urlscan.io logo urlscan.io
SecurityTrails logo

sweetnolas.com Open in urlscan Pro
64.225.91.73  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vpn.hqvu.com/
Effective URL: https://sweetnolas.com/?utm_source=google
Submission: On December 04 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 13 HTTP transactions. The main IP is 64.225.91.73, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is sweetnolas.com.
TLS certificate: Issued by E5 on October 16th 2024. Valid for: 3 months.
This is the only time sweetnolas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 64.190.63.222 47846 (SEDO-AS S...)
1 205.234.175.175 30081 (CACHENETW...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 2 54.205.42.70 14618 (AMAZON-AES)
1 1 5.161.89.212 213230 (HETZNER-C...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 64.225.91.73 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 7
5    64.190.63.222 (Germany)

ASN47846 (SEDO-AS SEDO GmbH, DE)
vpn.hqvu.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
1    173.239.53.32 (New York, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.sedodna.com
2    54.205.42.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-42-70.compute-1.amazonaws.com
ernus-dop.com
1    5.161.89.212 (United States)

ASN213230 (HETZNER-CLOUD2-AS Hetzner Online GmbH, DE)
PTR: us-psh2.1push.io
so-gre8.net
1    2606:4700::6812:a88 (United States)

ASN13335 (CLOUDFLARENET, US)
user-agent.trafficdecisions.com
4    2606:4700::6812:e0e (United States)

ASN13335 (CLOUDFLARENET, US)
go.c0nect.com
2    64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sweetnolas.com
1    2606:4700::6812:1a2d (United States)

ASN13335 (CLOUDFLARENET, US)
domaincntrol.com
Apex Domain
Subdomains		 Transfer
5 hqvu.com
vpn.hqvu.com
4 KB
4 c0nect.com
go.c0nect.com — Cisco Umbrella Rank: 173655
1 KB
2 sweetnolas.com
sweetnolas.com
ww2.sweetnolas.com Failed
1 KB
2 ernus-dop.com
ernus-dop.com
4 KB
1 domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 205886
331 B
1 trafficdecisions.com
user-agent.trafficdecisions.com — Cisco Umbrella Rank: 170638
569 B
1 so-gre8.net
so-gre8.net
279 B
1 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 301377
309 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 65939
15 KB
13 9
Domain Requested by
5 vpn.hqvu.com 2 redirects vpn.hqvu.com
4 go.c0nect.com ernus-dop.com
2 sweetnolas.com
2 ernus-dop.com 1 redirects vpn.hqvu.com
1 domaincntrol.com sweetnolas.com
1 user-agent.trafficdecisions.com 1 redirects
1 so-gre8.net 1 redirects
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com
0 ww2.sweetnolas.com Failed sweetnolas.com
13 10

This site contains no links.

Subject Issuer Validity Valid
vpn.hqvu.com
Encryption Everywhere DV TLS CA - G2		 2024-12-04 -
2025-12-03		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2024-11-12 -
2025-12-14		 a year crt.sh
ernus-dop.com
Amazon RSA 2048 M02		 2024-11-22 -
2025-12-22		 a year crt.sh
c0nect.com
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
sweetnolas.com
E5		 2024-10-16 -
2025-01-14		 3 months crt.sh
domaincntrol.com
WE1		 2024-11-19 -
2025-02-17		 3 months crt.sh

This page contains 1 frames:

Frame: https://ww2.sweetnolas.com/
Frame ID: 394B6449AFA54312723E1281BC4BD9BD
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://vpn.hqvu.com/ Page URL
  2. https://vpn.hqvu.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yE... HTTP 302
    https://vpn.hqvu.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yE... HTTP 302
    https://xml.sedodna.com/click?i=44aLPZ00yEw_0 HTTP 302
    https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38... Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=00100a45-b225-11ef-9200-121a387c915b&type=js&browserWid... HTTP 302
    https://so-gre8.net/r/FCmbZdm7XNdy-8nB1sZjrNtK_NXPIOHWetohtQbXOb3RABnq2gLw1JKyqOP4V9x__TwzN9-t44... HTTP 302
    https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
    https://go.c0nect.com/?t=3 Page URL
  4. https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1733305749180&8s4n53_domain=http://sweet... Page URL
  5. http://sweetnolas.com/?utm_source=google HTTP 307
    https://sweetnolas.com/?utm_source=google Page URL

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

7
IPs

2
Countries

24 kB
Transfer

23 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vpn.hqvu.com/ Page URL
  2. https://vpn.hqvu.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yEw_0&v=MTA3NGFkNTBjMGU1ODUwMWNhMjBkNmE1OTAxNzFiMDcJMQl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWJlMS4xNTY4NTA2OAl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWY4NS43NDYzNTExMQkxNzMzMzA1NzQ3CWFkXzYzXzA%3D&l=ogctqm3MrEGMo-kt08BYGl04AOY964yd3A33CIECczTD_DBihBqHUrCakTQGHSXOG7uaf5IZZe99DHG-JBPxNSEo5P7nDDiSFoIArCjfZzGrCYQ6J6rINbkOnXOIOGMVu-mRxyFMncrmR5cgCxnP1Ks4JnmvRSd1Szdz5gBUwu2jE69-RVvi5eLnqDtAYSGKxtT63kGZ4YpmEdw8Kf7zToAOouu91aaAC9Oin-GkWf1d6Qn8t5EAb5x-t9bMIjTTbX6L3tVhkmiZb1JZ32C97FbI58rQdV5lC91MhqOWAGFnE0inVVg91N-YQWvrfLSquzAUNyxvi5Krg_AmqP8bMzRp7AxLhE9LUnZsAQvYJR6GvocGg7EVVn0pBNJpR8q9gbdWjHkySL_IciERynlQWCVZATbbIok6pK1RCFX_Xr5397CZHzKJBCUoO70BnQqEhmUqmEhvA94EKFSe2jrcWoP-vqUnTKAP_WmMT0odzXrqb9vfK6X4OW5jTrXoBNTL-ASsZDFOofF08MPsdUNJjO0Lw3LZBC4p6AIr3VT1b8axuA6B7er7rHfLamo6r3TPOWqBdMr-Hy7S8a3D9wlfVCgHMserG-X4q3wjBBafUSXwTM5qhMzDYwTy1GlnksH6XVuigCfplVtU05dOxtA97wdAQBvD58of257pruAIE1F-EAxSNrz7ornwtZCZ7eKaJvlNTkJVpEW HTTP 302
    https://vpn.hqvu.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yEw_0&v=MTA3NGFkNTBjMGU1ODUwMWNhMjBkNmE1OTAxNzFiMDcJMQl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWJlMS4xNTY4NTA2OAl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWY4NS43NDYzNTExMQkxNzMzMzA1NzQ3CWFkXzYzXzA%3D&l=ogctqm3MrEGMo-kt08BYGl04AOY964yd3A33CIECczTD_DBihBqHUrCakTQGHSXOG7uaf5IZZe99DHG-JBPxNSEo5P7nDDiSFoIArCjfZzGrCYQ6J6rINbkOnXOIOGMVu-mRxyFMncrmR5cgCxnP1Ks4JnmvRSd1Szdz5gBUwu2jE69-RVvi5eLnqDtAYSGKxtT63kGZ4YpmEdw8Kf7zToAOouu91aaAC9Oin-GkWf1d6Qn8t5EAb5x-t9bMIjTTbX6L3tVhkmiZb1JZ32C97FbI58rQdV5lC91MhqOWAGFnE0inVVg91N-YQWvrfLSquzAUNyxvi5Krg_AmqP8bMzRp7AxLhE9LUnZsAQvYJR6GvocGg7EVVn0pBNJpR8q9gbdWjHkySL_IciERynlQWCVZATbbIok6pK1RCFX_Xr5397CZHzKJBCUoO70BnQqEhmUqmEhvA94EKFSe2jrcWoP-vqUnTKAP_WmMT0odzXrqb9vfK6X4OW5jTrXoBNTL-ASsZDFOofF08MPsdUNJjO0Lw3LZBC4p6AIr3VT1b8axuA6B7er7rHfLamo6r3TPOWqBdMr-Hy7S8a3D9wlfVCgHMserG-X4q3wjBBafUSXwTM5qhMzDYwTy1GlnksH6XVuigCfplVtU05dOxtA97wdAQBvD58of257pruAIE1F-EAxSNrz7ornwtZCZ7eKaJvlNTkJVpEW HTTP 302
    https://xml.sedodna.com/click?i=44aLPZ00yEw_0 HTTP 302
    https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=00100a45-b225-11ef-9200-121a387c915b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    https://so-gre8.net/r/FCmbZdm7XNdy-8nB1sZjrNtK_NXPIOHWetohtQbXOb3RABnq2gLw1JKyqOP4V9x__TwzN9-t44mQ5jtLrcaDsIMAKsDP3F9r3wjc5kMh_fKpfoGFm87F01FsUTwd48Y_jgCC226duMjVXuGpTiCB5L8S27uEpKQ-KEsIOutQ-hPlL0HVbiDRxx0jBwNNwmmv1cheejRZsxKYCMt_abkPnCGcYZEY7vYZfYPkZ2qLcyjXy82qfozAt3geHD-Fq6WMlqiaK2lwdWWAC5j3DmPPJrTCKktNl0LOyxX-imcSrEHNh66MXQKF38OmNcqL3-Jb-lCAXhL7MBQpFamdrkJZ-9zze5pZFXDHzHkD9uJs7l4MwL_utLdhIKHeJhZzdybi1E7j9f0Ug1H-ggoAhk-g0ad8kVC9ooo2IAsgeXdW3y971rTBFRGt8GUbWrtTp2uAVncXzcZ0Iex2o-8WjzlZjGdmrgVYhlKsCGi1Pw HTTP 302
    https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
    https://go.c0nect.com/?t=3 Page URL
  4. https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1733305749180&8s4n53_domain=http://sweetnolas.com?utm_source=google Page URL
  5. http://sweetnolas.com/?utm_source=google HTTP 307
    https://sweetnolas.com/?utm_source=google Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://vpn.hqvu.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yEw_0&v=MTA3NGFkNTBjMGU1ODUwMWNhMjBkNmE1OTAxNzFiMDcJMQl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWJlMS4xNTY4NTA2OAl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWY4NS43NDYzNTExMQkxNzMzMzA1NzQ3CWFkXzYzXzA%3D&l=ogctqm3MrEGMo-kt08BYGl04AOY964yd3A33CIECczTD_DBihBqHUrCakTQGHSXOG7uaf5IZZe99DHG-JBPxNSEo5P7nDDiSFoIArCjfZzGrCYQ6J6rINbkOnXOIOGMVu-mRxyFMncrmR5cgCxnP1Ks4JnmvRSd1Szdz5gBUwu2jE69-RVvi5eLnqDtAYSGKxtT63kGZ4YpmEdw8Kf7zToAOouu91aaAC9Oin-GkWf1d6Qn8t5EAb5x-t9bMIjTTbX6L3tVhkmiZb1JZ32C97FbI58rQdV5lC91MhqOWAGFnE0inVVg91N-YQWvrfLSquzAUNyxvi5Krg_AmqP8bMzRp7AxLhE9LUnZsAQvYJR6GvocGg7EVVn0pBNJpR8q9gbdWjHkySL_IciERynlQWCVZATbbIok6pK1RCFX_Xr5397CZHzKJBCUoO70BnQqEhmUqmEhvA94EKFSe2jrcWoP-vqUnTKAP_WmMT0odzXrqb9vfK6X4OW5jTrXoBNTL-ASsZDFOofF08MPsdUNJjO0Lw3LZBC4p6AIr3VT1b8axuA6B7er7rHfLamo6r3TPOWqBdMr-Hy7S8a3D9wlfVCgHMserG-X4q3wjBBafUSXwTM5qhMzDYwTy1GlnksH6XVuigCfplVtU05dOxtA97wdAQBvD58of257pruAIE1F-EAxSNrz7ornwtZCZ7eKaJvlNTkJVpEW HTTP 302
  • https://vpn.hqvu.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yEw_0&v=MTA3NGFkNTBjMGU1ODUwMWNhMjBkNmE1OTAxNzFiMDcJMQl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWJlMS4xNTY4NTA2OAl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWY4NS43NDYzNTExMQkxNzMzMzA1NzQ3CWFkXzYzXzA%3D&l=ogctqm3MrEGMo-kt08BYGl04AOY964yd3A33CIECczTD_DBihBqHUrCakTQGHSXOG7uaf5IZZe99DHG-JBPxNSEo5P7nDDiSFoIArCjfZzGrCYQ6J6rINbkOnXOIOGMVu-mRxyFMncrmR5cgCxnP1Ks4JnmvRSd1Szdz5gBUwu2jE69-RVvi5eLnqDtAYSGKxtT63kGZ4YpmEdw8Kf7zToAOouu91aaAC9Oin-GkWf1d6Qn8t5EAb5x-t9bMIjTTbX6L3tVhkmiZb1JZ32C97FbI58rQdV5lC91MhqOWAGFnE0inVVg91N-YQWvrfLSquzAUNyxvi5Krg_AmqP8bMzRp7AxLhE9LUnZsAQvYJR6GvocGg7EVVn0pBNJpR8q9gbdWjHkySL_IciERynlQWCVZATbbIok6pK1RCFX_Xr5397CZHzKJBCUoO70BnQqEhmUqmEhvA94EKFSe2jrcWoP-vqUnTKAP_WmMT0odzXrqb9vfK6X4OW5jTrXoBNTL-ASsZDFOofF08MPsdUNJjO0Lw3LZBC4p6AIr3VT1b8axuA6B7er7rHfLamo6r3TPOWqBdMr-Hy7S8a3D9wlfVCgHMserG-X4q3wjBBafUSXwTM5qhMzDYwTy1GlnksH6XVuigCfplVtU05dOxtA97wdAQBvD58of257pruAIE1F-EAxSNrz7ornwtZCZ7eKaJvlNTkJVpEW HTTP 302
  • https://xml.sedodna.com/click?i=44aLPZ00yEw_0 HTTP 302
  • https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
Request Chain 5
  • https://ernus-dop.com/zclkredirect?visitid=00100a45-b225-11ef-9200-121a387c915b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • https://so-gre8.net/r/FCmbZdm7XNdy-8nB1sZjrNtK_NXPIOHWetohtQbXOb3RABnq2gLw1JKyqOP4V9x__TwzN9-t44mQ5jtLrcaDsIMAKsDP3F9r3wjc5kMh_fKpfoGFm87F01FsUTwd48Y_jgCC226duMjVXuGpTiCB5L8S27uEpKQ-KEsIOutQ-hPlL0HVbiDRxx0jBwNNwmmv1cheejRZsxKYCMt_abkPnCGcYZEY7vYZfYPkZ2qLcyjXy82qfozAt3geHD-Fq6WMlqiaK2lwdWWAC5j3DmPPJrTCKktNl0LOyxX-imcSrEHNh66MXQKF38OmNcqL3-Jb-lCAXhL7MBQpFamdrkJZ-9zze5pZFXDHzHkD9uJs7l4MwL_utLdhIKHeJhZzdybi1E7j9f0Ug1H-ggoAhk-g0ad8kVC9ooo2IAsgeXdW3y971rTBFRGt8GUbWrtTp2uAVncXzcZ0Iex2o-8WjzlZjGdmrgVYhlKsCGi1Pw HTTP 302
  • https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
  • https://go.c0nect.com/?t=3
Request Chain 11
  • http://ww2.sweetnolas.com/ HTTP 307
  • https://ww2.sweetnolas.com/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
vpn.hqvu.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vpn.hqvu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.222 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash
693e0ce2be9ac064d2daf90ef0a0a0f6101000bd1295cb8a99a09115eb8ff6f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 04 Dec 2024 09:49:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 04 Dec 2024 09:49:05 GMT
pragma
no-cache
server
Parking/1.0
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_CNdaIG3oJa3K1F2Yi0Pj74SDpzwf1bGPHvygCqpGMYK4o38BuOIfpSKjk3+kJRZ3vuth2LaH/APSaqeW1lBx6w==
x-cache-miss-from
parking-f4f7c5ccf-fxhvw
js_preloader.gif
vpn.hqvu.com/img.sedoparking.com/images/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vpn.hqvu.com/img.sedoparking.com/images/js_preloader.gif
Requested by
Host: vpn.hqvu.com
URL: https://vpn.hqvu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.222 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vpn.hqvu.com/

Response headers

date
Wed, 04 Dec 2024 09:49:07 GMT
server
Parking/1.0
content-length
0
tsc.php
vpn.hqvu.com/search/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpn.hqvu.com/search/tsc.php?ses=ogcD5cI93WpVWa_AYmZE2l9jGsCnZ_ikbxCoMvUHqzWRiMQLbNbB1rClrQVbLEIwvoW2ZdKeHpZEyrXpJSEBOap1PvYSPlzU5nefRZNo1ddGMvtv4tLLQuaRUHoaBHOVTXuPEDVK0H5B-EdfNtE2BRzhwFv3-tPNgYnXEXmEwdWGLXaQ6De_8OIHtItttIwsMjT2-8za4dGz59RXyYeIiM0af9WJe45zaN0EJR38xmQ3M0FGUpJmJtNzFyZX51lmMRMapxUxljw-FmpUI2_g94nDjsltyzPsaD38SMQMKvu-otjUeOrmC3B-HCLv7-YRUsxwpVfe7uX9S0izz0O2RniD-jSS1nRPSQ7VsJK_PirzunYiZXhzSjnhQ16T6Fo&cv=2
Requested by
Host: vpn.hqvu.com
URL: https://vpn.hqvu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.222 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vpn.hqvu.com/

Response headers

x-cache-miss-from
parking-f4f7c5ccf-kqq5r
content-length
0
date
Wed, 04 Dec 2024 09:49:07 GMT
content-type
text/html; charset=UTF-8
server
Parking/1.0
sedo_logo.png
img.sedoparking.com/templates/logos/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 1124 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://vpn.hqvu.com/

Response headers

x-cf-rand
7.161
x-cf2
H
expires
Wed, 11 Dec 2024 09:49:07 GMT
x-cf1
11696:fQ.ewr1:cf:nom:cacheN.ewr1-01:H
date
Wed, 04 Dec 2024 09:49:07 GMT
cf4ttl
31536000.000
content-type
image/png
x-cff
B
last-modified
Mon, 11 Jan 2021 07:44:34 GMT
x-cf-reqid
1e71b231b86475a220fc2aeda074bd40
cf4age
2354427
cache-control
max-age=604800
x-cf3
H
accept-ranges
bytes
access-control-allow-origin
*
content-length
15086
x-cfhash
"def00c11b1596db4efee6a9fbe64fc27"
x-cf-tsc
1684184564
server
CFS 1124
9232f590-d991-493f-b95d-d38c0c6cdd28
ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/
Redirect Chain
  • https://vpn.hqvu.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yEw_0&v=MTA3NGFkNTBjMGU1ODUwMWNhMjBkNmE1OTAxNzFiMDcJMQl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWJlMS4xNTY4NTA2OA...
  • https://vpn.hqvu.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D44aLPZ00yEw_0&v=MTA3NGFkNTBjMGU1ODUwMWNhMjBkNmE1OTAxNzFiMDcJMQl2cG4uaHF2dS5jb202NzUwMjU5MTc3YWJlMS4xNTY4NTA2OA...
  • https://xml.sedodna.com/click?i=44aLPZ00yEw_0
  • https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
Requested by
Host: vpn.hqvu.com
URL: https://vpn.hqvu.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.42.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-42-70.compute-1.amazonaws.com
Software
/
Resource Hash
fb717885134b0516a7705b770f10c5a19fad117fbf2098b6e2b33839d152ce04
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://vpn.hqvu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Wed, 04 Dec 2024 09:49:08 GMT

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 04 Dec 2024 09:49:08 GMT
Location
https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
Server
nginx
/
go.c0nect.com/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=00100a45-b225-11ef-9200-121a387c915b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://so-gre8.net/r/FCmbZdm7XNdy-8nB1sZjrNtK_NXPIOHWetohtQbXOb3RABnq2gLw1JKyqOP4V9x__TwzN9-t44mQ5jtLrcaDsIMAKsDP3F9r3wjc5kMh_fKpfoGFm87F01FsUTwd48Y_jgCC226duMjVXuGpTiCB5L8S27uEpKQ-KEsIOutQ-hPlL0H...
  • https://user-agent.trafficdecisions.com/okay/?d=okay&t=2
  • https://go.c0nect.com/?t=3
794 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/?t=3
Requested by
Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d4ae9034228d133b721489987b0ab82d02936919145207af94c81a3a00a1e2f

Request headers

Referer
https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8ecae28459ee4328-EWR
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 04 Dec 2024 09:49:09 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ecae283583cefa5-EWR
content-length
143
content-type
text/html
date
Wed, 04 Dec 2024 09:49:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://go.c0nect.com/?t=3
server
cloudflare
vary
Accept-Encoding
favicon.ico
go.c0nect.com/ 		5 B
128 B 		Other
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
8ecae2852a6f4328-EWR
alt-svc
h3=":443"; ma=86400
content-length
5
date
Wed, 04 Dec 2024 09:49:09 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
/
go.c0nect.com/ 		391 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1733305749180&8s4n53_domain=http://sweetnolas.com?utm_source=google
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97a39b43a5b4c87a03698d5ef751aedeed3dffe77bb797285f790f4b52f40e8b

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8ecae285fafe4328-EWR
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 04 Dec 2024 09:49:09 GMT
server
cloudflare
vary
Accept-Encoding
Primary Request /
sweetnolas.com/
Redirect Chain
  • http://sweetnolas.com/?utm_source=google
  • https://sweetnolas.com/?utm_source=google
593 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sweetnolas.com/?utm_source=google
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Referer
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1733305749180&8s4n53_domain=http://sweetnolas.com?utm_source=google
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 04 Dec 2024 09:49:09 GMT
ETag
W/"63f68860-251"
Last-Modified
Wed, 22 Feb 2023 21:25:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://sweetnolas.com/?utm_source=google
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
go.c0nect.com/ 		5 B
128 B 		Other
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
8ecae2865b314328-EWR
alt-svc
h3=":443"; ma=86400
content-length
5
date
Wed, 04 Dec 2024 09:49:09 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
/
domaincntrol.com/ 		27 B
331 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://domaincntrol.com/?orighost=https://sweetnolas.com/?utm_source=google
Requested by
Host: sweetnolas.com
URL: https://sweetnolas.com/?utm_source=google
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d30fd8539275cb5ff106a08ae728af42f3dc29b56ebcdc62febf1b43a080c19

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sweetnolas.com/

Response headers

x_details
{"destination":"sedo","orighost":"sweetnolas.com","type":"arb","finalurl":"http://ww2.sweetnolas.com","browser":"chrome","os":"linux","country":"US","device":"desktop","isbot":false,"botscore":99}
cf-ray
8ecae28afaa742bc-EWR
access-control-allow-origin
*
content-length
27
date
Wed, 04 Dec 2024 09:49:10 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
favicon.ico
sweetnolas.com/ 		593 B
606 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sweetnolas.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sweetnolas.com/?utm_source=google

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"63f68860-251"
Connection
keep-alive
Date
Wed, 04 Dec 2024 09:49:10 GMT
Content-Type
text/html
Last-Modified
Wed, 22 Feb 2023 21:25:52 GMT
Server
nginx/1.18.0 (Ubuntu)
/
ww2.sweetnolas.com/
Redirect Chain
  • http://ww2.sweetnolas.com/
  • https://ww2.sweetnolas.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ww2.sweetnolas.com
URL
https://ww2.sweetnolas.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.trafficdecisions.com/ Name: __cf_bm
Value: WPbq6KlkqLakFlt4c.goT75iecAEwvG97NpsvU2DptU-1733305749-1.0.1.1-eFnaKUn8S1fApqYP4V8C_Y3rLix3CUVlCwOxL2ntd5CEC0bFlrMa6hjjYTgaa2ycDcli2HFlX8qsTia6W1eFSA
.c0nect.com/ Name: __cf_bm
Value: p2ptciMArPAvjWv9UeySHyB.ZlaYIN.sTkla7jB_gtI-1733305749-1.0.1.1-.hgTFSPLfC8SxrzZ7xr4xGXGMaAv4WVoJKiFXbZ4y3Eom3JJDpWaCygtuAucoCLw3PrFsxMJ30Sl3I864rzipA

2 Console Messages

Source Level URL
Text
network error URL: https://vpn.hqvu.com/img.sedoparking.com/images/js_preloader.gif
Message:
Failed to load resource: the server responded with a status of 441 ()
rendering warning URL: https://ernus-dop.com/zclkvisitor/00100a45-b225-11ef-9200-121a387c915b/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=001ab8a2-b225-11ef-9200-121a387c915b
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00341F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.