Submitted URL: http://actionmechanism.com/cgTNFD.ChzkbZ?MfZqf0dQ6dXTHp0KnjhHGsC425KL9hNpBkk5J9TJ8qgGj0ZMdr~llKx6RybZldZDJ0nFYxfk8SvJSDPQyY...
Effective URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Submission: On March 13 via manual from US — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 62 HTTP transactions. The main IP is 63.32.216.166, located in and belongs to . The main domain is www.lucks4us.com.
TLS certificate: Issued by R3 on February 7th 2023. Valid for: 3 months.
This is the only time www.lucks4us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
24 cdn-dimi.akamaized.net www.lucks4us.com
cdn-dimi.akamaized.net
6 www.google-analytics.com 5d6fb6c62a.smapp.work
www.googletagmanager.com
www.google-analytics.com
redirecting3.eu
4 lynku.jukminung.com offer-connect.com
valleyutilityplay.com
lynku.jukminung.com
3 www.lucks4us.com redirecting3.eu
cdn-dimi.akamaized.net
www.lucks4us.com
3 redirecting3.eu 5d6fb6c62a.smapp.work
redirecting3.eu
2 www.gstatic.com www.lucks4us.com
2 5d6fb6c62a.smapp.work lynku.jukminung.com
5d6fb6c62a.smapp.work
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com offer-connect.com
api.pushnami.com
2 maxcdn.bootstrapcdn.com offer-connect.com
maxcdn.bootstrapcdn.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com storage.googleapis.com
1 storage.googleapis.com 5d6fb6c62a.smapp.work
1 cdn.addlnk.com lynku.jukminung.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com offer-connect.com
1 ajax.googleapis.com offer-connect.com
1 offer-connect.com valleyutilityplay.com
1 valleyutilityplay.com
1 actionmechanism.com 1 redirects
0 view.adjust.com Failed storage.googleapis.com
62 22

This site contains no links.

Subject Issuer Validity Valid
valleyutilityplay.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-15 -
2023-04-15
a year crt.sh
offer-connect.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-28 -
2023-07-23
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.pushnami.com
Amazon RSA 2048 M01
2023-03-04 -
2024-04-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.jukminung.com
E1
2023-01-20 -
2023-04-20
3 months crt.sh
*.smapp.work
Sectigo RSA Domain Validation Secure Server CA
2022-12-19 -
2024-01-19
a year crt.sh
storage.googleapis.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.redirecting3.eu
E1
2023-03-04 -
2023-06-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.lucks4us.com
R3
2023-02-07 -
2023-05-08
3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Frame ID: 3CD052844042FF598FAEC609F621F0CF
Requests: 53 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 99DBB05628D21CEE56BCE28792DB98AE
Requests: 1 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678665600
Frame ID: EE134B32E03AFF8105776A43303F281A
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIkRFIiwgImNsaWNrX2lkIjogImVkOGIxYzUwLTdhM2QtNGRhYS1hMDU5LTM4YjZlMGE5ZmEwMTo4NTFiZTkwYTU3YjQ4OTYzODBlZjcxY2M4OTdjMjY3ZmZlZjg0MTk5In0=
Frame ID: 639B923551F8A1C1B3E185AB279A9069
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

offer-connect

Page URL History Show full URLs

  1. http://actionmechanism.com/cgTNFD.ChzkbZ?MfZqf0dQ6dXTHp0KnjhHGsC425KL9hNpBkk5J9TJ8qgGj0ZMdr~llKx6RybZld... HTTP 302
    https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-6... Page URL
  2. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
  3. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444 Page URL
  4. https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff... Page URL
  5. https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b489... Page URL
  6. https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

55 %
IPv6

17
Domains

22
Subdomains

20
IPs

3
Countries

596 kB
Transfer

1159 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://actionmechanism.com/cgTNFD.ChzkbZ?MfZqf0dQ6dXTHp0KnjhHGsC425KL9hNpBkk5J9TJ8qgGj0ZMdr~llKx6RybZldZDJ0nFYxfk8SvJSDPQyYl11cWfWJR9KFjKll9PJ~cbbbd082z8cc4dc4cysCKchc8GdpcB4GLdCRwcbbb2D HTTP 302
    https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69 Page URL
  2. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444 Page URL
  3. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444 Page URL
  4. https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444 Page URL
  5. https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199&ml_sub2=6944_fbbb5665_690444 Page URL
  6. https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://actionmechanism.com/cgTNFD.ChzkbZ?MfZqf0dQ6dXTHp0KnjhHGsC425KL9hNpBkk5J9TJ8qgGj0ZMdr~llKx6RybZldZDJ0nFYxfk8SvJSDPQyYl11cWfWJR9KFjKll9PJ~cbbbd082z8cc4dc4cysCKchc8GdpcB4GLdCRwcbbb2D HTTP 302
  • https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69

62 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
918092893_217-64-151-69
valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/
Redirect Chain
  • http://actionmechanism.com/cgTNFD.ChzkbZ?MfZqf0dQ6dXTHp0KnjhHGsC425KL9hNpBkk5J9TJ8qgGj0ZMdr~llKx6RybZldZDJ0nFYxfk8SvJSDPQyYl11cWfWJR9KFjKll9PJ~cbbbd082z8cc4dc4cysCKchc8GdpcB4GLdCRwcbbb2D
  • https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69
252 B
565 B
Document
General
Full URL
https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.128.197.187 London, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
252
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Mar 2023 00:54:15 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Mar 2023 00:54:14 GMT
Location
https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69
Server
Apache
/
offer-connect.com/
10 KB
10 KB
Document
General
Full URL
https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Requested by
Host: valleyutilityplay.com
URL: https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.102.245.195 Redondo Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d

Request headers

Referer
https://valleyutilityplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10008
Content-Type
text/html
Date
Mon, 13 Mar 2023 09:22:25 GMT
ETag
"63efd888-2718"
Last-Modified
Fri, 17 Feb 2023 19:42:00 GMT
Server
nginx/1.10.2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 12 Mar 2023 06:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Mar 2024 06:36:01 GMT
css
fonts.googleapis.com/
6 KB
920 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 Mar 2023 00:54:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:54:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Mar 2023 00:54:17 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
5116240
cdn-cachedat
03/12/2022 14:32:07
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d59b1bc690982b057c0e17bb58696d82
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a704e04d9b99b70-FRA
cdn-requestpullsuccess
True
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/
88 KB
18 KB
Script
General
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-22.fra60.r.cloudfront.net
Software
/
Resource Hash
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:51:52 GMT
content-encoding
gzip
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
145
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
ClpQei-MKDSFZaoZP4BUTvfFyX14SCaF7qPhF6jP1AEB3nXCvXH4ag==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
545733
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
746933e61529be8366407880fd47077a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7a704e053c8e3665-FRA
cdn-requestpullsuccess
True
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 16:49:57 GMT
x-content-type-options
nosniff
age
374660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Mar 2024 16:49:57 GMT
hub
api.pushnami.com/scripts/v1/ Frame 99DB
2 KB
1 KB
Document
General
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-22.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2679
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Mon, 13 Mar 2023 00:09:38 GMT
vary
accept-encoding
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-id
PMKNjeSGQyCSDeofx0zK1EOtkUnhGWJaaoJ4-n3zToL37CZVwT_4VQ==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
track
trc.pushnami.com/api/push/
2 B
168 B
Fetch
General
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.132.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-132-105.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 13 Mar 2023 00:54:17 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame
0
0
Preflight
General
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.132.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-132-105.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Mon, 13 Mar 2023 00:54:17 GMT
psp
psp.pushnami.com/api/
2 B
224 B
Fetch
General
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.250.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-250-67.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://offer-connect.com
date
Mon, 13 Mar 2023 00:54:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame
0
0
Preflight
General
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.250.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-250-67.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://offer-connect.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 13 Mar 2023 00:54:17 GMT
vary
accept-encoding
9e8aef8068
lynku.jukminung.com/rc/
3 KB
2 KB
Document
General
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ce645add9b5b78d89e5cab6384d6233f8e4f9f691e618b9ffec905ad05536465

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a704e289fd43801-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 13 Mar 2023 00:54:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B4tywwMLetlETaiNJBSapaw%2FoQKNWC%2FRzOnAeAmTyULtiQZDc0fE7EHiXcwZaBn9drj0%2Bnrx9xTemuniLiPBlX3jzR5EhX2RGAkGX79CVpUz0K7b3vap2%2FDdcVgPJUFBx6%2FasLOA9JemqH%2FvvIA72Ox"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
72BQ43Z832DMHS8A
age
4304
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9dqjw3QmoT8lhROeWaK3mEcRPoUKNfvQLfCVyCvCyDnxCOQ1ZkKTnjHgPbqYhL93T/SckF1I+RU=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oauitqzj7EV6r89yLC3Z3gnuf0kPqq5p15DY5sihEi%2FsbulH%2Fw1WDvjHcQjsH70U7xtDX3jF5zZu5yKbtKOxOdWDJhvBUjD24VEbMIlxS2cdfopLSoE5SOakrNK%2BHZp1b2ACZz%2FQp8Y3C7k%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7a704e29a9a29010-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame EE13
29 KB
13 KB
Script
General
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678665600
Requested by
Host: valleyutilityplay.com
URL: https://valleyutilityplay.com/1764a665c27d7f38800/5_229441_2711110/1543_3520685_4428307_63/918092893_217-64-151-69
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e7871efeeb6acf783bce0a0efb98b435c842d8525c7f08677ad375f1958094f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u75Nccvcbc%2BPiVAj2MAZQP9GoZxPgopkXgAyemRtm6Jr1p%2FNLKJCEXd7B8hW0XEPv1PlbJWJNpdSBnJLmOtfBrT5kxq0fvrbUqfVos%2BxefWVIIn%2F6jVfl97lljcPdF6z7RgrgQl9ykzkdRkGIN%2BlhpaP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a704e29c8b33801-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame EE13
7 KB
4 KB
Other
General
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
73e1152b275c4f805fdccb109173dad1d1588549d4c5b7ba09cf29d2fb17321e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0RbYG55RIYrJjG5ZcUH2YfiuFL2xCWSOefM%2FGBpHXVRSntvmle31rIDR5%2FtPt5pMoX7ULCSKRoRcDDQr0q2eOrElqaRpJox%2FEKAMZ%2FqbsGNPH%2BvdZlqiijMbOZJKbni%2FXoNuILRxvQkZRN5Fnmhlajl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7a704e29ea869153-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7a704e289fd43801
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame EE13
2 B
658 B
XHR
General
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/7a704e289fd43801
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1678665600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Mar 2023 00:54:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Vw0omln3%2BRV%2Biefas0UH742GvriKP1WexrKuEqJ5f0RRJLTvxQ6RfkRTTMlWVe%2F3MRiQsYaUuJgbBbTdnyVC%2Bn38igyXHGag%2Fq7TsxbRed5oaauN%2Fr9Ft6T7BkFI0UlbUJEs7v5PJhi4qEJzHY7eAba"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a704e2b3baa9153-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
5d6fb6c62a.smapp.work/trkclk/
4 KB
4 KB
Document
General
Full URL
https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.250.143 -, , ASN (),
Reverse DNS
Software
TornadoServer/5.1.1 /
Resource Hash
86fbe6788dd7bc6a764f1c322586bb53751e83adfb280af364dadc692fb0cfcb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clickid
ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 13 Mar 2023 00:54:23 GMT
etag
W/"b7dc86dac04a29e062398d69a124706494591955"
server
TornadoServer/5.1.1
via
1.1 google
x-frame-options
SAMEORIGIN
x-service-version
2.0.1
confirm.js
5d6fb6c62a.smapp.work/api/v1/click/
0
102 B
Script
General
Full URL
https://5d6fb6c62a.smapp.work/api/v1/click/confirm.js?data=gAAAAABkDnQ_PPpnfO45bX6HdAje-N4gxfbFsNRvtMHeLRHE-phbp_0UGeyhTdebGX_y0-RWlpwbpAJHGu2Tq_2OUT_seSLzEK5LlQ3ntew7uNL0-Cuj4qIuT2U8NjrlsbsD9HnKTq4fSjULKC4wWSD2T9rf3pnCd0BqjEoAz0HUBFDKe0PbAjeUC7PGJsqvF9mhFa63_iU-uSbW1B7xyj7Svz7T_GN-jX52iQ8J9zCStOKVriOpWgD4WLtXEKwhlrhsiaSxUwkDAy8AYYkeQ1e_ipJh-8QjWaBr_TZlFx0InSr1_y-czVtkTUnoI9Y8NpT1LRqyGW3QuqDf9VEW1oxQyTB-VKiv63XxhIWxvK16n3tyiymkRzKNI9-AQGxdhkYLv0WvR11XOHP_6oUtxL-lGUfS1PVQfKZOP7Qg5OcwDYJ3hkUMmIEgwM9oh2ZuVMdk4zdAbLQCXx4nXGM3CRVcMdS_OcN-ygWXzQEYuARtr4laibnD2NkPKH9ATNAj726WkDbIEs2004dB-tNjExb7JBP5lj4na8z5mcag67ETqDNB_x1S6CSJDcFzefwbVpBU8IjUGxlJ93siv4v19ZvdvAa8tMe6kBFVHosOCNHRy8iEtOXMHBPpGzN5l5wuIhdpU86OmbrnLh-b-pyFxK8Ott_rpRX8F5bFUSATsjJd0l_H7-m9IRfasOTauCsBi05Mik11s7WD35xgICnwRdBX6XlriRbKFkNsh41bDk3FUQhfKQNuuF8Brbktyed0vrC3gHFuxQlBoMNFW-BHSVA9sk6192jOkLvPbwI5weqxPVepLuQtingN28NrTgFGUUQHd27Yf_ooe6mRLaqD-WkTNnQiYq8M_r2AmHHpFl0uEvQMU9vmy8SzeyJ1y2qkS8pWnoOTkCJ6jO3PzWEHFcjgjcP-3qD_sh_aq7NBtv4_zefvhzU8q8GxUM2T10AZ-HL0E0aEzVaTl2IN5b_699YtxVhct-rkoZ89SfjGBrKmULpvSga68zhKyqUMhDB33BVkN-npHn5I34PjJ8HG5y8JSjUm5KsXbxg8WGnDW81TLJ_JT7mVUb4Y08nVT-wWJXqDP9WBEMWZsYkYK7CkNR85v3oWBr80LhPuCiXpnugstZETRB1fm1gG3CricVTn9tHr_GkB3F0t6GHiRZZ600Z5Ydq77rQuKEMEMKVZQoBvFAAr1L4ck1VsxKdSozErixTqomsaAKfgNkIwtkCkK_IhqePjNR_i8u5-HZ0n9cR6hZMo4aYDlVxuWNv1QJZQfTAQPmNo_-t_9FnD5CD1jUU9H30T_g3GqVKIICeK9vtywwmu1DCVMOKf4GvP1A4EHrRCW2Hu0xhUSzY8s6876zKRTPp-vzhkb0cO2hwl5xbSyMDrJln4RR0KA9J85KAzhj05M01wUy-97E5kPV0Qlba2vM1qLd0aNmGx_lwvreJpdDv_f-Ze9KtohbP6v_eX6_YUxVy2yev8Dqb3UsOFMR6BFFCSfrbfEz0SjFbf-frYLcwKGLeBuRVZgu2swedO9n1GSW28jWpY7haRsI6fROEggtrv9EV8Ds8wjrpfcHurHaMKplfYYEsycX3uqDo2CnxF39meXOoqQhVrg6P8ZysbfXBzz1c70Nx1uGT3CFWw4mikLfnYwh_5bq35-pY_WvufVLKn4SlB2gug_l_Rr6ppkUVgROydyJvA1EOjhI79PYaD_b9IXeZeadyzWTOiYVlRulygARB-wUJ5ntYil7HzWdcompI-SbH3oG-eErZy0a5VSJBcKfkRN4U8TmkqOIIEfK_mjCHnoqLB1oWBrYmAvPdvMqHDWQOA-yTJk3F1G6c0IolkPOSl_LR-IDD85rSXKScgWsco7CsAb1BCEc2G8DzGl8Jcmmj1gfi4xEzsyX9-GYzKTxZdk22gYMGJbZjJzubFyX2ljZMB6F6s-lLLkra1UMFj-wu59d3oS3HHHI2N5kPmG4tjhCMKpmwBC20DMujnzrfc7qhet5sGT28dtwk9SDUYditsc3OQ_eT2hVmSf5YTsnvsozqVbVFfTL0lomXrJLMzTt1dO_ZUXxfnXJTUjiho5PO8VuGidMEve-gpqTNZT6r3mOPxiddcFoGp_xaXknCgz3FqhE1HQnDvcYTcMvf6USiVvyCv-w3ZkhJhUPxlH9m314tclab-QB2QAABH-kchdwedNIuTm_b8uvpxCokQSn87v9rsSw0jJuGo6vWuLUa9sJWBHfbK1E79AC8Jkjs_XcVxVmw2VfakMTdfGygIOFEnaFNdpy1mGKoxUWFeh2XySwuG54SRwaNPMJlyNT6uH8ShpC4UE_r8TpiZ2oheUexOqVUu5ugTclKtNVKOHR8cJWTa1XsJzV2SXt3FK2MAh0DRToc_zJVq9W1FsJmm35ngCRq9lLlB17hkZwzgpSqJQ25ESJtHNH8wvQGj7xJ6i6gKVgMZDhyIb2hXAMnE7RMfVs9Xm9PPRtCw1nVhawFRZdwr8Huh2PxKF-rTjYyhuo3oyUJIMIQaq1S3pvmjH1tWSf8KRPImfoNbmgk7kPDVyL0gjzJlUOwuSc9TaJN6nLXJlvS55JG9R6pKoRokDWHWKXxdRVNl79-u4Flm_YpcOOfTEQrVMH5YwqE-jt4qpTd1m0rZrvbM9r0eydu6l87jgLnL8aKrG-9uydF2pDeggbYML4E9RLQtsFtJ2H9c2rb8g9y6hPNoqMTT1YMQNA%3D%3D
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.250.143 -, , ASN (),
Reverse DNS
Software
TornadoServer/5.1.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:23 GMT
via
1.1 google
server
TornadoServer/5.1.1
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript; charset=utf-8
impressions.html
storage.googleapis.com/tmp-static/instal-impressions/ Frame 639B
1 KB
2 KB
Document
General
Full URL
https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIkRFIiwgImNsaWNrX2lkIjogImVkOGIxYzUwLTdhM2QtNGRhYS1hMDU5LTM4YjZlMGE5ZmEwMTo4NTFiZTkwYTU3YjQ4OTYzODBlZjcxY2M4OTdjMjY3ZmZlZjg0MTk5In0=
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2010 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634

Request headers

Referer
https://5d6fb6c62a.smapp.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
1357
content-type
text/html
date
Mon, 13 Mar 2023 00:54:23 GMT
etag
"54f99c9e98a5b4f17b219e94417e6d2f"
expires
Mon, 13 Mar 2023 01:54:23 GMT
last-modified
Mon, 10 Jun 2019 16:09:51 GMT
server
UploadServer
x-goog-generation
1560182991115409
x-goog-hash
crc32c=+7k9hA== md5=VPmcnpiltPF7IZ6UQX5tLw==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1357
x-guploader-uploadid
ADPycdu1bVpnzE9bsC7asYbfvoeo5XUU1_QJOMiuR4zP8q8Oz8O3j1Fh0iut4JJFOvm3FVwTnLMbQR0EXupSg51thH8SK00ff59A
gtm.js
www.googletagmanager.com/ Frame 639B
118 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/tmp-static/instal-impressions/impressions.html?data=eyJjb3VudHJ5IjogIkRFIiwgImNsaWNrX2lkIjogImVkOGIxYzUwLTdhM2QtNGRhYS1hMDU5LTM4YjZlMGE5ZmEwMTo4NTFiZTkwYTU3YjQ4OTYzODBlZjcxY2M4OTdjMjY3ZmZlZjg0MTk5In0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46815
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Mar 2023 00:54:23 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d6fb6c62a.smapp.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 23:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5690
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Mar 2023 01:19:33 GMT
vh1h
redirecting3.eu/p/ci0W/wLuk/
34 KB
25 KB
Document
General
Full URL
https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199&ml_sub2=6944_fbbb5665_690444
Requested by
Host: 5d6fb6c62a.smapp.work
URL: https://5d6fb6c62a.smapp.work/trkclk/?pid=6944&cid=3287930&custom1=pub75954553ac8845daa30d9cd58a6bc90b&aff_sub_id=fbbb5665_690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
657b2308fee124d243627a53f5aab38c92b5661d702908478715f23f462b6042

Request headers

Referer
https://5d6fb6c62a.smapp.work/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
7a704e2dab203687-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 13 Mar 2023 00:54:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oy5xqfTKLq2%2BKlEqfS56III7e3CBC3%2BnHEcT3IV8j5wpFB6IAXXv8fYKzmjyHnamwqQ7lpnFoIF4c8THw7DpHpdN0V872ZrX3uZQFVUmMYU3OZW6u%2BnKYvFP4LJuesaAVtukMLC6m9or2xQiijc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
analytics.js
www.google-analytics.com/ Frame 639B
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKCGS93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://storage.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 23:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5690
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Mar 2023 01:19:33 GMT
txljmn
view.adjust.com/impression/ Frame 639B
0
0

collect
www.google-analytics.com/j/
3 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=635080828&t=pageview&_s=1&dl=https%3A%2F%2F5d6fb6c62a.smapp.work%2Ftrkclk%2F%3Fpid%3D6944%26cid%3D3287930%26custom1%3Dpub75954553ac8845daa30d9cd58a6bc90b%26aff_sub_id%3Dfbbb5665_690444&ul=en-us&de=UTF-8&dt=Loading...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=649699021&gjid=144743191&cid=1883366558.1678668864&tid=UA-44620901-4&_gid=1804909166.1678668864&_r=1&_slc=1&z=870068850
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5d6fb6c62a.smapp.work/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Mar 2023 00:54:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5d6fb6c62a.smapp.work
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
envoirment.js
redirecting3.eu/js/
32 KB
12 KB
Script
General
Full URL
https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199&ml_sub2=6944_fbbb5665_690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172

Request headers

device-memory
8
Referer
https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199&ml_sub2=6944_fbbb5665_690444
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 13 Mar 2023 00:54:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 11:25:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4046
etag
W/"627a4b98-8078"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgaxbvuViiGd3YgQt5xEeDAF3fVDvK2oQljxlpywllwOTxOEp%2BEAxunD7yNcph17G59sx2LkzK55Z44o3umCUDnvXfkEC5JtgwMlOqBaU5tAknKOWe4xV1y2zAExSQ8jIPKFq0CsaFXIJZHvN2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a704e2f1c233687-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/
23 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a4ce6cb3e7f66149f5e2535fa036403f68bf41c5e491a4d54f499714696733d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199&ml_sub2=6944_fbbb5665_690444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirecting3.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 12 Mar 2023 23:19:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5690
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Mar 2023 01:19:33 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=601321220&t=pageview&_s=1&dl=https%3A%2F%2Fredirecting3.eu%2Fp%2Fci0W%2FwLuk%2Fvh1h%3Fml_sub1%3Ded8b1c50-7a3d-4daa-a059-38b6e0a9fa01%3A851be90a57b4896380ef71cc897c267ffef84199%26ml_sub2%3D6944_fbbb5665_690444&dr=https%3A%2F%2F5d6fb6c62a.smapp.work%2F&ul=en-us&de=UTF-8&dt=redirecting3.eu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2025887321&gjid=1921647954&cid=1545595132.1678668864&tid=UA-110090096-2&_gid=2111386315.1678668864&_r=1&_slc=1&z=2025549171
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Mar 2023 00:54:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 Mar 2023 00:54:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
redirecting3.eu/
20 B
503 B
XHR
General
Full URL
https://redirecting3.eu/finger
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
Referer
https://redirecting3.eu/p/ci0W/wLuk/vh1h?ml_sub1=ed8b1c50-7a3d-4daa-a059-38b6e0a9fa01:851be90a57b4896380ef71cc897c267ffef84199&ml_sub2=6944_fbbb5665_690444
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Mar 2023 00:54:24 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aA0ZMbHdWluIQ%2F9nqdYsg8Ajn2qHHHYY5FRCIKRFTQVQXlwUtzBE5S1Jw2Y8E869J3f2qB1Pyfdi6Gc5HdK1rSIPuzM8%2Bf9%2FpOC88%2FlPQw8V8lfrrCUU04CrS99aEeMqzMErrXwCJr1AF1oH04%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7a704e300ced381a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/
1 B
346 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-110090096-2&cid=1545595132.1678668864&jid=2025887321&gjid=1921647954&_gid=2111386315.1678668864&_u=IEBAAEAAAAAAACAAI~&z=549781333
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 13 Mar 2023 00:54:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
www.lucks4us.com/
29 KB
6 KB
Document
General
Full URL
https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8fc890a6057e81f7019319b7134038d1afeb57f8a3bd0cf3125462f8e83388e8

Request headers

Referer
https://redirecting3.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 13 Mar 2023 00:54:24 GMT
server
nginx
jumostyle.css
cdn-dimi.akamaized.net/landings/273721/1655973908/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1f98f94c1fa2691233a14dbafb54f5998056610d006206edb66faec99ac10f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
JDV8QZ35Y0ZQYQ4K
ETag
"5e8911ed473430e8a39c3d0063afeb8a"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3657
x-amz-id-2
x/0wRD5WkNY7paxDhUK3ai2nUNcazhxy8UoiIkS4FgO1/dQ3EaetsTWjox3FD8OWTI2gSo3OPf8=
jquery.min.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/
84 KB
30 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/jquery.min.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H92GR6FDZ1GGEKA
ETag
"2f6b11a7e914718e0290410e85366fe9"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
29855
x-amz-id-2
VslgDP+x6TP/i1pbs5i/Npj1zggZoNkSOuLPNLzy3t6diX3fySAVUsXcBh1p+QSudoZenz8LbKI=
newmain.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/
4 KB
2 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/newmain.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a997abf7d80e7d31adb4a3ef623db68712106e24913dd649144fca1ddd26f5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H9CDP500ZZJFJSW
ETag
"b57a47e8b5ad0124d37fe725e52e54de"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1441
x-amz-id-2
Bqe6fGweFki1wHRItyGwEscyd3oJgRu+ADkdzQNr7a7uPlvEffd2c4hmdv8zoZSb5t2FF5jaz/k=
translate.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/
71 KB
22 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/translate.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a3c219c8bbb84314f18027c3ff5b5d721e1ba46a8f0b8c354f9ddcff4cb63db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H9F91TXND6R50FD
ETag
"ac6dff07c24b404421ea757993233a88"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
22201
x-amz-id-2
CoW++WfbEsi6vAmHFjhLKrgegoRJdb8oUkx4eQwnO0PSMaFSseVRIveZbwJbvc/3PWF4JJ77jT0=
j5_tmp.js
cdn-dimi.akamaized.net/landings/273721/1655973908/js/
793 B
1 KB
Script
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/j5_tmp.js?1655973908
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d175685d85ad314c810db03427c29651c5f74b225ccf0f9b4c2c5ea76574def

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
1H99GG9RQJ48B59C
ETag
"c232d5565f0f7e5d1dce56dc4614b5a0"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
793
x-amz-id-2
7mTtxioPDRwiAN6EDfpCjcg4QkmdAfLF9FnFKC6/s9bPwADjnKnvpHUQc5rEo3LDt7HCaV81or8=
loading.gif
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
5 KB
5 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/loading.gif
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
YRCTNWQXCK12DCZT
ETag
"f4f031edfb2f37765dab11b35eafd026"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
5139
x-amz-id-2
g/Ma8C7EqL7ezyiRwAluFrAyKFsOics9BxtZ/OwDX+rxb2qC6Y+bAThCamNz6B8+YPaVfawW1XY=
spin.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
43 KB
44 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/spin.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bfa66b5945d9f53e091f433c0824c4804bdc6eb8ade60bd5cb95da428d6d7e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCH40XSYBAWWJNV
ETag
"6465b852c6c04c1bdccdded7e266645d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
44297
x-amz-id-2
jqiOFngic39SrP5UU8+rnuzleJIDLoBFJj4VDi3JhuYUQj9Ja0IH/CYGLp57dVX3D8nrOQbD04I=
blue.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
13 KB
13 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/blue.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
463bf0016c87901d150fe3c67f55b3bcbb9c9bd5afa7ec1ab0251e913db76c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCG1G24BT2TQ4CZ
ETag
"b2f173c68cb160d59493cc734bd43521"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
12906
x-amz-id-2
kz2H2sOjRS5uVIql3y0vA4y65aD/drGRwseQCgZbUoAummMrGjEWSRC/fOHIXvo7FnEDERJTsbc=
yellow.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
13 KB
13 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/yellow.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0586e3f5878c9b621ccc7fdcd666d7fbebbb66990098aaa06f8a2d864a08f69b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCQWQFQCSBS3VZB
ETag
"7559980a442b5c88091071b9d47927e8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
13218
x-amz-id-2
i7u+JjGhrUAFFdK3VQ6sNyLp6DVKJUIvtQ6oWsQqDtEBhjdxZUFMKrJUZx6YdiMbLTeu1w1+A+g=
red.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
15 KB
15 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/red.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e09bbce82b54fac68c4ed5d35e93c49831c639a7e4c04fdc1ad3003086b8d7a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
YRCQ2N5NGB9E6NMJ
ETag
"657655f44fc886fa009601a7a703f7c3"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
15011
x-amz-id-2
DvMU2ysEkA2DWTv5XMhtdDGgziPmG1/3XFPd0GqPJvckyMkbkkEYF8EcOe/V2T/cX9eSYAWAr5I=
like_user_1.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
1 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/like_user_1.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
YHK5D7CCA9RBKE61
ETag
"2aa0d43e70d60d76ac4bdff139f8c7cb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1293
x-amz-id-2
wvvyv5vW8W31ExE8gk/DtUm+iFhATRVK4060QL+iRtzA0uNTjMmcmLSzJLNhpk5KtuoCO1G/3T8=
like_user_2.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
1 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/like_user_2.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S4PQ735RK48MNT
ETag
"f9299c2023539a8f27a6e1b12ed260e5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1216
x-amz-id-2
94eRSEUDUaSRqudaI4t/r86JrHVKvwYHw6A3M05y0Wqy0EsvAKRqoAmU+eOc8nlwB1OaVtcvuCc=
7.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/7.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
NDN821W57W0X780J
ETag
"3641990a28227bb5ed59021aff1d14e3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2095
x-amz-id-2
dzca8798xkw861Y2otGWQSb/9ioL8GnA3Smr9rPDhH3HIq20+AB1mKIN0IgYdQm4PA/PSpz52io=
2.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/2.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S5DCQQ65C9K5R4
ETag
"7af1c5ea7c34e1748aa8e4ac65d26256"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2182
x-amz-id-2
UPSlT6lUjOOUPgOCIQOXlR5rGGyDA9ZFldmXE0rPVHaa6bjHT9scScm38PDkGfVzd0lZsnOu6jo=
3.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/3.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S29B1HX34TH20D
ETag
"8f52afa9e7a247acf53632fdfd62aa21"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1648
x-amz-id-2
9DomeIOwTR/WHVKK3kZeF4glwO98s83F9oPZ4IJcLjTQHZknQZnZ+LQjoDuIZD1Ljs038qvSkrY=
4.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/4.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
JDV6S6MKF2T0YWA0
ETag
"59389d99986c2c273716a3a8318d137a"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1803
x-amz-id-2
rZ5mnO/NGzYVFbs6diLuYoYK9tkA7joLEn5ZDKqc5FTa+LQ7vun0TwSpWY6DhRgaUndTFQ09WpE=
6.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
1 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/6.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
YHK15WVMJBAQE6Y5
ETag
"5cc7c7967e306b120f82fd0db3b457f6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1495
x-amz-id-2
zBipHxei7n9W1uYXioXEWMY8wY6fP5kK1Pv1AAIGayvpJJp1PBE8gl0OVxsmFb0YrMo+27ep8QY=
1.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/1.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74SANYPMMB5N7DMQ
ETag
"7c4c03a240fbd38d376111329cb3399c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1863
x-amz-id-2
bMhHNVW/fB8ZMGH4pTNiH0e+2gfYFvTp7tKgT6SnbkGozUs83Xu8sG6f+WISMxRxDRl1q4CWEFc=
8.jpg
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
2 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/8.jpg
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
JDVCGW0DFJ3H15W9
ETag
"c31e3d6f2d5d38af20fee54b89568db4"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1561
x-amz-id-2
2U5BmqNotGYIzQ97TNdTrmO+/2RUL4E8nlThqfV5NwawFYHS2C/EhTuYTt3a5zVmCz3ihCJQyMs=
clip_footer_3.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
2 KB
3 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/clip_footer_3.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
TVTYJQPGAV6PY4MR
ETag
"e1b626392882cc25b4d891afaa68afd4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
2460
x-amz-id-2
WIeqKwagkZB8zA0Ey1gb7uHV1YPxHkUxxjf/ZVoIy54VCCuYBc62uHWtcDAPodsgXfl9Iwq0mlI=
footer_right.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
19 KB
19 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/footer_right.png
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc5edb79e789204202959200acc81743f64cdb57543265c630270c3e2805c426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
TVTXJHZ4VF7CFAQ4
ETag
"6269d1ab501134b82c222d8a0ee8e7e0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
19167
x-amz-id-2
6CTaOFyzZbMQ18zTJ7ZCOt35eLC8CkvPqBBFUNXDyM0sEICmPTukplbRWmk8ANBovjUnknzHs8w=
spin_prize2.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
7 KB
7 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/spin_prize2.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e96b28497881f5601c974896771328b4c8942c4d70166601006b759703aee53e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
NDN9WKCH4SEBPQR0
ETag
"2712de8230cdf1093348be4514cdfaf6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
6908
x-amz-id-2
b4Q32CUhFKhIVb+uPfa/MxQdqdlI6fUjOs7VjbiGHhc2cTTQW4lkjxHwTgXKnp2nkXo2hoiHISg=
action_icons_20px_2x.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
4 KB
4 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/action_icons_20px_2x.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1e4031ab76edb16b1a5e5c618ccdf1e3803e07c270c40692d5738a8225c092d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:11 GMT
Server
AmazonS3
x-amz-request-id
PCWE37C1KZDW1ZHS
ETag
"67191d5ee37c06c1ee623169a4402be8"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
4037
x-amz-id-2
DYQgkvUSigT2nUvvgihrfLnbG7XCp4Kk8lWJP37FzFAWMLjAzcv2eAvMisQ4EwUgLyLc8b2uj2s=
comment_action_2x.png
cdn-dimi.akamaized.net/landings/273721/1655973908/images/
641 B
1 KB
Image
General
Full URL
https://cdn-dimi.akamaized.net/landings/273721/1655973908/images/comment_action_2x.png
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.131.21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-dimi.akamaized.net/landings/273721/1655973908/css/jumostyle.css?1655973908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Mon, 13 Mar 2023 00:54:24 GMT
Last-Modified
Thu, 23 Jun 2022 08:45:10 GMT
Server
AmazonS3
x-amz-request-id
74S9B8STXADE434W
ETag
"e9b3872b3e63e19728176d45f0aa6986"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
641
x-amz-id-2
Ny2DxJbn+3vllVBmWO5GrJZWI2S4qiwua48GWdDhSyjomrrP7QNi/8MOYVK8vyLikQzr0tsi4Rs=
subscriber.js
www.lucks4us.com/js/pushjs/1.0.0/
9 KB
3 KB
Script
General
Full URL
https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Requested by
Host: cdn-dimi.akamaized.net
URL: https://cdn-dimi.akamaized.net/landings/273721/1655973908/js/j5_tmp.js?1655973908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
application/javascript
date
Mon, 13 Mar 2023 00:54:24 GMT
cache-control
max-age=604800
content-encoding
gzip
server
nginx
expires
Mon, 20 Mar 2023 00:54:24 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.0.2/
25 KB
8 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-app.js
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8604
x-xss-protection
0
last-modified
Thu, 10 May 2018 20:35:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 05:41:05 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.0.2/
35 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 05:41:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10017
x-xss-protection
0
last-modified
Thu, 10 May 2018 20:35:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 05:41:05 GMT
utils.js
www.lucks4us.com/js/pushjs/1.0.0/
7 KB
3 KB
Script
General
Full URL
https://www.lucks4us.com/js/pushjs/1.0.0/utils.js
Requested by
Host: www.lucks4us.com
URL: https://www.lucks4us.com/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.216.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
application/javascript
date
Mon, 13 Mar 2023 00:54:24 GMT
cache-control
max-age=604800
content-encoding
gzip
server
nginx
expires
Mon, 20 Mar 2023 00:54:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
view.adjust.com
URL
https://view.adjust.com/impression/txljmn?gtmcb=627990482

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| showSecondStep boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid

1 Cookies

Domain/Path Name / Value
valleyutilityplay.com/ Name: uid15295
Value: 1330910210-20230312205415-0ecbe18cc764c84426ae0484675fc259-

2 Console Messages

Source Level URL
Text
other error URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1330910210&pubid=690444
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
rendering warning URL: https://www.lucks4us.com/?utm_source=1f0a2cb367c37dee&s1=166616&s2=1791271&s3=588016&click_id=mlClick-lVPnySh4&j1=1&j8=1(Line 234)
Message:
The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d6fb6c62a.smapp.work
actionmechanism.com
ajax.googleapis.com
api.pushnami.com
cdn-dimi.akamaized.net
cdn.addlnk.com
fonts.googleapis.com
fonts.gstatic.com
lynku.jukminung.com
maxcdn.bootstrapcdn.com
offer-connect.com
psp.pushnami.com
redirecting3.eu
stats.g.doubleclick.net
storage.googleapis.com
trc.pushnami.com
valleyutilityplay.com
view.adjust.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.lucks4us.com
view.adjust.com
13.32.99.22
216.144.240.174
23.50.131.21
2606:4700:3030::6815:4a8d
2606:4700:3032::6815:1cae
2606:4700::6812:bcf
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::2010
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9c
2a06:98c1:3121::3
34.230.132.105
35.186.250.143
38.102.245.195
52.20.250.67
63.32.216.166
81.128.197.187
0586e3f5878c9b621ccc7fdcd666d7fbebbb66990098aaa06f8a2d864a08f69b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
1ad68d21bdc5d7616e0ea09fda1fe683ac7ff548e3afa35680de2614dfbee051
20a2729b7c4f4c6a0dd2e80500284bd8c0e84e3e4076eb6a248e2951fec0c550
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d175685d85ad314c810db03427c29651c5f74b225ccf0f9b4c2c5ea76574def
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
463bf0016c87901d150fe3c67f55b3bcbb9c9bd5afa7ec1ab0251e913db76c49
49194aa4fbfb6dfbeaa47328bd1a721e96c80e7d78cb8a6a15febb7a59d1c9e9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58db8ee68cc5c89b372646ed7c7ac68588fcf2635452a831470e6a572bc49842
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4ce6cb3e7f66149f5e2535fa036403f68bf41c5e491a4d54f499714696733d
5f49dbcc11d1704c3f66ea256fc589c602cee87fea1f10d2d24181aeaf30ec14
657b2308fee124d243627a53f5aab38c92b5661d702908478715f23f462b6042
6a3c219c8bbb84314f18027c3ff5b5d721e1ba46a8f0b8c354f9ddcff4cb63db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73e1152b275c4f805fdccb109173dad1d1588549d4c5b7ba09cf29d2fb17321e
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a997abf7d80e7d31adb4a3ef623db68712106e24913dd649144fca1ddd26f5c
7bfa66b5945d9f53e091f433c0824c4804bdc6eb8ade60bd5cb95da428d6d7e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835f56bb96eb76384dc480bc6c866efb1980d4a36ad42fbc82e46d9167542050
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86fbe6788dd7bc6a764f1c322586bb53751e83adfb280af364dadc692fb0cfcb
8d7dc01c529864b54f1d3e7bffb73649056cea39a1907daadc18254e139c2cd6
8fc890a6057e81f7019319b7134038d1afeb57f8a3bd0cf3125462f8e83388e8
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
a3f59e07404f1745bed88a314113a86da376526e7e1e555c99b3e249178c6ba5
a76e62e7aa1c08feb38cc3203ec6ae986bb5bfdf1820dd42b256061fa2a0990f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa0d114beef551ec69b8a3bf82f292729b7e8930f022a83bd68bec11e5fe474
ba0c57dd9fbd100462ac62c8c8b3156caf1283d250fb56ee8ce5b0f53e575ccd
c1f98f94c1fa2691233a14dbafb54f5998056610d006206edb66faec99ac10f8
c7f94d1b21fdadbcc934c2d31503832763070136eafd23d65cec53f6e49b5634
cc5edb79e789204202959200acc81743f64cdb57543265c630270c3e2805c426
ce645add9b5b78d89e5cab6384d6233f8e4f9f691e618b9ffec905ad05536465
e09bbce82b54fac68c4ed5d35e93c49831c639a7e4c04fdc1ad3003086b8d7a8
e1e4031ab76edb16b1a5e5c618ccdf1e3803e07c270c40692d5738a8225c092d
e7871efeeb6acf783bce0a0efb98b435c842d8525c7f08677ad375f1958094f8
e7c85bfa7ba6d75dd0de72e51da2e185351ced82b32090ab35395766ef4849fa
e96b28497881f5601c974896771328b4c8942c4d70166601006b759703aee53e
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc
ef3b8785199a0a640150a9d9ceb9b7cff2b118ee377ce36317d4a3e716bd944f