771883_2747948/2112_4786172_0ih6dyx_44/436191964_217-114-218-24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd9de468938bd4caaf4289a61b51a9d67c5ac23e79e1c38a3e7aa6b28384d67

Request headers

Referer
https://peepshowdrifter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cfd3536da9a6921-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 31 May 2023 06:37:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Brc299YNqssXlkiax3m6KrB71Bjv8cipJIOeermWKzMrL9PtY5hD8BIDZgBv%2F3f0bgAoRUWWeFNgB9hn%2F0waE7Ul7BuhBmAIZYc05AoFcxPagqaj55rltWYCpEAaaEn8OqC9GmBCLiKU3Rv%2FGrmznJlH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1347800751&pubid=690040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:37:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1CDV1M9BTXYFXXX6
age
4884
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PMqJM36lmduKnrjw0ab5/EeSo7UVLnFZbYvMRXRbbtLCXXjAbytlHc1uVHWuQ6A1qKwwnT/4gKuxNla4w4fDGg==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC4Qn%2BgLkqb3Z6%2F0T4YOEArO3s1KEce8liXjGbjqXi15bCIXPkG3Xsd2Yqk8%2FIem3mMZMA%2F2SfSsTbQuGx1Pggn%2FwKvpXcvtznFkAqhohEMUyKJrOSuutMKhDat7xlCZw5a%2FzbIZzHalu92qRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7cfd35382b901bcf-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/ Frame 4D26
Redirect Chain
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
26 KB
12 KB
Script
General
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Protocol
H2
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BeUnG9ABVOV%2F3%2FHAlwsU70ruWSM7UO6x40BUgU%2BV8FV2fsF5Kt3SnYzqCNKjU8z425xFY0eGyIBN9kBTxQsKZHQU5SwLfJmYts4CS9HwaAGdudT5xihv%2Bfr8DbQDy9nkvkppnjJsXo07BMynvK4EkNn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cfd3538fd966921-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 31 May 2023 06:37:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Fz3kJhUTYQYiT2XD7219LpUHPKirv5uo5CL%2BEAVt1vtr7aqdR%2FjQGVIYI2e3mzN%2BN8LWCSD0Tmzz%2B7H6jPgQ1hbmRrYpDx0MACqX0c5Jp3WTa5YQwCotJ65OYWParPvrw5uSyKXTKN3G2pmIB%2FZvPfD"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7cfd3538cd5a6921-FRA
alt-svc
h3=":443"; ma=86400
/
rezi.turetou.com/
3 KB
2 KB
Document
General
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub479ef91bdf0d44dabe5725bb7d4ac071&2=690040
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1347800751&pubid=690040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 06:37:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7239231986617810945
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4D26
6 KB
4 KB
Other
General
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDswFTzf8fPMOm550W8hheHKg9MIjZDFpiiIBkcsItyIUrcWdMi9gpdxor%2FXMyVMs2ETECC%2F6LqgflGzSy2KbM%2FL%2FInWrxOatXRE2k%2BRea7%2FB2MsdH9OWML%2FnDGnz25rYTkP2%2FlGjA0N%2FICX8lyQwj3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cfd35393d682be4-FRA
alt-svc
h3=":443"; ma=86400
7cfd3536da9a6921
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4D26
2 B
624 B
XHR
General
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7cfd3536da9a6921
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 31 May 2023 06:37:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrnUwm9h7wc2E0TUoFGJNwyaq6284WuuSDDAO%2B1mSvyEGktH2Q6OpyOdX%2FwkvkMMQEu2RdDxn09e4A9p4ulmh0MI%2BqgrcOnjCIOxlecXkjre%2Fg8VD2XTmqMV4HH0m8YiXEvA7mOwC55I6eWYt%2Bwb4d8%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7cfd353a8f3b2be4-FRA
alt-svc
h3=":443"; ma=86400
/
rezi.turetou.com/
8 KB
3 KB
Document
General
Full URL
https://rezi.turetou.com/?utm_term=7239231986617810945&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub479ef91bdf0d44dabe5725bb7d4ac071&2=690040
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
1fa889fee448638140b8d303ce47dee85236e897d9e9d7f71a6abb77fe46dd36

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=d699fd3e&cid=pub479ef91bdf0d44dabe5725bb7d4ac071&2=690040
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 31 May 2023 06:37:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/
4 KB
2 KB
Document
General
Full URL
https://rezi.turetou.com/proc.php?389a97b4f2f4a419e8151ebd80d3ec68504cfd73
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7239231986617810945&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7239231986617810945&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 06:37:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/
5 KB
5 KB
Document
General
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?389a97b4f2f4a419e8151ebd80d3ec68504cfd73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Wed, 31 May 2023 06:37:23 GMT
Transfer-Encoding
chunked
a91581ead4
tonic.eygenci.com/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330002cf9ae9537e5aff917d0bed2c3206b270531-202305-flb*5564921-b2be6*M7239231986617810945*sl_5564921-b2be6*51d8d64655cc4c...
  • https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503
2 KB
2 KB
Document
General
Full URL
https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a2aa54f9028e47afb86736baec251e658b403efa8fcaf8511c3fc6d8e8c67a

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231986617810945&website=13260-bf2f31c1-8172cef6&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cfd354128253821-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 31 May 2023 06:37:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vhXq9HNGOHFZiDIsQivSCKS5Pki08R7zDnZF7pVNatrAKeHV9sOu11ufa0hdOxHpU01h5Ru1zfyn2oij7CYYMfSXuVqxQ0U000oqT0WT%2BpSJB2XX1U3uGO7ajAWF9sfsqogcC2ovKLC6TU5o9f%2F4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 31 May 2023 06:37:23 GMT
location
https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/
1 KB
709 B
Stylesheet
General
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:37:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1CDV1M9BTXYFXXX6
age
4886
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PMqJM36lmduKnrjw0ab5/EeSo7UVLnFZbYvMRXRbbtLCXXjAbytlHc1uVHWuQ6A1qKwwnT/4gKuxNla4w4fDGg==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FfujpUi809nBJdbZX1p1xPU2jj6jzeYK3VCCg5HFsP1OrQHakzAETuJxFLodvnjzHV0wcr4rtFE8iU34Pbm%2Bn%2Flk63pod3UaBMByQGZVeNWUeoZRD7B0Xk7zoFWahue8M56uDucFku4jML1bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7cfd3541d83c1bcf-FRA
invisible.js
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/ Frame 4450
Redirect Chain
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
26 KB
12 KB
Script
General
Full URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa5becdc564acff87843c26a098855382313eb741501f1ae5f61dc4ffa0f93e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:37:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0Xj5ApIfEHO2ztlg1qcqMEecTklr0Q25AsIjqt2artTCrcGKhJehzHY3rxcisqUfHChoRzgt9jtJXazweSqjoLvxbdFsNsprsQ5bYpYHgTG6dIw4UGRN%2B2OvZzNy7JPHu3LDuV%2BNnHyYchZkpbdxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cfd354239a63821-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 31 May 2023 06:37:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZE%2BmG7fYVl1fTG%2B51x53Gqet9Il0t9A43sLlySQ3SDJRIa%2BCEP9gjxysxxSuPH9kfRwjfOpsUoLZtj%2BDk8Yqlp%2FZMr55XlZWm%2BLDwEqf2LtqXARHsqSedySkL2eUHr9MucjYCkKLXnbS0IMQ9iMLw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
cache-control
max-age=300, public
cf-ray
7cfd354219763821-FRA
alt-svc
h3=":443"; ma=86400
pica.js
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4450
5 KB
3 KB
Other
General
Full URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:37:24 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8Wq8ATJ%2FoJDbL1B3Wo72U8Sw%2Fz4TfNXtJ37y%2Fp1OthHLpk5rjFe3XHPGEjMUnWyerIqigB2IVy8uZmJcVbZE3D9dD%2BZLJ8jOYXOqbLC4DprnzvNlswUE9TqdHwEw8U8bc5nsh5FOC34CJIFf7CjEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cfd35429e913683-FRA
alt-svc
h3=":443"; ma=86400
/
rezi.turetou.com/
3 KB
2 KB
Document
General
Full URL
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8063a697&cid=pubb491af67b6344a088bac36e443fb5733&2=503
Requested by
Host: tonic.eygenci.com
URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=6476eb23ac00210001c9105a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 06:37:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rezi.turetou.com/?utm_term=7239231990912778265
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
7cfd354128253821
tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4450
0
0

/
rezi.turetou.com/
8 KB
3 KB
Document
General
Full URL
https://rezi.turetou.com/?utm_term=7239231990912778265&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8063a697&cid=pubb491af67b6344a088bac36e443fb5733&2=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
a667064a5aabec74b85ec6d47c5e4bd5c43632208a733a10c03239b380a4a571

Request headers

Referer
https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=8063a697&cid=pubb491af67b6344a088bac36e443fb5733&2=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 31 May 2023 06:37:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
rezi.turetou.com/
4 KB
2 KB
Document
General
Full URL
https://rezi.turetou.com/proc.php?0530760ab33758476fd1b8616ef5e12f326c111a
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/?utm_term=7239231990912778265&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.184.146 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash

Request headers

Referer
https://rezi.turetou.com/?utm_term=7239231990912778265&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 06:37:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/
5 KB
5 KB
Document
General
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: rezi.turetou.com
URL: https://rezi.turetou.com/proc.php?0530760ab33758476fd1b8616ef5e12f326c111a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rezi.turetou.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Wed, 31 May 2023 06:37:24 GMT
Transfer-Encoding
chunked
/
1d656c28c28.trccmpnsl.com/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://harrenmedia.g2afse.com/sl?id=5db1a4743bf47917e8f252cf&pid=228&sub2=132435&sub1=230009fd0172f37f519bdfb0b9f05ba6dd1470531-202305-flb*5564921-b2be6*M7239231990912778265*sl_5564921-b2be6*3842a...
  • https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01
880 B
744 B
Document
General
Full URL
https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.99.118 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-99-118.de-fra1.upcloud.host
Software
/
Resource Hash
a99b086bc42f8db8dd3713bddca47b9dccec1fe22490bf44720f2351d440d745

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7239231990912778265&website=13260-c20be91f-60df3a4c&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 06:37:25 GMT
expires
Wed, 31 May 2023 06:37:25 GMT
last-modified
Wed, 31 May 2023 06:37:25 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 31 May 2023 06:37:25 GMT
location
https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
Primary Request 691
ww1.servyourads.com/sl/
Redirect Chain
  • https://servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown
  • http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown
22 KB
0
Document
General
Full URL
http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown
Protocol
HTTP/1.1
Server
64.190.63.136 -, , ASN (),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash

Request headers

Referer
https://1d656c28c28.trccmpnsl.com/?p=2155&media_type=mainstream&click_id=6476eb25cbd35600018d0e01
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 31 May 2023 06:37:34 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 31 May 2023 06:37:34 GMT
pragma
no-cache
server
NginX
transfer-encoding
chunked
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_RiV++dPI6Zwkw5VQ0Cf69keXBTHZ+60XsaPO8x4QA6tVVq7FoPx6cA9G8KqrIMNPCf0ywUOcdf+FM22RYGfzcw==
x-cache-miss-from
parking-6bdbf848bb-zxcdr
x-powered-by
PHP/8.1.17

Redirect headers

Cache-Control
no-cache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 May 2023 06:37:33 GMT
Location
http://ww1.servyourads.com/sl/691?f=a&pub_id=12356&smartlink_id=571&pub_sub=unknown&sub_pub_id=unknown
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
caf.js
www.google.com/adsense/domains/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tonic.eygenci.com
URL
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/b/cv/result/7cfd354128253821
Domain
www.google.com
URL
http://www.google.com/adsense/domains/caf.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

8 Cookies

Domain/Path Name / Value
peepshowdrifter.com/ Name: uid15295
Value: 1347800751-20230531023722-b60a0f07993a53b4eaf67afbd2af9e77-
lynku.jukminung.com/ Name: AWSALB
Value: 7qqRnfvYubJ+xhy+3Uleq5jwnK1AVME2KtmIi2ppeva/RY9/gdbfXxELk1Wj3exfXlpvC0/AnYKCO38jEKIupSRivHOfiqk/LhqIxrP+bwfmNhK9UCdHfpxmQTeS
.jukminung.com/ Name: __cf_bm
Value: xpfDRnftDggm4U_mgFxxvtwPvoFeliD915otjlLnnQM-1685515042-0-Ad5o49ESfHGT1s3a8tl3LffWTrIn+J2YRirja7XH0SGFiPYlFydsd9pFAms8lEJhgzQBxRHG2Hr96KhP5NFefVG4WRWhOPgx+eLJb3N+rMAJ
rezi.turetou.com/ Name: u
Value: c6089d982244bf4fbf56af0b0a7b4eb4
rezi.turetou.com/ Name: split
Value: a
admoustache.media-412.com/ Name: afclick
Value: 6476eb23ac00210001c9105a
tonic.eygenci.com/ Name: AWSALB
Value: gBEA6emDpKpD/uV6W0hS7HwC1FUxDcKruKFpWCryOXXLZ2GXXPL9nS7227Q6jK3XZBDh5la7W3UirVWHmpE8hz3O3VamAfsnQcs1IhjqZx6ZEUCbKTvTJqSxhJNN
harrenmedia.g2afse.com/ Name: afclick
Value: 6476eb25cbd35600018d0e01