urlscan.io logo urlscan.io
SecurityTrails logo

www.lucks4us.com Open in urlscan Pro
63.32.216.166  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3YMI4um#lVY.asp?fJnlmgccmysYcyvNycdcSWdsc3jJ1cbbdcbbb4F
Effective URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Submission: On March 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 63 HTTP transactions. The main IP is 63.32.216.166, located in and belongs to . The main domain is www.lucks4us.com.
TLS certificate: Issued by R3 on February 7th 2023. Valid for: 3 months.
This is the only time www.lucks4us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
3    2.57.123.73 (Romania)

ASN49468 (MAG-BROSS-AS, RO)
PTR: startedmanoeuvring.com
startedmanoeuvring.com
1    155.94.219.64 (Miami, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 155.94.219.64.static.miami-servers.com
pedantson.com
1    38.102.245.195 (Redondo Beach, United States)

ASN174 (COGENT-174, US)
offer-connect.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net
api.pushnami.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.158.100.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-100-145.compute-1.amazonaws.com
trc.pushnami.com
2    54.209.198.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-198-197.compute-1.amazonaws.com
psp.pushnami.com
4    2606:4700:3032::6815:1cae (None, )

ASN- ()
lynku.jukminung.com
1    2606:4700:3035::ac43:9efb (None, )

ASN- ()
cdn.addlnk.com
2    35.186.250.143 (None, )

ASN- ()
5d6fb6c62a.smapp.work
1    2a00:1450:4001:806::2010 (None, )

ASN- ()
storage.googleapis.com
1    2a00:1450:4001:830::2008 (None, )

ASN- ()
www.googletagmanager.com
6    2a00:1450:4001:831::200e (None, )

ASN- ()
www.google-analytics.com
3    2a06:98c1:3121::3 (None, )

ASN- ()
redirecting3.eu
1    2a00:1450:400c:c00::9c (None, )

ASN- ()
stats.g.doubleclick.net
3    63.32.216.166 (None, )

ASN- ()
www.lucks4us.com
24    23.50.131.21 (None, )

ASN- ()
cdn-dimi.akamaized.net
2    2a00:1450:4001:811::2003 (None, )

ASN- ()
www.gstatic.com
Domain Requested by
24 cdn-dimi.akamaized.net www.lucks4us.com
cdn-dimi.akamaized.net
6 www.google-analytics.com 5d6fb6c62a.smapp.work
www.googletagmanager.com
www.google-analytics.com
redirecting3.eu
4 lynku.jukminung.com offer-connect.com
startedmanoeuvring.com
lynku.jukminung.com
3 www.lucks4us.com redirecting3.eu
cdn-dimi.akamaized.net
www.lucks4us.com
3 redirecting3.eu 5d6fb6c62a.smapp.work
redirecting3.eu
3 startedmanoeuvring.com 2 redirects
2 www.gstatic.com www.lucks4us.com
2 5d6fb6c62a.smapp.work lynku.jukminung.com
5d6fb6c62a.smapp.work
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com offer-connect.com
api.pushnami.com
2 maxcdn.bootstrapcdn.com offer-connect.com
maxcdn.bootstrapcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com storage.googleapis.com
1 storage.googleapis.com 5d6fb6c62a.smapp.work
1 cdn.addlnk.com lynku.jukminung.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com offer-connect.com
1 ajax.googleapis.com offer-connect.com
1 offer-connect.com pedantson.com
1 pedantson.com startedmanoeuvring.com
1 bit.ly 1 redirects
0 view.adjust.com Failed storage.googleapis.com
63 23

This site contains no links.

Subject Issuer Validity Valid
pedantson.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-15 -
2023-04-15		 a year crt.sh
offer-connect.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.pushnami.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.jukminung.com
E1		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.smapp.work
Sectigo RSA Domain Validation Secure Server CA		 2022-12-19 -
2024-01-19		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.redirecting3.eu
E1		 2023-03-04 -
2023-06-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.lucks4us.com
R3		 2023-02-07 -
2023-05-08		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Frame ID: 59A9C80C66F286F64FE16919AA656318
Requests: 54 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0C0BAE9CFF3653A01772895F96F345C7
Requests: 1 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678593600
Frame ID: DEA6B2F5C5D3187A2F84F5A6D1EAF204
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIkRFIiwgImNsaWNrX2lkIjogIjMwMDRlYTI5LThkZTAtNGJmZC1hYjRmLThjMzllNDUxZThkNjoyYWQzZjVkOGE4MDhkYTY4YzNhZDllOTNhZjU4MzY3NDc4MjA5YWYzIn0=
Frame ID: D1867E64E9370E3D07FB34CD1AB118EC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

offer-connect

Page URL History Show full URLs

  1. https://bit.ly/3YMI4um HTTP 301
    http://startedmanoeuvring.com/anchor HTTP 301
    http://startedmanoeuvring.com/anchor/ Page URL
  2. http://startedmanoeuvring.com/lVY.asp?fJnlmgccmysYcyvNycdcSWdsc3jJ1cbbdcbbb4F HTTP 302
    https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10... Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491 Page URL
  5. https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff... Page URL
  6. https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da... Page URL
  7. https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

55 %
IPv6

18
Domains

23
Subdomains

22
IPs

3
Countries

597 kB
Transfer

1160 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3YMI4um HTTP 301
    http://startedmanoeuvring.com/anchor HTTP 301
    http://startedmanoeuvring.com/anchor/ Page URL
  2. http://startedmanoeuvring.com/lVY.asp?fJnlmgccmysYcyvNycdcSWdsc3jJ1cbbdcbbb4F HTTP 302
    https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10-201 Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491 Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491 Page URL
  5. https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491 Page URL
  6. https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3&ml_sub2=6944_1e173fea_690491 Page URL
  7. https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3YMI4um HTTP 301
  • http://startedmanoeuvring.com/anchor HTTP 301
  • http://startedmanoeuvring.com/anchor/
Request Chain 1
  • http://startedmanoeuvring.com/lVY.asp?fJnlmgccmysYcyvNycdcSWdsc3jJ1cbbdcbbb4F HTTP 302
  • https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10-201

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
startedmanoeuvring.com/anchor/
Redirect Chain
  • https://bit.ly/3YMI4um
  • http://startedmanoeuvring.com/anchor
  • http://startedmanoeuvring.com/anchor/
614 B
861 B 		Document
General
Check archive.org
Download Go to
Full URL
http://startedmanoeuvring.com/anchor/
Protocol
HTTP/1.1
Server
2.57.123.73 , Romania, ASN49468 (MAG-BROSS-AS, RO),
Reverse DNS
startedmanoeuvring.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Length
614
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Mar 2023 04:43:16 GMT
ETag
"266-5f02a3f06ae40"
Last-Modified
Mon, 19 Dec 2022 08:38:40 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
245
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 12 Mar 2023 04:43:16 GMT
Location
http://startedmanoeuvring.com/anchor/
Server
Apache
1032366040_80-255-10-201
pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/
Redirect Chain
  • http://startedmanoeuvring.com/lVY.asp?fJnlmgccmysYcyvNycdcSWdsc3jJ1cbbdcbbb4F
  • https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10-201
252 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10-201
Requested by
Host: startedmanoeuvring.com
URL: http://startedmanoeuvring.com/anchor/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
155.94.219.64 Miami, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
155.94.219.64.static.miami-servers.com
Software
Apache /
Resource Hash

Request headers

Referer
http://startedmanoeuvring.com/anchor/#lVY.asp?fJnlmgccmysYcyvNycdcSWdsc3jJ1cbbdcbbb4F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
252
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Mar 2023 04:43:18 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 12 Mar 2023 04:43:16 GMT
Location
https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10-201
Server
Apache
/
offer-connect.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Requested by
Host: pedantson.com
URL: https://pedantson.com/17650ec4cc66b702000/2_2_2716967/2388_1317626_3392762_66/1032366040_80-255-10-201
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.102.245.195 Redondo Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d

Request headers

Referer
https://pedantson.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10008
Content-Type
text/html
Date
Sun, 12 Mar 2023 08:06:23 GMT
ETag
"63efd888-2718"
Last-Modified
Fri, 17 Feb 2023 19:42:00 GMT
Server
nginx/1.10.2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
598038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Mar 2024 06:36:01 GMT
css
fonts.googleapis.com/ 		6 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 12 Mar 2023 04:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 04:43:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Mar 2023 04:43:19 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
3956465
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7a6960253f219219-FRA
cdn-requestpullsuccess
True
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-63.fra60.r.cloudfront.net
Software
/
Resource Hash
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:35:05 GMT
content-encoding
gzip
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
494
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
IgYWygzfBtAFOG6NHqfNbAlnIDZwPYskE_7vrbXsnyoC03w-ZYFffg==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
473318
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
746933e61529be8366407880fd47077a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a69602579fb68fe-FRA
cdn-requestpullsuccess
True
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 16:38:36 GMT
x-content-type-options
nosniff
age
302683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 16:38:36 GMT
hub
api.pushnami.com/scripts/v1/ Frame 0C0B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-63.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2024
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Sun, 12 Mar 2023 04:09:35 GMT
vary
accept-encoding
via
1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-id
JmL37n6AAGOfrUE5UkHw2h_gPid0DeB_egWi8HyqopHCq8bSEovl8A==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.100.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-100-145.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 12 Mar 2023 04:43:19 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.100.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-100-145.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Sun, 12 Mar 2023 04:43:19 GMT
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.198.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-198-197.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://offer-connect.com
date
Sun, 12 Mar 2023 04:43:19 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.198.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-198-197.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://offer-connect.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 12 Mar 2023 04:43:19 GMT
vary
accept-encoding
9e8aef8068
lynku.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fa8533733446a8c2fcb56a75060b702bfdade29c8e982d92df49440fc0c02e

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a696048393030d5-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Sun, 12 Mar 2023 04:43:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSPEF9PUVi6B1RogLOCeOQ824DI%2Bd0ST9G6mtOsqnWsmbPR%2BF3cT3KcBPdDjL8vn4D7We5IRDVjiT3U%2BUNa8EvJVTuGudD%2FyjBwR2a%2FRWpZSf7gMy2EiRAU0NgjyM6B31MdkO3bIiqma8pjWJFMiPxRy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SK3KBGMKJ4YWWVBV
age
2724
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
eBDdEZo2g3ixnFPTboxVSgjMRQX3dQ63xWWEjrbl2vu0jkNe5fS7HtGt8F3jGl6QdU4QACxpR9I=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUMWOpxx02mVNAYlyaIlFSVXBpmU4IsUYnVryoCzWwSg6C7hOQTYLiD4GuTrXUEIE8rYIFWBxRSMIdeeNdmWa%2BgPXzlHHGaOmjXRlnck%2FqwqYKfQ%2B1GclUbRDRU%2FAlEAZQbdhsEfaakJ00tsrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7a69604929a0910c-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame DEA6 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678593600
Requested by
Host: startedmanoeuvring.com
URL: http://startedmanoeuvring.com/anchor/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f526b6401095c86b9e1529dee33b8da86363cf1514a03dffa6db9384cffbc789

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NYBnNIrrrjXwhQP8%2BGzKipDObFl835cEnguicwwzVUIDVK02uNo%2B%2FjjhLcdquk9RQ8vuXCPwGvN2L7FnbXQeuoD%2F5eIaivwqST0KNUAsPNLP0cnx7YHKs0QQpS4f6jQCxQExMOxEIPIF7r5ShahcvZE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a6960495a0e30d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame DEA6 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7497043b6ca3b924e07e712df5e088cfc9485fcb45c552ab70a50434d5ef1df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeZuo3oGooszRt08HaoKONzlX3hSx%2FJemtYbsx1ewV%2FcqMKv9CQwMMIJ7%2B%2FBeRI9RD0%2BFOsp4gZkgdypYwjzJoYlsN57zPJxhZGw9Paxhbtg7TeEbKC48Ua1yFKL%2F0Bhcb0KR5%2BR3gTFZgUqHXH5yopf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a6960497ee19191-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7a696048393030d5
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame DEA6 		2 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/7a696048393030d5
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678593600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Mar 2023 04:43:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVibIW%2FUbxPuv%2BtpU127Vj4Dgyanj1w8b7lhjpmr%2Fi%2Bs%2BzLh3sCSDSeiVPwrhjaZoLODQJncIEm702UFwrvURYIGZlZucwnJWobDT67Ye2df0rznr4NBZ7zbR01QKM5%2F8t6aMVk8%2BAW%2FQBTRydktwAUl"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a69604ab8069191-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
5d6fb6c62a.smapp.work/trkclk/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.250.143 -, , ASN (),
Reverse DNS
Software
TornadoServer/5.1.1 /
Resource Hash
fc2eb2e7722e283b8c042032f99d25bd88f0ef615a05feea8b03d79366dbbae9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clickid
3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 Mar 2023 04:43:25 GMT
etag
W/"40a6e984c7567ae6c170e2dfb4643b2ad0a7daaa"
server
TornadoServer/5.1.1
via
1.1 google
x-frame-options
SAMEORIGIN
x-service-version
2.0.1
confirm.js
5d6fb6c62a.smapp.work/api/v1/click/ 		0
102 B 		Script
General
Check archive.org
Download Go to
Full URL
https://5d6fb6c62a.smapp.work/api/v1/click/confirm.js?data=gAAAAABkDVhtBqDrKOM__IWeyE2s-naUOOzhXFvuSidsF1H0Przgi-GqyXAZiYmIwHQzOUi1rHYDjX-EoUMQvptcSZDNJRHdPmeytyGfOa6sSaPORwzb3qoNUxafD-M5aVIQwaTja8XrUknW6daqe2t120T7i7Kith_BpxThSvJbJd3yX01lF3LH-vTsq5iqnsnUUOr86g5bJgEdzFMAIC_Sg6WFzfqnWXow68ZVuJE1e13V-uR1eL7Q-UPC45C9Lded76GoEhqs83AAQOaDUEWjNV8RgGA16lk0YO6U-CcLy6uZmch4MWNcYaUFnZ4QNmyC11zglpZd-5SchCl3M1inq3m6Q7i61Ee8-uDxREPwZyftbKjp2IE4qDqYxLCb8uLzeA9KFXqGxDN8mR4FcJ7sBJyoAa_koonITkbA7gPd4ZEWDBu-VyHepqSrBwvJwvpMn_8EzZB8s80kxRZLCJ2PhjyzAFId5EnNqfjjJsX_V02H3FKLPaG4WBPyQifYIYiDbtlcIBbN7xByKMz5tl9JC_eQ_KSpBtQkBeW3bBO_co61Q2QJZAZn5UchquG8EY-3hBB6lZaynmHAmTlWRyccylfZlIC-8eWhDd9SqYvNLuPUigs9TzswfJeZLXNItzLJn72GnH0SjAzQVbRhq8LOf11aB09CEC6CE-Z2IXwLAK6l3THHFVL0UKwYbrq9WsOzNe-iPn7P05RTYmIV_cmMZbtTDzuVM7jOm7xyJIS4XFjtyXkLgSM-psrT2YKBEuF3ByWqIE6Iy1PL5V8ikvSbX5XV4-U6YGx5j96ReO4cIaT7IbiLOHFp2NVEE-X6qrXZPAM-88KD76JoGSbLfa_7784zMAydAAUGTPGyzURsjRztz0sFYVEYqF7fvrQJrw45L7n1A-Z_FtJh0m5jeCB_hk_M-uHCutk6DtDa9MscrPutU0dsI1psRy5jh5p1jz4l1087S1Noo5cgws7SRuOqoCjn94GEez4mRdqfob8JxlP1OqqRra2LB9yJVPVmd8zGZHc2qYcLXbT3piEPlkGpytkT3g5jJzQij_9kTxDeels6KupWZUkh_lPwnYoiheocnU6d9BMS-j898ow4wfOuMyvWiMF1gtd7hpscm4La4gpQC8piYbXJm-rP14402vHL--GKR1xf-zLXU-Jvhh8TaGPuc73WTVLIknoRVOe3CWP_tw8zqskRWyLBHpO_5GmgJRN7foWuEpzWWRJiz1jdeNRPGPfr7kVG7ZeWtSVPKON-eqGYMHAZgDAE6oh2G_rr0Xy504ILODnZRq4p_nSXhD97FxBQx5xrvgYsw0r-N8uinbETpbV3R-31qgWoHZo1OCTy6-DGNm8L7HH0Mhaq1xgkx9f4DseQ2rmVL6X1QQGbCABeYQO5NM9svg91fMM9-YkaoKuwqTXMbTprMBlM2Jaw1G7-1AB-Fv7lmnoxayv8yshf1qIvqN6BJ0BeMnr30TYLjUVVu2Dc9-qBU0sTzwkfH-sxVNa8F8ksN24CLLltAcmyWeUmwUIlx6ouxrhphKmeC_x-T68JTvVmCbKmhK0MOX7T1yzs4S6vTuWAHYy_52cvIUGh5nDWV_-bG91B4t7OU0840KZ6xVlCQtKg9Wu6z7pzqW_7LQ57HfjnBDhlWi7IUeXLb4IH6cfMCaGbwQWOTRd7cCoeptBAP1YCDf3qE-qFzMnBL05YiOqFOuHdJYbqsBwGEi1AZTKeF969vdNqwPIZ-8B02cx61wjEmacB-XrxbOXljo4Ilq4JXYBh5KuifFjGLxJotNw3TLKMdmqUZsmyW2m5BCqbY3dvLAFq-HMYyaL0utTgY3-RjEs10U_AkvwNYrzYXZge6ZcK0xFKxU-_zOuE5AinCKeD4dh6Y6lmZM5uMUC_6nnD85D6gWYMrlWl9LBJNT0lGigndVhGtVkXLmIqB33XyvVegsRIhCoGSaQ47a-2nlu6OZN3SZBE4OjBi5ePFRUa9-4GZHntBeAh_T3pCOFsueK8uO6y1yUOr43G81g_k0h0mSejFMrEKN741wentTutOoZz7H3fMmLGobc9zGKjR2EnlZPhxUYcoO4izfea2cj_uUJlAqzJrI08jTw1YCf7q78c5SLRvoQxcuxs0CDISi95hqIjJ8l3JfPhjeIdKozEiErb0pcBuejFFvAajV2L_fN_kbp96QhABc4rFU93NR2kR4smsNoS_AYGbXuQgRzbhHjyvLvzefXSaTGckCMluCn6abCLhTTtp6UApTn_nqnywr-Wn5K1vQFwybXD4SaXkWfR619Grmsbk1s87Pxcm3tykqavLG4-RLYUEr6g2I9bgY40toBvQD6Z8p0ZTYGxDMcgYyNrmfVl0qo5X5bd5Yef3NcMn74u1fDfnx8VH_aFjQpsUSRuFDSZTs0OL1BvYfnjNrHiNFUYogIciGRnc0jzBVdGQf35xZtDZse8yH4w7T2de8nnC8yPCMPMgkFsQfsaTGbDecn3vCcuqjnxJ_bjwm9CJ0ciW3-R9Ovt7cz6qy2h81aSey0wyor5_EucaYffOQ4r2BRuOLkhcnnj62-6Ikdjaq4wrH7XQF1jrWOi2f4ZwoTSW4dllz6EI1IZk0p1RQIoyZT1h0mO8cWve96SbpGIUHmzwLXFvpNJuzbfG_3AklLBKShRlzuhVtVwIFmztFWWyIQ-uBwfmQFJpsSrILPMUCvGYDopctfuBYBQG8NvXghbfQ%3D%3D
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.250.143 -, , ASN (),
Reverse DNS
Software
TornadoServer/5.1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:25 GMT
via
1.1 google
server
TornadoServer/5.1.1
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript; charset=utf-8
impressions.html
storage.googleapis.com/tmp-static/instal-impressions/ Frame D186 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIkRFIiwgImNsaWNrX2lkIjogIjMwMDRlYTI5LThkZTAtNGJmZC1hYjRmLThjMzllNDUxZThkNjoyYWQzZjVkOGE4MDhkYTY4YzNhZDllOTNhZjU4MzY3NDc4MjA5YWYzIn0=
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2010 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634

Request headers

Referer
https://5d6fb6c62a.smapp.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
1357
content-type
text/html
date
Sun, 12 Mar 2023 04:43:25 GMT
etag
"54f99c9e98a5b4f17b219e94417e6d2f"
expires
Sun, 12 Mar 2023 05:43:25 GMT
last-modified
Mon, 10 Jun 2019 16:09:51 GMT
server
UploadServer
x-goog-generation
1560182991115409
x-goog-hash
crc32c=+7k9hA== md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1357
x-guploader-uploadid
ADPycdujmwlQ_QZE2kTrI2R5pABLPFJTWRwer0qXMR6U2Iz3f0yETUzNI0FhwL9LWJ12boYAdvCF73sSHfMcs0IhqPpb_Q
gtm.js
www.googletagmanager.com/ Frame D186 		118 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIkRFIiwgImNsaWNrX2lkIjogIjMwMDRlYTI5LThkZTAtNGJmZC1hYjRmLThjMzllNDUxZThkNjoyYWQzZjVkOGE4MDhkYTY4YzNhZDllOTNhZjU4MzY3NDc4MjA5YWYzIn0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46800
x-xss-protection
0
last-modified
Sun, 12 Mar 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Mar 2023 04:43:25 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d6fb6c62a.smapp.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 03:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5032
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 12 Mar 2023 05:19:33 GMT
vh1h
redirecting3.eu/p/ci0W/wLuk/ 		34 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3&ml_sub2=6944_1e173fea_690491
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub13dbf63b5f0a455ba5f1de380dfa5a27&aff_sub_id=1e173fea_690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1ab6c16db380a1eea5eaa4c8a52b4bad5534fcc4e3b3a72ad4a2bba7c14829f

Request headers

Referer
https://5d6fb6c62a.smapp.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
7a69604d0d4b9bb9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 12 Mar 2023 04:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I62FNyVjE3DFE%2BkCleMZe8SyPhQ78%2Fgi9YlO4XR5ghTrf9fkhN94mxoNQ3rFCQOr3G1BjyQr%2BLfNcCcUzRvcIxLZbi%2FdFusxIMrZLT%2BnZStwSElKRzmVvYMK05hVPngU4BuPjk%2F3f4rc222idqM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
analytics.js
www.google-analytics.com/ Frame D186 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 03:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5032
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 12 Mar 2023 05:19:33 GMT
txljmn
view.adjust.com/impression/ Frame D186 		0
0
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=839921304&t=pageview&_s=1&dl=https%3A%2F%2F5d6fb6c62a.smapp.work%2Ftrkclk%2F%3Fpid%3D6944%26cid%3D3287930%26custom1%3Dpub13dbf63b5f0a455ba5f1de380dfa5a27%26aff_sub_id%3D1e173fea_690491&ul=en-us&de=UTF-8&dt=Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=960012182&gjid=383049788&cid=956376514.1678596206&tid=UA-44620901-4&_gid=1088865609.1678596206&_r=1&_slc=1&z=258344377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5d6fb6c62a.smapp.work/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 04:43:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5d6fb6c62a.smapp.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
envoirment.js
redirecting3.eu/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3&ml_sub2=6944_1e173fea_690491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172

Request headers

device-memory
8
Referer
https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3&ml_sub2=6944_1e173fea_690491
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 04:43:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 11:25:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2354
etag
W/"627a4b98-8078"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkMy%2B%2Filw8nb%2BNwG2ZpK3rw2zE6T3M6TtFVLbWL6nBdCgnURq08nVRy88OLMe4c%2Bkf5RYWjKVecNC6ugyQoUGmlzhhWgsKQSHTjXmtHNSKWdhqm4iBnVHi6ehQ9lhLuZe4VJ8fJ3%2Fs4EmqEnyyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a69604e5e929bb9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a4ce6cb3e7f66149f5e2535fa036403f68bf41c5e491a4d54f499714696733d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3&ml_sub2=6944_1e173fea_690491
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirecting3.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 03:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5032
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 12 Mar 2023 05:19:33 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=908401576&t=pageview&_s=1&dl=https%3A%2F%2Fredirecting3.eu%2Fp%2Fci0W%2FwLuk%2Fvh1h%3Fml_sub1%3D3004ea29-8de0-4bfd-ab4f-8c39e451e8d6%3A2ad3f5d8a808da68c3ad9e93af58367478209af3%26ml_sub2%3D6944_1e173fea_690491&dr=https%3A%2F%2F5d6fb6c62a.smapp.work%2F&ul=en-us&de=UTF-8&dt=redirecting3.eu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=163060609&gjid=124370802&cid=394092956.1678596206&tid=UA-110090096-2&_gid=1963329701.1678596206&_r=1&_slc=1&z=137736468
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 04:43:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 12 Mar 2023 04:43:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-110090096-2&cid=394092956.1678596206&jid=163060609&gjid=124370802&_gid=1963329701.1678596206&_u=IEBAAEAAAAAAACAAI~&z=1134775194
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 12 Mar 2023 04:43:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
redirecting3.eu/ 		20 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirecting3.eu/finger
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
Referer
https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=3004ea29-8de0-4bfd-ab4f-8c39e451e8d6:2ad3f5d8a808da68c3ad9e93af58367478209af3&ml_sub2=6944_1e173fea_690491
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 12 Mar 2023 04:43:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGFgsIlyaor4Ll2nmsV8zrjmEaKzE5LulSyPALx7R4m9lLW5HiwJTHqvWe5EmnnVnENVLO6Z2V2FYav3q%2BbU7BsMAkEoTLfft4WJBCHdgSsDTZ%2BusVoiagufEwfdY8p3Nno67kzs%2FzD7lBleUqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7a69604f3b1630cc-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request /
www.lucks4us.com/ 		29 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
506e2d0bbed732d67d61ee8f597d74b883a705180e80cbc55823b4ed1f70fd0a

Request headers

Referer
https://redirecting3.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 12 Mar 2023 04:43:26 GMT
server
nginx
jumostyle.css
cdn-dimi.akamaized.net/landings/273721/1655973908/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1f98f94c1fa2691233a14dbafb54f5998056610d006206edb66faec99ac10f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
JDV8QZ35Y0ZQYQ4K
ETag
"5e8911ed473430e8a39c3d0063afeb8a"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3657
x-amz-id-2
x/0wRD5WkNY7paxDhUK3ai2nUNcazhxy8UoiIkS4FgO1/dQ3EaetsTWjox3FD8OWTI2gSo3OPf8=
jquery.min.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/jquery.min.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H92GR6FDZ1GGEKA
ETag
"2f6b11a7e914718e0290410e85366fe9"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
29855
x-amz-id-2
VslgDP+x6TP/i1pbs5i/Npj1zggZoNkSOuLPNLzy3t6diX3fySAVUsXcBh1p+QSudoZenz8LbKI=
newmain.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/newmain.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a997abf7d80e7d31adb4a3ef623db68712106e24913dd649144fca1ddd26f5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H9CDP500ZZJFJSW
ETag
"b57a47e8b5ad0124d37fe725e52e54de"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1441
x-amz-id-2
Bqe6fGweFki1wHRItyGwEscyd3oJgRu+ADkdzQNr7a7uPlvEffd2c4hmdv8zoZSb5t2FF5jaz/k=
translate.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/translate.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a3c219c8bbb84314f18027c3ff5b5d721e1ba46a8f0b8c354f9ddcff4cb63db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H9F91TXND6R50FD
ETag
"ac6dff07c24b404421ea757993233a88"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
22201
x-amz-id-2
CoW++WfbEsi6vAmHFjhLKrgegoRJdb8oUkx4eQwnO0PSMaFSseVRIveZbwJbvc/3PWF4JJ77jT0=
j5_tmp.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/ 		793 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/j5_tmp.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d175685d85ad314c810db03427c29651c5f74b225ccf0f9b4c2c5ea76574def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H99GG9RQJ48B59C
ETag
"c232d5565f0f7e5d1dce56dc4614b5a0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
793
x-amz-id-2
7mTtxioPDRwiAN6EDfpCjcg4QkmdAfLF9FnFKC6/s9bPwADjnKnvpHUQc5rEo3LDt7HCaV81or8=
loading.gif
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/loading.gif
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
YRCTNWQXCK12DCZT
ETag
"f4f031edfb2f37765dab11b35eafd026"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
5139
x-amz-id-2
g/Ma8C7EqL7ezyiRwAluFrAyKFsOics9BxtZ/OwDX+rxb2qC6Y+bAThCamNz6B8+YPaVfawW1XY=
spin.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/spin.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bfa66b5945d9f53e091f433c0824c4804bdc6eb8ade60bd5cb95da428d6d7e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCH40XSYBAWWJNV
ETag
"6465b852c6c04c1bdccdded7e266645d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
44297
x-amz-id-2
jqiOFngic39SrP5UU8+rnuzleJIDLoBFJj4VDi3JhuYUQj9Ja0IH/CYGLp57dVX3D8nrOQbD04I=
blue.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/blue.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
463bf0016c87901d150fe3c67f55b3bcbb9c9bd5afa7ec1ab0251e913db76c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCG1G24BT2TQ4CZ
ETag
"b2f173c68cb160d59493cc734bd43521"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
12906
x-amz-id-2
kz2H2sOjRS5uVIql3y0vA4y65aD/drGRwseQCgZbUoAummMrGjEWSRC/fOHIXvo7FnEDERJTsbc=
yellow.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/yellow.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0586e3f5878c9b621ccc7fdcd666d7fbebbb66990098aaa06f8a2d864a08f69b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCQWQFQCSBS3VZB
ETag
"7559980a442b5c88091071b9d47927e8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
13218
x-amz-id-2
i7u+JjGhrUAFFdK3VQ6sNyLp6DVKJUIvtQ6oWsQqDtEBhjdxZUFMKrJUZx6YdiMbLTeu1w1+A+g=
red.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/red.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e09bbce82b54fac68c4ed5d35e93c49831c639a7e4c04fdc1ad3003086b8d7a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCQ2N5NGB9E6NMJ
ETag
"657655f44fc886fa009601a7a703f7c3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
15011
x-amz-id-2
DvMU2ysEkA2DWTv5XMhtdDGgziPmG1/3XFPd0GqPJvckyMkbkkEYF8EcOe/V2T/cX9eSYAWAr5I=
like_user_1.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/like_user_1.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
YHK5D7CCA9RBKE61
ETag
"2aa0d43e70d60d76ac4bdff139f8c7cb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1293
x-amz-id-2
wvvyv5vW8W31ExE8gk/DtUm+iFhATRVK4060QL+iRtzA0uNTjMmcmLSzJLNhpk5KtuoCO1G/3T8=
like_user_2.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/like_user_2.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S4PQ735RK48MNT
ETag
"f9299c2023539a8f27a6e1b12ed260e5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1216
x-amz-id-2
94eRSEUDUaSRqudaI4t/r86JrHVKvwYHw6A3M05y0Wqy0EsvAKRqoAmU+eOc8nlwB1OaVtcvuCc=
7.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/7.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
NDN821W57W0X780J
ETag
"3641990a28227bb5ed59021aff1d14e3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2095
x-amz-id-2
dzca8798xkw861Y2otGWQSb/9ioL8GnA3Smr9rPDhH3HIq20+AB1mKIN0IgYdQm4PA/PSpz52io=
2.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/2.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S5DCQQ65C9K5R4
ETag
"7af1c5ea7c34e1748aa8e4ac65d26256"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2182
x-amz-id-2
UPSlT6lUjOOUPgOCIQOXlR5rGGyDA9ZFldmXE0rPVHaa6bjHT9scScm38PDkGfVzd0lZsnOu6jo=
3.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/3.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S29B1HX34TH20D
ETag
"8f52afa9e7a247acf53632fdfd62aa21"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1648
x-amz-id-2
9DomeIOwTR/WHVKK3kZeF4glwO98s83F9oPZ4IJcLjTQHZknQZnZ+LQjoDuIZD1Ljs038qvSkrY=
4.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/4.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
JDV6S6MKF2T0YWA0
ETag
"59389d99986c2c273716a3a8318d137a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1803
x-amz-id-2
rZ5mnO/NGzYVFbs6diLuYoYK9tkA7joLEn5ZDKqc5FTa+LQ7vun0TwSpWY6DhRgaUndTFQ09WpE=
6.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/6.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
YHK15WVMJBAQE6Y5
ETag
"5cc7c7967e306b120f82fd0db3b457f6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1495
x-amz-id-2
zBipHxei7n9W1uYXioXEWMY8wY6fP5kK1Pv1AAIGayvpJJp1PBE8gl0OVxsmFb0YrMo+27ep8QY=
1.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/1.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74SANYPMMB5N7DMQ
ETag
"7c4c03a240fbd38d376111329cb3399c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1863
x-amz-id-2
bMhHNVW/fB8ZMGH4pTNiH0e+2gfYFvTp7tKgT6SnbkGozUs83Xu8sG6f+WISMxRxDRl1q4CWEFc=
8.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/8.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
JDVCGW0DFJ3H15W9
ETag
"c31e3d6f2d5d38af20fee54b89568db4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1561
x-amz-id-2
2U5BmqNotGYIzQ97TNdTrmO+/2RUL4E8nlThqfV5NwawFYHS2C/EhTuYTt3a5zVmCz3ihCJQyMs=
clip_footer_3.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/clip_footer_3.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
TVTYJQPGAV6PY4MR
ETag
"e1b626392882cc25b4d891afaa68afd4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2460
x-amz-id-2
WIeqKwagkZB8zA0Ey1gb7uHV1YPxHkUxxjf/ZVoIy54VCCuYBc62uHWtcDAPodsgXfl9Iwq0mlI=
footer_right.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/footer_right.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc5edb79e789204202959200acc81743f64cdb57543265c630270c3e2805c426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
TVTXJHZ4VF7CFAQ4
ETag
"6269d1ab501134b82c222d8a0ee8e7e0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
19167
x-amz-id-2
6CTaOFyzZbMQ18zTJ7ZCOt35eLC8CkvPqBBFUNXDyM0sEICmPTukplbRWmk8ANBovjUnknzHs8w=
spin_prize2.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/spin_prize2.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e96b28497881f5601c974896771328b4c8942c4d70166601006b759703aee53e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
NDN9WKCH4SEBPQR0
ETag
"2712de8230cdf1093348be4514cdfaf6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
6908
x-amz-id-2
b4Q32CUhFKhIVb+uPfa/MxQdqdlI6fUjOs7VjbiGHhc2cTTQW4lkjxHwTgXKnp2nkXo2hoiHISg=
action_icons_20px_2x.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/action_icons_20px_2x.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1e4031ab76edb16b1a5e5c618ccdf1e3803e07c270c40692d5738a8225c092d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
PCWE37C1KZDW1ZHS
ETag
"67191d5ee37c06c1ee623169a4402be8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
4037
x-amz-id-2
DYQgkvUSigT2nUvvgihrfLnbG7XCp4Kk8lWJP37FzFAWMLjAzcv2eAvMisQ4EwUgLyLc8b2uj2s=
comment_action_2x.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/ 		641 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/comment_action_2x.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 04:43:26 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S9B8STXADE434W
ETag
"e9b3872b3e63e19728176d45f0aa6986"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
641
x-amz-id-2
Ny2DxJbn+3vllVBmWO5GrJZWI2S4qiwua48GWdDhSyjomrrP7QNi/8MOYVK8vyLikQzr0tsi4Rs=
subscriber.js
www.lucks4us.com/js/pushjs/1.0.0/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/j5_tmp.js?1655973908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
application/javascript
date
Sun, 12 Mar 2023 04:43:26 GMT
cache-control
max-age=604800
content-encoding
gzip
server
nginx
expires
Sun, 19 Mar 2023 04:43:26 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.0.2/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-app.js
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8604
x-xss-protection
0
last-modified
Thu, 10 May 2018 20:35:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 05:41:05 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.0.2/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10017
x-xss-protection
0
last-modified
Thu, 10 May 2018 20:35:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 05:41:05 GMT
utils.js
www.lucks4us.com/js/pushjs/1.0.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lucks4us.com/js/pushjs/1.0.0/utils.js
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
application/javascript
date
Sun, 12 Mar 2023 04:43:26 GMT
cache-control
max-age=604800
content-encoding
gzip
server
nginx
expires
Sun, 19 Mar 2023 04:43:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
view.adjust.com
URL
https://view.adjust.com/impression/txljmn?gtmcb=1203433673

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| showSecondStep boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid

2 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n2c4Hg-ce5b5fdecd9a6546e7-00V
pedantson.com/ Name: uid15295
Value: 1330721677-20230311234318-52bca1549e0da68175d4ee69c7adf1dd-

2 Console Messages

Source Level URL
Text
other error URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330721677&pubid=690491
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
rendering warning URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-tDNNQ69S&j1=1&j8=1(Line 234)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d6fb6c62a.smapp.work
ajax.googleapis.com
api.pushnami.com
bit.ly
cdn-dimi.akamaized.net
cdn.addlnk.com
fonts.googleapis.com
fonts.gstatic.com
lynku.jukminung.com
maxcdn.bootstrapcdn.com
offer-connect.com
pedantson.com
psp.pushnami.com
redirecting3.eu
startedmanoeuvring.com
stats.g.doubleclick.net
storage.googleapis.com
trc.pushnami.com
view.adjust.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.lucks4us.com
view.adjust.com
13.32.99.63
155.94.219.64
2.57.123.73
23.50.131.21
2606:4700:3032::6815:1cae
2606:4700:3035::ac43:9efb
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:806::2010
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a06:98c1:3121::3
35.186.250.143
38.102.245.195
54.158.100.145
54.209.198.197
63.32.216.166
67.199.248.11
0586e3f5878c9b621ccc7fdcd666d7fbebbb66990098aaa06f8a2d864a08f69b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051
20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d175685d85ad314c810db03427c29651c5f74b225ccf0f9b4c2c5ea76574def
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
463bf0016c87901d150fe3c67f55b3bcbb9c9bd5afa7ec1ab0251e913db76c49
49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9
506e2d0bbed732d67d61ee8f597d74b883a705180e80cbc55823b4ed1f70fd0a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4ce6cb3e7f66149f5e2535fa036403f68bf41c5e491a4d54f499714696733d
5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14
6a3c219c8bbb84314f18027c3ff5b5d721e1ba46a8f0b8c354f9ddcff4cb63db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7497043b6ca3b924e07e712df5e088cfc9485fcb45c552ab70a50434d5ef1df8
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a997abf7d80e7d31adb4a3ef623db68712106e24913dd649144fca1ddd26f5c
7bfa66b5945d9f53e091f433c0824c4804bdc6eb8ade60bd5cb95da428d6d7e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474
b1ab6c16db380a1eea5eaa4c8a52b4bad5534fcc4e3b3a72ad4a2bba7c14829f
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
c1f98f94c1fa2691233a14dbafb54f5998056610d006206edb66faec99ac10f8
c4fa8533733446a8c2fcb56a75060b702bfdade29c8e982d92df49440fc0c02e
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
cc5edb79e789204202959200acc81743f64cdb57543265c630270c3e2805c426
e09bbce82b54fac68c4ed5d35e93c49831c639a7e4c04fdc1ad3003086b8d7a8
e1e4031ab76edb16b1a5e5c618ccdf1e3803e07c270c40692d5738a8225c092d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
e96b28497881f5601c974896771328b4c8942c4d70166601006b759703aee53e
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f
f526b6401095c86b9e1529dee33b8da86363cf1514a03dffa6db9384cffbc789
fc2eb2e7722e283b8c042032f99d25bd88f0ef615a05feea8b03d79366dbbae9