empirelayer.club - urlscan.io

Summary

This website contacted 5 IPs in 3 countries across 10 domains to perform 6 HTTP transactions. The main IP is 13.227.254.129, located in United States and belongs to AMAZON-02, US. The main domain is empirelayer.club.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 2nd 2023. Valid for: a year.

This is the only time empirelayer.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	172.104.190.11 172.104.190.11	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 2	51.68.82.147 51.68.82.147	16276 (OVH) (OVH)
1 1	172.67.154.189 172.67.154.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.60.9.235 65.60.9.235	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	3.1.35.111 3.1.35.111	16509 (AMAZON-02) (AMAZON-02)
1 2	52.84.251.124 52.84.251.124	16509 (AMAZON-02) (AMAZON-02)
2	13.227.254.129 13.227.254.129	16509 (AMAZON-02) (AMAZON-02)
6	5

3 172.104.190.11 (Singapore, Singapore) 3 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-190-11.ip.linodeusercontent.com

1707597314619.caulaai2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1707726468483.xutinolmita.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1707726468659.mauicksand.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.82.147 (France) 1 redirects

ASN16276 (OVH, FR)

www.luxucanistanro.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.154.189 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.smaworldforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.60.9.235 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

zuk.blobthemagic.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.35.111 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-35-111.ap-southeast-1.compute.amazonaws.com

appnowsite.appnow.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.251.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-124.sin5.r.cloudfront.net

sweetiemeet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-129.sin52.r.cloudfront.net

empirelayer.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	empirelayer.club empirelayer.club	2 KB
2	sweetiemeet.com 1 redirects sweetiemeet.com	2 KB
2	luxucanistanro.info 1 redirects www.luxucanistanro.info	5 KB
1	appnow.site 1 redirects appnowsite.appnow.site	702 B
1	blobthemagic.pro zuk.blobthemagic.pro	3 KB
1	smaworldforyou.com 1 redirects www.smaworldforyou.com — Cisco Umbrella Rank: 814975	573 B
1	mauicksand.top 1 redirects 1707726468659.mauicksand.top	296 B
1	xutinolmita.club 1 redirects 1707726468483.xutinolmita.club	450 B
1	caulaai2.com 1 redirects 1707597314619.caulaai2.com	452 B
0	off3riz.com Failed da.off3riz.com Failed
6	10

	Domain	Requested by
2	empirelayer.club	zuk.blobthemagic.pro sweetiemeet.com
2	sweetiemeet.com	1 redirects empirelayer.club
2	www.luxucanistanro.info	1 redirects
1	appnowsite.appnow.site	1 redirects
1	zuk.blobthemagic.pro	www.luxucanistanro.info
1	www.smaworldforyou.com	1 redirects
1	1707726468659.mauicksand.top	1 redirects
1	1707726468483.xutinolmita.club	1 redirects
1	1707597314619.caulaai2.com	1 redirects
0	da.off3riz.com Failed	sweetiemeet.com
6	10

This site contains no links.

Subject Issuer	Validity	Valid
www.luxucanistanro.info R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
zuk.blobthemagic.pro R3	`2024-02-07` - `2024-05-07`	3 months	crt.sh
empirelayer.club Amazon RSA 2048 M03	`2023-11-02` - `2024-11-30`	a year	crt.sh
sweetiemeet.com Amazon RSA 2048 M02	`2023-11-02` - `2024-11-30`	a year	crt.sh

This page contains 1 frames:

Frame: https://da.off3riz.com/aff_c?tds_cid=a084b27e079d8fe60fb60e2e26031f5bfa3809e1&aff_sub2=a084b27e079d8fe60fb60e2e26031f5bfa3809e1&aff_id=1063&source=sml_497f5345_&offer_id=1543
Frame ID: E1D81BB11EF6F52D07B82D14BC6CFE0D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://1707597314619.caulaai2.com/ HTTP 302
http://1707726468483.xutinolmita.club/9c83cfed-bd67-42e3-bd6b-5f4b0bb6795f?n=1&t=1707726468483&l_next=aHR0cHM6Ly93... HTTP 302
http://1707726468659.mauicksand.top/105ed8a8-3a68-47f8-bc23-d2b39a3c9a10?n=2&t=1707726468483&l_next=aHR0cHM6Ly93... HTTP 302
https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag= Page URL
https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag=&eyeg=296fe1ba3a1041d983dd12... HTTP 302
https://www.smaworldforyou.com/click?offer_id=19851&pub_id=207471&pub_sub_sub_id=2&unique1=5744447-fc1bc&ap... HTTP 302
https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=A... Page URL
https://appnowsite.appnow.site/9a3ec918-f0c4-4492-960c-19701300db12?partner_id=615&click_cost=0&subid=M7334... HTTP 302
https://sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_sourc... HTTP 302
https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3... Page URL

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

5
IPs

3
Countries

11 kB
Transfer

16 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1707597314619.caulaai2.com/ HTTP 302
http://1707726468483.xutinolmita.club/9c83cfed-bd67-42e3-bd6b-5f4b0bb6795f?n=1&t=1707726468483&l_next=aHR0cHM6Ly93d3cubHV4dWNhbmlzdGFucm8uaW5mby8/c2w9NTc0NDQ0Ny1mYzFiYyZkYXRhMT1UcmFjazEmZGF0YTI9VHJhY2syJnRhZz0=&type_v=global&key_v=error HTTP 302
http://1707726468659.mauicksand.top/105ed8a8-3a68-47f8-bc23-d2b39a3c9a10?n=2&t=1707726468483&l_next=aHR0cHM6Ly93d3cubHV4dWNhbmlzdGFucm8uaW5mby8/c2w9NTc0NDQ0Ny1mYzFiYyZkYXRhMT1UcmFjazEmZGF0YTI9VHJhY2syJnRhZz0=&type_v=global&key_v=error HTTP 302
https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag= Page URL
https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag=&eyeg=296fe1ba3a1041d983dd12655879e152&eyer=0.17459689034843495&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://www.smaworldforyou.com/click?offer_id=19851&pub_id=207471&pub_sub_sub_id=2&unique1=5744447-fc1bc&app=opt&app_store_id=ncd&unique2=Track1&unique3=Track2 HTTP 302
https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU Page URL
https://appnowsite.appnow.site/9a3ec918-f0c4-4492-960c-19701300db12?partner_id=615&click_cost=0&subid=M7334629352065204227 HTTP 302
https://sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=wbhajkkqotbupg4vikcg0m58&subid2=wbhajkkqotbupg4vikcg0m58 HTTP 302
https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://1707597314619.caulaai2.com/ HTTP 302
http://1707726468483.xutinolmita.club/9c83cfed-bd67-42e3-bd6b-5f4b0bb6795f?n=1&t=1707726468483&l_next=aHR0cHM6Ly93d3cubHV4dWNhbmlzdGFucm8uaW5mby8/c2w9NTc0NDQ0Ny1mYzFiYyZkYXRhMT1UcmFjazEmZGF0YTI9VHJhY2syJnRhZz0=&type_v=global&key_v=error HTTP 302
http://1707726468659.mauicksand.top/105ed8a8-3a68-47f8-bc23-d2b39a3c9a10?n=2&t=1707726468483&l_next=aHR0cHM6Ly93d3cubHV4dWNhbmlzdGFucm8uaW5mby8/c2w9NTc0NDQ0Ny1mYzFiYyZkYXRhMT1UcmFjazEmZGF0YTI9VHJhY2syJnRhZz0=&type_v=global&key_v=error HTTP 302
https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag=

Request Chain 1

https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag=&eyeg=296fe1ba3a1041d983dd12655879e152&eyer=0.17459689034843495&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://www.smaworldforyou.com/click?offer_id=19851&pub_id=207471&pub_sub_sub_id=2&unique1=5744447-fc1bc&app=opt&app_store_id=ncd&unique2=Track1&unique3=Track2 HTTP 302
https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.luxucanistanro.info/ Redirect Chain http://1707597314619.caulaai2.com/ http://1707726468483.xutinolmita.club/9c83cfed-bd67-42e3-bd6b-5f4b0bb6795f?n=1&t=1707726468483&l_next=aHR0cHM6Ly93d3cubHV4dWNhbmlzdGFucm8uaW5mby8/c2w9NTc0NDQ0Ny1mYzFiYyZkYXRhMT1UcmFjazEmZGF0YTI9VHJ... http://1707726468659.mauicksand.top/105ed8a8-3a68-47f8-bc23-d2b39a3c9a10?n=2&t=1707726468483&l_next=aHR0cHM6Ly93d3cubHV4dWNhbmlzdGFucm8uaW5mby8/c2w9NTc0NDQ0Ny1mYzFiYyZkYXRhMT1UcmFjazEmZGF0YTI9VHJhY... https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag=	4 KB 4 KB	773ms 205ms	Document text/html	51.68.82.147 OVH
General Check archive.org Show headers Download Go to Full URL https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.68.82.147 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash `e4a09036071e372712c159289384c938937a33b0ff3ffeaf2b6025f4768d15f5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Accept-CH Sec-CH-UA-Platform-Version Cache-Control no-transform Connection keep-alive Content-Type text/html Date Mon, 12 Feb 2024 08:27:50 GMT Transfer-Encoding chunked Redirect headers Connection keep-alive Content-Length 228 Content-Type text/html; charset=utf-8 Date Mon, 12 Feb 2024 08:27:49 GMT Keep-Alive timeout=5 Location https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag= Vary Accept X-Powered-By Express
GET H2	200	/ Show response zuk.blobthemagic.pro/ Redirect Chain https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag=&eyeg=296fe1ba3a1041d983dd12655879e152&eyer=0.17459689034843495&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= https://www.smaworldforyou.com/click?offer_id=19851&pub_id=207471&pub_sub_sub_id=2&unique1=5744447-fc1bc&app=opt&app_store_id=ncd&unique2=Track1&unique3=Track2 https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU	9 KB 3 KB	1542ms 270ms	Document text/html	65.60.9.235 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU Requested by Host: www.luxucanistanro.info URL: https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.60.9.235 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS server04.com-2.mobi Software nginx / Resource Hash `47ee685eed784aa9b099b097b60988139fc934880ba7630d02d76cf3ca8816ba` Request headers Referer https://www.luxucanistanro.info/?sl=5744447-fc1bc&data1=Track1&data2=Track2&tag= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ch Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Mon, 12 Feb 2024 08:27:53 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx vary Accept-Encoding Redirect headers access-control-allow-methods * access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8543746cfde83f61-SIN content-length 0 date Mon, 12 Feb 2024 08:27:51 GMT location https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqLyGaA%2Fz%2FN%2FJZuybu28Mt5c3U26zn%2Fa6YJNPqRUI5reJZm%2BdJqNUnD2qSXUxtvBOtcaxC2v9qKYi%2BBnM1kyUD0rNy%2BW3Qv7ShMbtQX76%2FJHcShySibIeQHBHQvkgNWRL7boW%2BoVKz3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	Primary Request e05a89deee211e2e5849e34196df7413 Show response empirelayer.club/tds/interlayer/eb/s/ Redirect Chain https://appnowsite.appnow.site/9a3ec918-f0c4-4492-960c-19701300db12?partner_id=615&click_cost=0&subid=M7334629352065204227 https://sweetiemeet.com/tds/ae?tdsId=s0792tok_r&tds_campaign=s0792tok&utm_sub=opnfnl&s1=ps&utm_source=int&affid=497f5345&subid=&clickid=wbhajkkqotbupg4vikcg0m58&subid2=wbhajkkqotbupg4vikcg0m58 https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u=	1 KB 1 KB	768ms 555ms	Document text/html	13.227.254.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u= Requested by Host: zuk.blobthemagic.pro URL: https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-129.sin52.r.cloudfront.net Software nginx / Resource Hash `d647ddb0b17a1191ad1fb9beff3e350c21f6da5962479fef350d326a8f03d3ba` Request headers Referer https://zuk.blobthemagic.pro/?1=207471&utm_medium=87e2867609ab38d1f3f4fc9fa2551e713176fd61&utm_campaign=Adoct23&cid=BDINaW8AAAGNnG4BJQAATYsAAypvAAAAAAAAAAAU#0 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA access-control-allow-origin * alt-svc h3=":443"; ma=86400 content-encoding gzip content-type text/html date Mon, 12 Feb 2024 08:27:56 GMT p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server nginx timing-allow-origin * vary Accept-Encoding via 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront) x-amz-cf-id bawoeSslSQg5qok82VG98S02RNG5Mjxvqqf_QnZdr_WZY0x8etLhzQ== x-amz-cf-pop SIN52-C3 x-cache Miss from cloudfront Redirect headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA access-control-allow-origin * alt-svc h3=":443"; ma=86400 date Mon, 12 Feb 2024 08:27:55 GMT location https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u= p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server nginx timing-allow-origin * via 1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront) x-amz-cf-id c1fA4WnsS2R9cMa2Tg9BR0dyHdbFkkayuPExM7Iv3kawVREDKQAz9g== x-amz-cf-pop SIN5-C1 x-cache Miss from cloudfront
GET H2	200	index.js Show response sweetiemeet.com/lp-external/	2 KB 1 KB	373ms 372ms	Script application/javascript	52.84.251.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sweetiemeet.com/lp-external/index.js Requested by Host: empirelayer.club URL: https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.251.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-251-124.sin5.r.cloudfront.net Software nginx / Resource Hash `73e2c7224792905f76c1de153d5b8f09657e8edcdfd7832470cbca45446360a4` Request headers accept-language zh-SG,zh;q=0.9 Referer https://empirelayer.club/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 08:27:56 GMT content-encoding gzip via 1.1 203715eee1aff29c3cd146fbb151966c.cloudfront.net (CloudFront) x-amz-cf-pop SIN5-C1 x-cache Miss from cloudfront p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" alt-svc h3=":443"; ma=86400 last-modified Wed, 07 Feb 2024 12:34:17 GMT server nginx etag W/"8b7-18d838fd128" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes timing-allow-origin * x-robots-tag noindex x-amz-cf-id DIHOlh1LPffgBJqb6TxQY-F8R_xmSayhJzNLcqJVAYDlmHSrUoFf4A==
POST H2	200	interlayer empirelayer.club/tds/	0 498 B	423ms 422ms	Ping text/plain	13.227.254.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://empirelayer.club/tds/interlayer?handler=ExternalBackofferEvent&urlIn=https%3A%2F%2Fempirelayer.club%2Ftds%2Finterlayer%2Feb%2Fs%2Fe05a89deee211e2e5849e34196df7413%3F__t%3D1707726475763%26__l%3D3600%26__u%3D&urlOut=https%3A%2F%2Fda.off3riz.com%2Faff_c%3Ftds_cid%3Da084b27e079d8fe60fb60e2e26031f5bfa3809e1%26aff_sub2%3Da084b27e079d8fe60fb60e2e26031f5bfa3809e1%26aff_id%3D1063%26source%3Dsml_497f5345_%26offer_id%3D1543&altQs=utm_campaign%3D497f5345%26utm_source%3Dint%26data2%3Dwbhajkkqotbupg4vikcg0m58%26s1%3Dps%26s3%3Dwbhajkkqotbupg4vikcg0m58%26tds_campaign%3Db1727pos%26tds_id%3Db1727pos_lp_a_1655887144620_harem%26tds_oid%3D82b1f8de%26tds_cid%3Da084b27e079d8fe60fb60e2e26031f5bfa3809e1%26tds_ac_id%3Ds0792tok%26tds_host%3Dsweetiemeet.com%26tds_path%3D%252Ftds%252Fae%26dci%3D52d11200314fe9fe1fc2f0e50669504e596e1830%26tds_ps%3Da&tdsCid=a084b27e079d8fe60fb60e2e26031f5bfa3809e1&reason=beacon&visitsCount=1&ts=1707726477074 Requested by Host: sweetiemeet.com URL: https://sweetiemeet.com/lp-external/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-129.sin52.r.cloudfront.net Software nginx / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 08:27:57 GMT via 1.1 4107eb96660e4932c95658bc4727dd6c.cloudfront.net (CloudFront) server nginx accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA x-amz-cf-pop SIN52-C3 x-cache Miss from cloudfront p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * timing-allow-origin * alt-svc h3=":443"; ma=86400 x-amz-cf-id J-_h6JxSBtG5J2JepvokNfJfZ0ZhU2L55pVAFub0CchWfEghte6n-g==
GET		aff_c da.off3riz.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: da.off3riz.com
URL: https://da.off3riz.com/aff_c?tds_cid=a084b27e079d8fe60fb60e2e26031f5bfa3809e1&aff_sub2=a084b27e079d8fe60fb60e2e26031f5bfa3809e1&aff_id=1063&source=sml_497f5345_&offer_id=1543

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appnowsite.appnow.site/	1970-01-20 18:23:32	Name: 9a3ec918-f0c4-4492-960c-19701300db12-v4 Value: yIO39PW6UVLPG26YvuvQj9m_HGTVG4sVmBvCwMwQklU
.appnowsite.appnow.site/	1970-01-21 03:07:42	Name: cc-v4 Value: l%2Bg%2BVo%2FakECYmEZCBI1nVnkxs%2FdLwEDZTQ7qCrsr%2B4WeFsd%2Fzmp62Deo3j1fewuZrSWEWJGpgvEsUpSg5BHnFw0H%2Fg%2BUH7HPm9hjloojNe4sGYeDbNiC5JtcWO%2FFjtrMKqDWo8xbOZNTvQv2nQTpAQ%3D%3D
.sweetiemeet.com/	1970-01-21 03:07:42	Name: dci Value: 52d11200314fe9fe1fc2f0e50669504e596e1830
sweetiemeet.com/	1970-01-20 18:29:18	Name: dm Value: fe450dd0d1dadc615429144d33241f42

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://empirelayer.club/tds/interlayer/eb/s/e05a89deee211e2e5849e34196df7413?__t=1707726475763&__l=3600&__u= Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1707597314619.caulaai2.com
1707726468483.xutinolmita.club
1707726468659.mauicksand.top
appnowsite.appnow.site
da.off3riz.com
empirelayer.club
sweetiemeet.com
www.luxucanistanro.info
www.smaworldforyou.com
zuk.blobthemagic.pro
da.off3riz.com
13.227.254.129
172.104.190.11
172.67.154.189
3.1.35.111
51.68.82.147
52.84.251.124
65.60.9.235
47ee685eed784aa9b099b097b60988139fc934880ba7630d02d76cf3ca8816ba
73e2c7224792905f76c1de153d5b8f09657e8edcdfd7832470cbca45446360a4
d647ddb0b17a1191ad1fb9beff3e350c21f6da5962479fef350d326a8f03d3ba
e4a09036071e372712c159289384c938937a33b0ff3ffeaf2b6025f4768d15f5

empirelayer.club Open in urlscan Pro 13.227.254.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

5 IPs

3 Countries

11 kBTransfer

16 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

empirelayer.club Open in urlscan Pro
13.227.254.129 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

5
IPs

3
Countries

11 kB
Transfer

16 kB
Size

4
Cookies

6 HTTP transactions
0 data transactions