myfreefarm2.upjers.com Open in urlscan Pro
31.172.113.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hypesquadevents-application.com/
Effective URL:
https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Submission Tags: bulk
Submission: On February 27 via manual (February 27th 2022, 6:23:57 pm UTC) from CZ — Scanned from DE

Summary HTTP 39 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 39 HTTP transactions. The main IP is 31.172.113.125, located in Germany and belongs to WAVECON, DE. The main domain is myfreefarm2.upjers.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on October 21st 2021. Valid for: a year.

This is the only time myfreefarm2.upjers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.242 103.224.182.242	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.169.168 157.90.169.168	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
4	31.172.113.125 31.172.113.125	60955 (WAVECON) (WAVECON)
2	185.22.221.72 185.22.221.72	60955 (WAVECON) (WAVECON)
3	31.7.187.34 31.7.187.34	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
7	37.61.208.98 37.61.208.98	20773 (GODADDY) (GODADDY)
16	173.201.20.194 173.201.20.194	398789 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	31.172.114.128 31.172.114.128	60955 (WAVECON) (WAVECON)
39	8

2 103.224.182.242 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-242.above.com

hypesquadevents-application.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.169.168 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.168.169.90.157.clients.your-server.de

lookandfind.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.113.125 (Germany)

ASN60955 (WAVECON, DE)
PTR: up-portal-lb.wavecloud.de

myfreefarm2.upjers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.upjers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.22.221.72 (Germany)

ASN60955 (WAVECON, DE)
PTR: cdn-edge8.wavecloud.de

up-cookiemon.wavecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.7.187.34 (Nuremberg, Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

up-portal-assets.wavecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.61.208.98 (Frankfurt am Main, Germany)

ASN20773 (GODADDY, DE)

utb.wavecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 173.201.20.194 (Phoenix, United States)

ASN398789 (GO-DADDY-COM-LLC, US)
PTR: ip-173-201-20-194.ip.secureserver.net

upportal.wavecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.114.128 (Germany)

ASN60955 (WAVECON, DE)
PTR: up-ad-srv1-lb.wavecloud.de

supply.upjers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	wavecdn.net up-cookiemon.wavecdn.net up-portal-assets.wavecdn.net utb.wavecdn.net upportal.wavecdn.net	1 MB
5	upjers.com myfreefarm2.upjers.com de.upjers.com — Cisco Umbrella Rank: 593289 supply.upjers.com	133 KB
5	1redirc.com 1 redirects 1redirc.com	8 KB
2	lookandfind.me lookandfind.me	1 KB
2	hypesquadevents-application.com 2 redirects hypesquadevents-application.com	1 KB
1	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 42060	383 B
1	clever-redirect.com 1 redirects clever-redirect.com	439 B
39	7

	Domain	Requested by
16	upportal.wavecdn.net	myfreefarm2.upjers.com
7	utb.wavecdn.net	myfreefarm2.upjers.com utb.wavecdn.net
5	1redirc.com	1 redirects 1redirc.com
3	up-portal-assets.wavecdn.net	myfreefarm2.upjers.com up-portal-assets.wavecdn.net
3	de.upjers.com	myfreefarm2.upjers.com
2	up-cookiemon.wavecdn.net	myfreefarm2.upjers.com up-cookiemon.wavecdn.net
2	lookandfind.me	1redirc.com
2	hypesquadevents-application.com	2 redirects
1	supply.upjers.com	myfreefarm2.upjers.com
1	myfreefarm2.upjers.com	lookandfind.me
1	t.adcell.com	1 redirects
1	clever-redirect.com	1 redirects
39	12

This site contains links to these domains. Also see Links.

Domain
de.upjers.com
dinosaurparkprimevalzoo.upjers.com
zoo2animalpark.upjers.com
horsefarm.upjers.com
mylittlefarmies.upjers.com
www.myfreezoo.de
uptasia.upjers.com
stonies-game.upjers.com
darkgnome.upjers.com
mysunnyresort.upjers.com
wauies.upjers.com
www.myfreefarm.de
www.myfantasticpark.de
www.garbagegarage.de
11legends.upjers.com
undermaster.upjers.com
www.kapihospital.de
www.wurzelimperium.de
www.secret-relict.de
www.kapifarm.de
www.kapi-regnum.de
www.kapiland.de
gamemff2.upjers.com
support.upjers.com
forums.upjers.com

Subject Issuer	Validity	Valid
lookandfind.me R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
*.upjers.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-21` - `2022-11-14`	a year	crt.sh
*.wavecdn.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-28` - `2022-11-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Frame ID: B5AD82E45C404EEE4966678C4F57B9F7
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Free Farm 2 – Erlebe das Farm-Spiel auf deinem PC!

Page URL History Show full URLs

http://hypesquadevents-application.com/ HTTP 302
https://hypesquadevents-application.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D11555... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1155513205&sid=20220228052350feb8584d19d97fd745 HTTP 302
https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=... Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FencodingId%3D9dbfe6bdc0c44c9c... Page URL
https://t.adcell.com/p/click?encodingId=9dbfe6bdc0c44c9c5ab5ce137c582d64&subId=1ff7778dd75c969ca4... HTTP 302
https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7 Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

90 %
HTTPS

9 %
IPv6

7
Domains

12
Subdomains

8
IPs

3
Countries

1436 kB
Transfer

1802 kB
Size

7
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://de.upjers.com/

Search URL Search Domain Scan URL

URL: https://dinosaurparkprimevalzoo.upjers.com/de/?ref=aadcmfdel
Title: Dinosaur Park - Primeval ZooNeu!

Search URL Search Domain Scan URL

URL: https://zoo2animalpark.upjers.com/de/?ref=aadcmfdel
Title: Zoo 2: Animal ParkNeu!

Search URL Search Domain Scan URL

URL: https://horsefarm.upjers.com/de/?ref=aadcmfdel
Title: Horse FarmNeu!

Search URL Search Domain Scan URL

URL: https://mylittlefarmies.upjers.com/de/?ref=aadcmfdel
Title: My Little Farmies Top!

Search URL Search Domain Scan URL

URL: https://www.myfreezoo.de/?ref=aadcmfdel
Title: My Free Zoo Top!

Search URL Search Domain Scan URL

URL: https://uptasia.upjers.com/de/?ref=aadcmfdel
Title: Uptasia Top!

Search URL Search Domain Scan URL

URL: https://stonies-game.upjers.com/de/?ref=aadcmfdel
Title: Stonies

Search URL Search Domain Scan URL

URL: https://darkgnome.upjers.com/de/?ref=aadcmfdel
Title: Dark Gnome

Search URL Search Domain Scan URL

URL: https://mysunnyresort.upjers.com/de/?ref=aadcmfdel
Title: My Sunny Resort

Search URL Search Domain Scan URL

URL: https://wauies.upjers.com/de/?ref=aadcmfdel
Title: Wauies

Search URL Search Domain Scan URL

URL: https://www.myfreefarm.de/?ref=aadcmfdel
Title: My Free Farm

Search URL Search Domain Scan URL

URL: http://www.myfantasticpark.de/?ref=aadcmfdel
Title: My Fantastic Park

Search URL Search Domain Scan URL

URL: http://www.garbagegarage.de/?ref=aadcmfdel
Title: GarbageGarage

Search URL Search Domain Scan URL

URL: https://11legends.upjers.com/de/?ref=aadcmfdel
Title: 11Legends

Search URL Search Domain Scan URL

URL: https://undermaster.upjers.com/de/?ref=aadcmfdel
Title: UnderMaster

Search URL Search Domain Scan URL

URL: http://www.kapihospital.de/?ref=aadcmfdel
Title: Kapi Hospital

Search URL Search Domain Scan URL

URL: https://www.wurzelimperium.de/?ref=aadcmfdel
Title: Wurzelimperium

Search URL Search Domain Scan URL

URL: http://www.secret-relict.de/?ref=aadcmfdel
Title: Secret Relict

Search URL Search Domain Scan URL

URL: http://www.kapifarm.de/?ref=aadcmfdel
Title: Kapifarm

Search URL Search Domain Scan URL

URL: http://www.kapi-regnum.de/?ref=aadcmfdel
Title: Kapi Regnum

Search URL Search Domain Scan URL

URL: http://www.kapiland.de/?ref=aadcmfdel
Title: Kapiland

Search URL Search Domain Scan URL

URL: https://de.upjers.com/?ref=aadcmfdel
Title: Community

Search URL Search Domain Scan URL

URL: https://de.upjers.com/terms
Title: AGB

Search URL Search Domain Scan URL

URL: https://de.upjers.com/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://gamemff2.upjers.com/oauth.php
Title: Bereits registriert?

Search URL Search Domain Scan URL

URL: http://support.upjers.com/?lang=de
Title: Support

Search URL Search Domain Scan URL

URL: https://forums.upjers.com/de/viewforum.php?f=311
Title: Forum

Search URL Search Domain Scan URL

URL: https://de.upjers.com/imprint
Title: Impressum

Search URL Search Domain Scan URL

URL: https://de.upjers.com/premiuminfo
Title: Spielinfo

Search URL Search Domain Scan URL

URL: https://de.upjers.com/passwordresend
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://de.upjers.com/pwmanagerinfo
Title: Klicke hier

Search URL Search Domain Scan URL

URL: https://de.upjers.com/privacy#15
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hypesquadevents-application.com/ HTTP 302
https://hypesquadevents-application.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1155513205%26sid%3D20220228052350feb8584d19d97fd745&s=j&enc=NUxUek9uOGVjaW0zL1lvRDYxUzVXSDQ5Zmxkd2NXSjVSRFE0Y1d0UFNFc3dlV2xwUXpaaVdrdFdaSGMzTUU5elIxRlVUVnBwT1VOdVdrcEpkekYyT1RkTmF6WTNMM0JPYzNFclZHVndVV0lyTDJsdlozcE1UMjVtWVZReWFEUnNiamhTU20xSmFFOUdTVkY0Y1cxNmRHMXdaVWcxUkRacFdUWjFNV1VyVXpVMFF6STNTVTgwTlhsRFpVbGxZVTl5TDJoc1JYTnlLMEZ2ZGpKR2VUQXhjVTFGTTNCUlQya3lNMjFZV1RWSmFXUTFWMUJUUjNJeVkzZFRiMk14UWpoT2VYcE1VV2RMT1hkNWVVbFZjWEUzTkdsb2NtdHJPVTgwWjBjMmVGQnpWbXBZU1hGUlVYRnBRa1I0TVdWSFlVVTJlbmc1TUZSVWVHczJXSEEzVDNSWFIwNXlRblE1TjFRcldVZ3JZM2x4VFZsc1VXRXlUVE5hU0VWR1RXbFBkVEI0T1RsSVJEQjJRekpxUVZkUWEybDFSMFE0ZDFkcU1tcHVkekZvUVhoTlpYVk5kbE5wVFN0aWMwRlljVTFYTjNJNFEwSjZVVXRXU0VaQmEyMVVabXRMZG5jM1ZHNUxTMkp2ZG1GWGNsWk1VVU40WXpaVk9XMVFjWEUzV1VOWVQwVmFaa2dyZFdsVGVXWmpZVE41TldWak9WUjRkMEZEWmxSd2JIQnVRbTVxY25Zd1YxUmhPWHB5YlhWRVNDdFVhbGxKTm5veFMzQkdaM0k1WWxOQ05IUlViSE5ZYW1SWVRGbElNMVZqYlZOQ1EzcENjamRyUVdFMFJuZ3JWRXQwTW1KSlZIVkdjMkpNU0hvNFJpOXZhMlpFUjNCVWRUSkdkbTB2UjJaNVVIbG5Memh6VVdkVlVEa3ZNM0ppV0U5RFZXMDJjMlJ2T0hwVGFHY3ZVWHAwYkRVMVJXNXRZblp5Y2xnNGIzSkxjRWt4ZVVsNGRrNHhZa0pMVkVkSVMwcFpXbTk0ZFdveU0zaEVWbmx0UlROTk5YUXZlRFpwWm1Zd05rVjBVakYxY0dJMlFsQmlhMlp3Vm05Wk1sbDNXa1ZTYVc5cFVuUnpXRXBOYzFZclVuQkpka2gzTkRKWWQydEhaRE5VVFZZM1FuVnRWRU5aTkVVMFdYZFViWFZ2ZUZoUVlWSnFVVEpXVEZBeEsyVlNVekpaU1hreVVtMDFOVUZ4S3l0RVkwZEJOWE5rY2pCWmVVNWhRMEpqUW1OU01DdGFaSGc1Y0VOdk5teFNkV2hwZFRkS1dpOU9kVmgxYWpsck0xTkJkbFZOUVRReWVrMXBPVFZLVkhKdlFpdHhWbTVwV0ZSemFXNW5Zamx0TUVRelZrdEhObUpCTkdSdlFtbG1TV1JDUjJWWGRqa3hVMVZTUzBNNWJGVk9SbWh2YzJvMGNqTXZSVlIwZUhJcldrTjVjWEpEVlhCdFYxaDBORVprUzFabFUzVllUbEZLTUZkMk4yTkljQ3Q1UzJ3dlJIWnBiR1ZGV0ZaRFVITjRjR1ZuT0RWRE1VNXRSRmRRTlVKU1NWZFVPVFJVZDBoRWExUTNkM1JrSzJZNUwxaGpUMHBFZEUxa04xRmg%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1155513205&sid=20220228052350feb8584d19d97fd745 HTTP 302
https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=721614&s2=&s3=1155513205&s5=wc Page URL
https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FencodingId%3D9dbfe6bdc0c44c9c5ab5ce137c582d64%26subId%3D1ff7778dd75c969ca456006df457dda7&h=d2602891148034f79cc54424ec8364e0 Page URL
https://t.adcell.com/p/click?encodingId=9dbfe6bdc0c44c9c5ab5ce137c582d64&subId=1ff7778dd75c969ca456006df457dda7 HTTP 302
https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hypesquadevents-application.com/ HTTP 302
https://hypesquadevents-application.com/ HTTP 302
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1155513205%26sid%3D20220228052350feb8584d19d97fd745&s=j&enc=NUxUek9uOGVjaW0zL1lvRDYxUzVXSDQ5Zmxkd2NXSjVSRFE0Y1d0UFNFc3dlV2xwUXpaaVdrdFdaSGMzTUU5elIxRlVUVnBwT1VOdVdrcEpkekYyT1RkTmF6WTNMM0JPYzNFclZHVndVV0lyTDJsdlozcE1UMjVtWVZReWFEUnNiamhTU20xSmFFOUdTVkY0Y1cxNmRHMXdaVWcxUkRacFdUWjFNV1VyVXpVMFF6STNTVTgwTlhsRFpVbGxZVTl5TDJoc1JYTnlLMEZ2ZGpKR2VUQXhjVTFGTTNCUlQya3lNMjFZV1RWSmFXUTFWMUJUUjNJeVkzZFRiMk14UWpoT2VYcE1VV2RMT1hkNWVVbFZjWEUzTkdsb2NtdHJPVTgwWjBjMmVGQnpWbXBZU1hGUlVYRnBRa1I0TVdWSFlVVTJlbmc1TUZSVWVHczJXSEEzVDNSWFIwNXlRblE1TjFRcldVZ3JZM2x4VFZsc1VXRXlUVE5hU0VWR1RXbFBkVEI0T1RsSVJEQjJRekpxUVZkUWEybDFSMFE0ZDFkcU1tcHVkekZvUVhoTlpYVk5kbE5wVFN0aWMwRlljVTFYTjNJNFEwSjZVVXRXU0VaQmEyMVVabXRMZG5jM1ZHNUxTMkp2ZG1GWGNsWk1VVU40WXpaVk9XMVFjWEUzV1VOWVQwVmFaa2dyZFdsVGVXWmpZVE41TldWak9WUjRkMEZEWmxSd2JIQnVRbTVxY25Zd1YxUmhPWHB5YlhWRVNDdFVhbGxKTm5veFMzQkdaM0k1WWxOQ05IUlViSE5ZYW1SWVRGbElNMVZqYlZOQ1EzcENjamRyUVdFMFJuZ3JWRXQwTW1KSlZIVkdjMkpNU0hvNFJpOXZhMlpFUjNCVWRUSkdkbTB2UjJaNVVIbG5Memh6VVdkVlVEa3ZNM0ppV0U5RFZXMDJjMlJ2T0hwVGFHY3ZVWHAwYkRVMVJXNXRZblp5Y2xnNGIzSkxjRWt4ZVVsNGRrNHhZa0pMVkVkSVMwcFpXbTk0ZFdveU0zaEVWbmx0UlROTk5YUXZlRFpwWm1Zd05rVjBVakYxY0dJMlFsQmlhMlp3Vm05Wk1sbDNXa1ZTYVc5cFVuUnpXRXBOYzFZclVuQkpka2gzTkRKWWQydEhaRE5VVFZZM1FuVnRWRU5aTkVVMFdYZFViWFZ2ZUZoUVlWSnFVVEpXVEZBeEsyVlNVekpaU1hreVVtMDFOVUZ4S3l0RVkwZEJOWE5rY2pCWmVVNWhRMEpqUW1OU01DdGFaSGc1Y0VOdk5teFNkV2hwZFRkS1dpOU9kVmgxYWpsck0xTkJkbFZOUVRReWVrMXBPVFZLVkhKdlFpdHhWbTVwV0ZSemFXNW5Zamx0TUVRelZrdEhObUpCTkdSdlFtbG1TV1JDUjJWWGRqa3hVMVZTUzBNNWJGVk9SbWh2YzJvMGNqTXZSVlIwZUhJcldrTjVjWEpEVlhCdFYxaDBORVprUzFabFUzVllUbEZLTUZkMk4yTkljQ3Q1UzJ3dlJIWnBiR1ZGV0ZaRFVITjRjR1ZuT0RWRE1VNXRSRmRRTlVKU1NWZFVPVFJVZDBoRWExUTNkM1JrSzJZNUwxaGpUMHBFZEUxa04xRmg%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1155513205&sid=20220228052350feb8584d19d97fd745 HTTP 302
https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=721614&s2=&s3=1155513205&s5=wc

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://hypesquadevents-application.com/
https://hypesquadevents-application.com/
http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqN...

4 KB
3 KB

355ms
179ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 62545468a61ebe3ac8ece7b2a758420d25bc2a6bce8d3c5f938dc04405287cd0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 27 Feb 2022 18:23:51 GMT
Server: Apache/2.4.25 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2346
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 27 Feb 2022 18:23:50 GMT
Server: Apache/2.4.25 (Debian)
Location: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 325ms
163ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.25 (Debian)
ETag: "383-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 336ms
169ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jan 2022 12:05:23 GMT
Server: Apache/2.4.25 (Debian)
ETag: "27ef-5d53926b806c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 350ms
187ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=NUxUek9uOGVjaW0zL1lvRDYxUzVXSDQ5Zmxkd2NXSjVSRFE0Y1d0UFNFc3dlV2xwUXpaaVdrdFdaSGMzTUU5elIxRlVUVnBwT1VOdVdrcEpkekYyT1RkTmF6WTNMM0JPYzNFclZHVndVV0lyTDJsdlozcE1UMjVtWVZReWFEUnNiamhTU20xSmFFOUdTVkY0Y1cxNmRHMXdaVWcxUkRacFdUWjFNV1VyVXpVMFF6STNTVTgwTlhsRFpVbGxZVTl5TDJoc1JYTnlLMEZ2ZGpKR2VUQXhjVTFGTTNCUlQya3lNMjFZV1RWSmFXUTFWMUJUUjNJeVkzZFRiMk14UWpoT2VYcE1VV2RMT1hkNWVVbFZjWEUzTkdsb2NtdHJPVTgwWjBjMmVGQnpWbXBZU1hGUlVYRnBRa1I0TVdWSFlVVTJlbmc1TUZSVWVHczJXSEEzVDNSWFIwNXlRblE1TjFRcldVZ3JZM2x4VFZsc1VXRXlUVE5hU0VWR1RXbFBkVEI0T1RsSVJEQjJRekpxUVZkUWEybDFSMFE0ZDFkcU1tcHVkekZvUVhoTlpYVk5kbE5wVFN0aWMwRlljVTFYTjNJNFEwSjZVVXRXU0VaQmEyMVVabXRMZG5jM1ZHNUxTMkp2ZG1GWGNsWk1VVU40WXpaVk9XMVFjWEUzV1VOWVQwVmFaa2dyZFdsVGVXWmpZVE41TldWak9WUjRkMEZEWmxSd2JIQnVRbTVxY25Zd1YxUmhPWHB5YlhWRVNDdFVhbGxKTm5veFMzQkdaM0k1WWxOQ05IUlViSE5ZYW1SWVRGbElNMVZqYlZOQ1EzcENjamRyUVdFMFJuZ3JWRXQwTW1KSlZIVkdjMkpNU0hvNFJpOXZhMlpFUjNCVWRUSkdkbTB2UjJaNVVIbG5Memh6VVdkVlVEa3ZNM0ppV0U5RFZXMDJjMlJ2T0hwVGFHY3ZVWHAwYkRVMVJXNXRZblp5Y2xnNGIzSkxjRWt4ZVVsNGRrNHhZa0pMVkVkSVMwcFpXbTk0ZFdveU0zaEVWbmx0UlROTk5YUXZlRFpwWm1Zd05rVjBVakYxY0dJMlFsQmlhMlp3Vm05Wk1sbDNXa1ZTYVc5cFVuUnpXRXBOYzFZclVuQkpka2gzTkRKWWQydEhaRE5VVFZZM1FuVnRWRU5aTkVVMFdYZFViWFZ2ZUZoUVlWSnFVVEpXVEZBeEsyVlNVekpaU1hreVVtMDFOVUZ4S3l0RVkwZEJOWE5rY2pCWmVVNWhRMEpqUW1OU01DdGFaSGc1Y0VOdk5teFNkV2hwZFRkS1dpOU9kVmgxYWpsck0xTkJkbFZOUVRReWVrMXBPVFZLVkhKdlFpdHhWbTVwV0ZSemFXNW5Zamx0TUVRelZrdEhObUpCTkdSdlFtbG1TV1JDUjJWWGRqa3hVMVZTUzBNNWJGVk9SbWh2YzJvMGNqTXZSVlIwZUhJcldrTjVjWEpEVlhCdFYxaDBORVprUzFabFUzVllUbEZLTUZkMk4yTkljQ3Q1UzJ3dlJIWnBiR1ZGV0ZaRFVITjRjR1ZuT0RWRE1VNXRSRmRRTlVKU1NWZFVPVFJVZDBoRWExUTNkM1JrSzJZNUwxaGpUMHBFZEUxa04xRmg%3D&rand=0.70467461737341
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.25 (Debian) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yKOOVKJutbbv%2Fw1SDOx5z5HHUiZJCxwK%2FYBT8wVFasT73wnT1BCCEKVv7XWRL7JH6WEl%2B88jMz7hoc%2FWZmGpd3CRHsRiHFR3Ikxl1XwnFzJBPpmMIWPrIZ2ASET3tMKn3Bcy3cMpo2SqNhLjL3a%2Fph1SKmh6ACbWc5NPUW5%2FBy8TlimI15fD0etWdC1bP2oWPjsMBOCqfBZnS%2FR%2BH2Pc6Np36%2BgjrfVAIIM0YGs2xumG2XjqKWA6fi09e8wOmux1Xcd5sD5yJoNscdDeKgTKBTgqWBlEE%2FFkJZ22KioCykRo1UdtI4SuP14%2B%2F0Tc1cvqnPdrNx%2BjR7Yi6RH96Q4yViWz%2BU2hXjbwObuWIjmbQjsxXocfGnlEB9ilboBtkWtSZZAAcjfwKWeGOy%2B8T85OhQbBoiV%2BISBjAbURzBn2%2BCWCz8JHI3GaqDUgboITTmEcD3Xce4mkRjKuXAAERnKM4bO9PHOlAfbJk9LshYe50AOHfyuVU98%2Fq3DwkZJGe0LlTMVcUHOJTKZ%2BWQRTsMaa6fHGnAg61TEyH4Plvb0blaOKeJ0nQ2VwEi10DiQV1oi%2FOKECeXy8ssCz0DZsc7UGJo3qPhH3CgcK9mjkI9lCyN5iG58nvbKDYOaTSBgYCnHj9ArlEK%2F1QTQIii0sUmoeVaePIRkdoc0yC%2BpudWs55T9RJGfNH%2BnXETAM296xw%2F5RQwubLSS8aWSikF2yEmdc6lBrjOk7DLp3euRs5dFKv8WfjZy0Lt2%2BCscpwpiY%2FJIDjNwJ6hr7ydZi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:52 GMT
Server: Apache/2.4.25 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

a Show response
lookandfind.me/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1155513205%26sid%3D20220228052350feb8584d19d97fd745&s=j&enc=NUxUek9uOGVjaW0zL1lvRDYxUzVXSDQ5Zmxkd2NXSjVSRFE...
https://clever-redirect.com/s/r6?s=721614&s3=1155513205&sid=20220228052350feb8584d19d97fd745
https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=721614&s2=&s3=1155513205&s5=wc

380 B
743 B

83ms
35ms

Document
text/html

157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=721614&s2=&s3=1155513205&s5=wc
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: db45feb520fd1f667c331680e53d3bada393c85b991eeecf05806105d0d7808c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 380
content-type: text/html; charset=UTF-8
date: Sun, 27 Feb 2022 18:23:52 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

Redirect headers

referrer-policy: no-referrer
x-powered-by: PHP/7.4.27
location: https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=721614&s2=&s3=1155513205&s5=wc
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 27 Feb 2022 18:23:52 GMT
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27

GET
H2 200 r Show response
lookandfind.me/s/ 316 B
346 B 27ms
27ms Document
text/html 157.90.169.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FencodingId%3D9dbfe6bdc0c44c9c5ab5ce137c582d64%26subId%3D1ff7778dd75c969ca456006df457dda7&h=d2602891148034f79cc54424ec8364e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.169.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.169.90.157.clients.your-server.de
Software: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24 / PHP/7.4.24
Resource Hash: 4f636cab509e0db6c860eb5c4c6e4d2cbc8a31892ae8067e194bf820986e4cec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/a?t=16&f=1&u=41ecaa9ae33de01f1e1a4b6551068474&m=myfreefarm2.upjers.com&s1=721614&s2=&s3=1155513205&s5=wc

Response headers

referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.4.24
content-length: 316
content-type: text/html; charset=UTF-8
date: Sun, 27 Feb 2022 18:23:52 GMT
server: Apache/2.4.49 (codeit) OpenSSL/1.1.1l PHP/7.4.24

GET
H/1.1

200
OK

Primary Request / Show response
myfreefarm2.upjers.com/de/
Redirect Chain

https://t.adcell.com/p/click?encodingId=9dbfe6bdc0c44c9c5ab5ce137c582d64&subId=1ff7778dd75c969ca456006df457dda7
https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7

50 KB
13 KB

228ms
148ms

Document
text/html

31.172.113.125
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL

https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7

Requested by

Host: lookandfind.me
URL: https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FencodingId%3D9dbfe6bdc0c44c9c5ab5ce137c582d64%26subId%3D1ff7778dd75c969ca456006df457dda7&h=d2602891148034f79cc54424ec8364e0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.172.113.125 , Germany, ASN60955 (WAVECON, DE),

Reverse DNS

up-portal-lb.wavecloud.de

Software

Apache /

Resource Hash

5dcd81384cc5ac24cafca86a56c9dfb709c3fb08136560fe4be23dc986e2457b

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://lookandfind.me/s/r?u=https%3A%2F%2Ft.adcell.com%2Fp%2Fclick%3FencodingId%3D9dbfe6bdc0c44c9c5ab5ce137c582d64%26subId%3D1ff7778dd75c969ca456006df457dda7&h=d2602891148034f79cc54424ec8364e0

Response headers

Date: Sun, 27 Feb 2022 18:23:52 GMT
Server: Apache
Strict-Transport-Security: max-age=47336400
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

server: myracloud
date: Sun, 27 Feb 2022 18:23:52 GMT
content-type: text/html
content-length: 0
location: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
strict-transport-security: max-age=15768000
expires: Sun, 27 Feb 2022 18:23:52 GMT
cache-control: max-age=0

GET
H/1.1 200
OK / Show response
up-cookiemon.wavecdn.net/ 54 KB
17 KB 115ms
41ms Script
application/javascript 185.22.221.72
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL: https://up-cookiemon.wavecdn.net/?puregameid=81&lang=de
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.22.221.72 , Germany, ASN60955 (WAVECON, DE),
Reverse DNS: cdn-edge8.wavecloud.de
Software: /
Resource Hash: f2913289bb6b3a03a37b9c1a6edd8f06b79c60c221d9ed707aa4550328a1e0b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Encoding: gzip
Age: 31555
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16660

GET
H/1.1 200
OK jquery_all_min.js Show response
de.upjers.com/js/ 363 KB
108 KB 80ms
27ms Script
application/javascript 31.172.113.125
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL

https://de.upjers.com/js/jquery_all_min.js

Requested by

Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.172.113.125 , Germany, ASN60955 (WAVECON, DE),

Reverse DNS

up-portal-lb.wavecloud.de

Software

Apache /

Resource Hash

8b774b0a5c65e117c914d92b8e6184d64dc7790f2e7236bc55767fd0ebfe54d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Dec 2015 13:07:46 GMT
Server: Apache
ETag: "5ab49-525d5d80ec42d-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=47336400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
de.upjers.com/js/ 39 KB
9 KB 74ms
20ms Script
application/javascript 31.172.113.125
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL

https://de.upjers.com/js/jquery.flexslider-min.js

Requested by

Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.172.113.125 , Germany, ASN60955 (WAVECON, DE),

Reverse DNS

up-portal-lb.wavecloud.de

Software

Apache /

Resource Hash

7c14660fb5de4001d9ab38e259a6faba66b60f11d7ba3c347bb0b4889516cbe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Dec 2013 10:25:48 GMT
Server: Apache
ETag: "9d8d-4edb85a160300-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=47336400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 8979

GET
H/1.1 200
OK rating.css$f090f061
up-portal-assets.wavecdn.net/assets/_css/ 1005 B
793 B 92ms
22ms Stylesheet
text/css 31.7.187.34
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://up-portal-assets.wavecdn.net/assets/_css/rating.css$f090f061

Requested by

Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.7.187.34 Nuremberg, Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

Resource Hash

a794dcc62c6ffc3797ce76b00350a901f749a7259ec3c5f186fb668e251651bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=47336400
Content-Encoding: gzip
Age: 128909
Date: Sun, 27 Feb 2022 18:23:53 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 359
Expires: Mon, 26 Feb 2024 06:35:24 GMT

GET
H/1.1 200
OK up_tb_style_left.css
utb.wavecdn.net/toolbar_all/ 4 KB
4 KB 81ms
19ms Stylesheet
text/css 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: badd964fa9fa19a8dde44857a7d48fc0c62b5699c68195cd5b59a84c8bfe3d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 21 Dec 2021 10:29:45 GMT
Age: 719482
Content-Type: text/css
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4219

GET
H/1.1 200
OK up_klein_new.png
utb.wavecdn.net/toolbar_all/pics/ 5 KB
5 KB 20ms
20ms Image
image/png 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utb.wavecdn.net/toolbar_all/pics/up_klein_new.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 0b30b36dfc16cfaaed836e09e98654527b572ca6a97877b40ae44211b40e2476

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 30 Apr 2013 13:35:05 GMT
Age: 273878
Content-Type: image/png
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4708

GET
H/1.1 200
OK screen_01.png
upportal.wavecdn.net/landing/images/mff2/ 121 KB
121 KB 824ms
159ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/screen_01.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: cfdff46e307c8c267cd3d3398e6b7e7cf8306af44f16968ea75e4f0d899f0ddf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12302672
ETag: "5c3dc29d-1e4b7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124087

GET
H/1.1 200
OK screen_02.png
upportal.wavecdn.net/landing/images/mff2/ 123 KB
124 KB 991ms
320ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/screen_02.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 9bf98e6ea33ba6c9da70e0def3fa988842096e5c35abccff5cec86d658bab58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12302672
ETag: "5c3dc29d-1ede2"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126434

GET
H/1.1 200
OK screen_03.png
upportal.wavecdn.net/landing/images/mff2/ 132 KB
132 KB 946ms
154ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/screen_03.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: a4b51b09756381300bdbeaf8e287c9058224629fea342bfa03338b6b66e396f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:54 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12306952
ETag: "5c3dc29d-2106e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135278

GET
H/1.1 200
OK screen_04.png
upportal.wavecdn.net/landing/images/mff2/ 131 KB
131 KB 993ms
163ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/screen_04.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 059ad9107636f2c32bd3fd7498b7b4b0b45e7e294c7110e07cdb5b693de2b65a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:54 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12306952
ETag: "5c3dc29d-20ab7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133815

GET
H/1.1 200
OK facebook_20x20.png
upportal.wavecdn.net/landing/images/generic/ 574 B
870 B 1105ms
152ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/generic/facebook_20x20.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 81b37806677875f7f56e5173a3ea23da8dd43fe7c525a47d43798b6eb4733ceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:54 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:11 GMT
Age: 12279892
ETag: "5c3dc29f-23e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 574

GET
H/1.1 200
OK amazon_20x20.png
upportal.wavecdn.net/landing/images/generic/ 942 B
1 KB 1255ms
153ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/generic/amazon_20x20.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 1ca7b65653b5e9608e258cf8ba6aa8f88ac279c44dec57756ad9ece3a974b8f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:54 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:11 GMT
Age: 12224089
ETag: "5c3dc29f-3ae"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 942

GET
H/1.1 200
OK placeholder.js Show response
de.upjers.com/js/ 4 KB
2 KB 67ms
19ms Script
application/javascript 31.172.113.125
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL

https://de.upjers.com/js/placeholder.js

Requested by

Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

31.172.113.125 , Germany, ASN60955 (WAVECON, DE),

Reverse DNS

up-portal-lb.wavecloud.de

Software

Apache /

Resource Hash

babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2014 11:15:17 GMT
Server: Apache
ETag: "10aa-4f0006c733b40-gzip"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=47336400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 1633

GET
H/1.1 200
OK tool_bg_new.jpg
utb.wavecdn.net/toolbar_all/pics/ 1 KB
1 KB 18ms
18ms Image
image/jpeg 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utb.wavecdn.net/toolbar_all/pics/tool_bg_new.jpg
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 834e60ebe374bf139354be99e9f1e5b2d7a790d0840205d52c3380452d0ae0ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 30 Apr 2013 13:33:16 GMT
Age: 273878
Content-Type: image/jpeg
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1281

GET
H/1.1 200
OK fade_links.png
utb.wavecdn.net/toolbar_all/pics/ 4 KB
4 KB 58ms
24ms Image
image/png 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utb.wavecdn.net/toolbar_all/pics/fade_links.png
Requested by: Host: utb.wavecdn.net
URL: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 2d43e518725b906be561742b2b1e09fa15401962d339cacfe3345da7f5885390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 30 Apr 2013 15:26:26 GMT
Age: 273867
Content-Type: image/png
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3946

GET
H/1.1 200
OK fade_rechts.png
utb.wavecdn.net/toolbar_all/pics/ 4 KB
4 KB 57ms
20ms Image
image/png 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utb.wavecdn.net/toolbar_all/pics/fade_rechts.png
Requested by: Host: utb.wavecdn.net
URL: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 1b61f6e2f8c5c49e849842ad10119841be563daac83db9fd5567e0bb510c3733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 30 Apr 2013 15:26:28 GMT
Age: 273861
Content-Type: image/png
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4020

GET
H/1.1 200
OK favis_soznet59.png
utb.wavecdn.net/toolbar_all/pics/ 43 KB
43 KB 69ms
40ms Image
image/png 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utb.wavecdn.net/toolbar_all/pics/favis_soznet59.png
Requested by: Host: utb.wavecdn.net
URL: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 6ba8a831e28ffd2bc3822a274780c54f8bab705e7508942472d712821d1144ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 21 Dec 2021 09:58:16 GMT
Age: 720950
Content-Type: image/png
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44160

GET
H/1.1 200
OK fahnen_arrow5.png
utb.wavecdn.net/toolbar_all/pics/ 15 KB
15 KB 50ms
35ms Image
image/png 37.61.208.98
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://utb.wavecdn.net/toolbar_all/pics/fahnen_arrow5.png
Requested by: Host: utb.wavecdn.net
URL: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.61.208.98 Frankfurt am Main, Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: /
Resource Hash: 475389a1260426fc998efcae1ff501711cc0fc31fb0f3bf26e120f85c96bc1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utb.wavecdn.net/toolbar_all/up_tb_style_left.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Wed, 24 Jul 2013 12:19:42 GMT
Age: 273878
Content-Type: image/png
Cache-control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14857

GET
H/1.1 200
OK view_tracking.php Show response
supply.upjers.com/view/ 1 KB
2 KB 101ms
23ms Script
text/javascript 31.172.114.128
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL: https://supply.upjers.com/view/view_tracking.php?code=109&ref=aadcmfdel&land=DE&params=&sense=982049028
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 31.172.114.128 , Germany, ASN60955 (WAVECON, DE),
Reverse DNS: up-ad-srv1-lb.wavecloud.de
Software: lighttpd/1.4.45 /
Resource Hash: b1d365a32636f0e71a03f444906e3de1a1261455de010152fe3487af9073e24d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Feb 2022 18:23:53 GMT
Server: lighttpd/1.4.45
P3P: CP="CAO PSA OUR"
Cache-Control: private, max-age=0, no-cache
Content-type: text/javascript;charset=UTF-8
Content-Length: 1361
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK MFF2_Startseite_BG.jpg
upportal.wavecdn.net/landing/images/mff2/ 484 KB
484 KB 619ms
309ms Image
image/jpeg 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/MFF2_Startseite_BG.jpg
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: efb350430f19cf22b1042576713d9c26d914eec518b9a17d1f95ec758495f759

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12307272
ETag: "5c3dc29d-7909e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 495774

GET
H/1.1 200
OK txtElement-startseite.png
upportal.wavecdn.net/landing/images/mff2/ 51 KB
51 KB 610ms
305ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/txtElement-startseite.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 182aaeee2c5b41aaed62d6a7d995b759e186b1e132930e3442c3279b0f0481bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12306984
ETag: "5c3dc29d-ca95"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51861

GET
H/1.1 200
OK RegistrationElement-landingpage_3.png
upportal.wavecdn.net/landing/images/mff2/ 86 KB
86 KB 636ms
319ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/RegistrationElement-landingpage_3.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: e192a4b6c4f412413f4fcf7c1955ed274aacc5e8ed0fe3b7d693f318150522ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12307272
ETag: "5c3dc29d-15610"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87568

GET
H/1.1 200
OK InputField.png
upportal.wavecdn.net/landing/images/mff2/ 2 KB
2 KB 463ms
153ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/InputField.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 7e263fd7398311f217ac7fb62d5a3d2efd4e98191a950acdc3195016a4469b6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12307272
ETag: "5c3dc29d-8ba"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2234

GET
H/1.1 200
OK CheckBox.png
upportal.wavecdn.net/landing/images/mff2/ 2 KB
2 KB 481ms
158ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/CheckBox.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 12a99e9ab2a3ce0409433e30774e771070604ec0763288d21cf92dc03330837c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12307272
ETag: "5c3dc29d-691"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1681

GET
H/1.1 200
OK icon_CheckBoxConfirm.png
upportal.wavecdn.net/landing/images/mff2/ 3 KB
3 KB 616ms
153ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/icon_CheckBoxConfirm.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: a6889edfa737d9d2c515c6180d60aa0e23df7cfcb465ad2afa7838b747051c7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12307273
ETag: "5c3dc29d-c33"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3123

GET
H/1.1 200
OK btn_DE.png
upportal.wavecdn.net/landing/images/mff2/btn/ 25 KB
25 KB 634ms
316ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/btn/btn_DE.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 019534df0beb54b08e17a98ed1d9c06f472c29c890eaa41998c1641b5d473093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12285163
ETag: "5c3dc29d-64d0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25808

GET
H/1.1 200
OK bar_login.png
upportal.wavecdn.net/landing/images/uptasia/de/ 22 KB
22 KB 922ms
305ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/uptasia/de/bar_login.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: df44d0e1663263a00868d465a05b09e77773d90e0a3f780f9bc732409781d43b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:10 GMT
Age: 12308123
ETag: "5c3dc29e-578e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22414

GET
H/1.1 200
OK Login.png
upportal.wavecdn.net/landing/images/generic/ 4 KB
4 KB 640ms
158ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/generic/Login.png
Requested by: Host: myfreefarm2.upjers.com
URL: https://myfreefarm2.upjers.com/de/?ref=aadcmfdel&bid=164725-96812-1ff7778dd75c969ca456006df457dda7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: 73bf3c39f5194c816cc4e80a45559702a9ba2733c5a83bfe3a8fbf20173f1f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:11 GMT
Age: 12308787
ETag: "5c3dc29f-eb2"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3762

GET
H/1.1 200
OK stars_empty.png$1401cbcf
up-portal-assets.wavecdn.net/assets/img/voting/ 1 KB
1 KB 20ms
20ms Image
image/png 31.7.187.34
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://up-portal-assets.wavecdn.net/assets/img/voting/stars_empty.png$1401cbcf

Requested by

Host: up-portal-assets.wavecdn.net
URL: https://up-portal-assets.wavecdn.net/assets/_css/rating.css$f090f061

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.7.187.34 Nuremberg, Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

Resource Hash

982768cfe9b39fce222e3a95d1b316be37e743e966a9d313e77666628ce37a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://up-portal-assets.wavecdn.net/assets/_css/rating.css$f090f061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=47336400
Age: 128848
Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 1035
Expires: Mon, 26 Feb 2024 06:36:25 GMT

GET
H/1.1 200
OK stars_full.png$1401cbcf
up-portal-assets.wavecdn.net/assets/img/voting/ 776 B
1 KB 42ms
21ms Image
image/png 31.7.187.34
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://up-portal-assets.wavecdn.net/assets/img/voting/stars_full.png$1401cbcf

Requested by

Host: up-portal-assets.wavecdn.net
URL: https://up-portal-assets.wavecdn.net/assets/_css/rating.css$f090f061

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.7.187.34 Nuremberg, Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

Resource Hash

0ddfc56a64058cc7e68c58df62e6eae6873b449593a51352227510cde3ad3567

Security Headers

Name	Value
Strict-Transport-Security	max-age=47336400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://up-portal-assets.wavecdn.net/assets/_css/rating.css$f090f061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=47336400
Age: 128848
Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Type: image/png; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 776
Expires: Mon, 26 Feb 2024 06:36:25 GMT

GET
H/1.1 200
OK cookiemon.css
up-cookiemon.wavecdn.net/ 5 KB
2 KB 21ms
21ms Stylesheet
text/css 185.22.221.72
WAVECON

General

Check archive.org

Show headers Download Go to

Full URL: https://up-cookiemon.wavecdn.net/cookiemon.css
Requested by: Host: up-cookiemon.wavecdn.net
URL: https://up-cookiemon.wavecdn.net/?puregameid=81&lang=de
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.22.221.72 , Germany, ASN60955 (WAVECON, DE),
Reverse DNS: cdn-edge8.wavecloud.de
Software: /
Resource Hash: c23d03fadd4dd968f33417f50ae50d92520d7e5639f6a461bf08fbc7812f027e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Nov 2021 15:29:04 GMT
Age: 33566
ETag: "2500303350"
Vary: Accept-Encoding
Content-Type: text/css
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1448

GET
H/1.1 200
OK btn_arrow.png
upportal.wavecdn.net/landing/images/mff2/ 4 KB
4 KB 164ms
164ms Image
image/png 173.201.20.194
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://upportal.wavecdn.net/landing/images/mff2/btn_arrow.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.201.20.194 Phoenix, United States, ASN398789 (GO-DADDY-COM-LLC, US),
Reverse DNS: ip-173-201-20-194.ip.secureserver.net
Software: /
Resource Hash: ca12e1f1a397d5842cc10d4d7eb86a296147c834bae490d508651857adc8d5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://myfreefarm2.upjers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 27 Feb 2022 18:23:54 GMT
Last-Modified: Tue, 15 Jan 2019 11:23:09 GMT
Age: 12302661
ETag: "5c3dc29d-f77"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3959

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hypesquadevents-application.com/	1970-01-23 16:49:06	Name: __tad Value: 1645986229.3062163
.1redirc.com/	1970-01-20 09:58:42	Name: __dsnsid Value: 20220228052350feb8584d19d97fd745
clever-redirect.com/	1970-01-20 01:14:32	Name: a587c0d5adcb7c6efca4707a8553b051 Value: e89b437567440b0c2d11045972909f5c3f658797a4b7ed29f4fb8155737fa16ca%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22a587c0d5adcb7c6efca4707a8553b051%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
lookandfind.me/	1970-01-20 01:14:32	Name: 87cdde8107aa8e93110d42cfef325a12 Value: 6d7dbba12b37659e3856bc457670c9b2eb5ea620cba9c84dc06b4ba8aefa2b8aa%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2287cdde8107aa8e93110d42cfef325a12%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
t.adcell.com/	1970-01-20 03:22:42	Name: ADCELLpid6148 Value: 164725-96812-1ff7778dd75c969ca456006df457dda7%23%23%23%23https%3A%2F%2Flookandfind.me%2F%40%40%40%401645986232
.upjers.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: pfuoop7u6sc2a30q4nf15hbirc
.upjers.com/	1970-01-20 01:56:18	Name: ref Value: aadcmfdel

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
clever-redirect.com
de.upjers.com
hypesquadevents-application.com
lookandfind.me
myfreefarm2.upjers.com
supply.upjers.com
t.adcell.com
up-cookiemon.wavecdn.net
up-portal-assets.wavecdn.net
upportal.wavecdn.net
utb.wavecdn.net
103.224.182.206
103.224.182.242
157.90.169.168
173.201.20.194
185.22.221.72
2a02:cb40:200::242
31.172.113.125
31.172.114.128
31.7.187.34
37.61.208.98
78.46.197.88
019534df0beb54b08e17a98ed1d9c06f472c29c890eaa41998c1641b5d473093
059ad9107636f2c32bd3fd7498b7b4b0b45e7e294c7110e07cdb5b693de2b65a
0b30b36dfc16cfaaed836e09e98654527b572ca6a97877b40ae44211b40e2476
0ddfc56a64058cc7e68c58df62e6eae6873b449593a51352227510cde3ad3567
12a99e9ab2a3ce0409433e30774e771070604ec0763288d21cf92dc03330837c
182aaeee2c5b41aaed62d6a7d995b759e186b1e132930e3442c3279b0f0481bc
1b61f6e2f8c5c49e849842ad10119841be563daac83db9fd5567e0bb510c3733
1ca7b65653b5e9608e258cf8ba6aa8f88ac279c44dec57756ad9ece3a974b8f5
2d43e518725b906be561742b2b1e09fa15401962d339cacfe3345da7f5885390
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
475389a1260426fc998efcae1ff501711cc0fc31fb0f3bf26e120f85c96bc1df
4f636cab509e0db6c860eb5c4c6e4d2cbc8a31892ae8067e194bf820986e4cec
5dcd81384cc5ac24cafca86a56c9dfb709c3fb08136560fe4be23dc986e2457b
62545468a61ebe3ac8ece7b2a758420d25bc2a6bce8d3c5f938dc04405287cd0
6ba8a831e28ffd2bc3822a274780c54f8bab705e7508942472d712821d1144ab
73bf3c39f5194c816cc4e80a45559702a9ba2733c5a83bfe3a8fbf20173f1f85
7c14660fb5de4001d9ab38e259a6faba66b60f11d7ba3c347bb0b4889516cbe0
7e263fd7398311f217ac7fb62d5a3d2efd4e98191a950acdc3195016a4469b6e
81b37806677875f7f56e5173a3ea23da8dd43fe7c525a47d43798b6eb4733ceb
834e60ebe374bf139354be99e9f1e5b2d7a790d0840205d52c3380452d0ae0ac
8b774b0a5c65e117c914d92b8e6184d64dc7790f2e7236bc55767fd0ebfe54d7
982768cfe9b39fce222e3a95d1b316be37e743e966a9d313e77666628ce37a86
9bf98e6ea33ba6c9da70e0def3fa988842096e5c35abccff5cec86d658bab58b
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a4b51b09756381300bdbeaf8e287c9058224629fea342bfa03338b6b66e396f5
a6889edfa737d9d2c515c6180d60aa0e23df7cfcb465ad2afa7838b747051c7a
a794dcc62c6ffc3797ce76b00350a901f749a7259ec3c5f186fb668e251651bd
b1d365a32636f0e71a03f444906e3de1a1261455de010152fe3487af9073e24d
babf6fd29c079790cc4d522f66f21af7c099e981080ddf11b5344b12b904e8a5
badd964fa9fa19a8dde44857a7d48fc0c62b5699c68195cd5b59a84c8bfe3d04
c23d03fadd4dd968f33417f50ae50d92520d7e5639f6a461bf08fbc7812f027e
ca12e1f1a397d5842cc10d4d7eb86a296147c834bae490d508651857adc8d5a6
cfdff46e307c8c267cd3d3398e6b7e7cf8306af44f16968ea75e4f0d899f0ddf
db45feb520fd1f667c331680e53d3bada393c85b991eeecf05806105d0d7808c
df44d0e1663263a00868d465a05b09e77773d90e0a3f780f9bc732409781d43b
e192a4b6c4f412413f4fcf7c1955ed274aacc5e8ed0fe3b7d693f318150522ff
efb350430f19cf22b1042576713d9c26d914eec518b9a17d1f95ec758495f759
f2913289bb6b3a03a37b9c1a6edd8f06b79c60c221d9ed707aa4550328a1e0b7

myfreefarm2.upjers.com Open in urlscan Pro 31.172.113.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

90 %HTTPS

9 %IPv6

7 Domains

12 Subdomains

8 IPs

3 Countries

1436 kBTransfer

1802 kBSize

7 Cookies

33 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

myfreefarm2.upjers.com Open in urlscan Pro
31.172.113.125 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

90 %
HTTPS

9 %
IPv6

7
Domains

12
Subdomains

8
IPs

3
Countries

1436 kB
Transfer

1802 kB
Size

7
Cookies

39 HTTP transactions
0 data transactions