urlscan.io logo urlscan.io
SecurityTrails logo

osc.eonlinepromoting.com Open in urlscan Pro
172.67.220.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://adv1.xupmail.xyz/?fb6&jadahull
Effective URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x...
Submission: On October 31 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 14 domains to perform 27 HTTP transactions. The main IP is 172.67.220.30, located in United States and belongs to CLOUDFLARENET, US. The main domain is osc.eonlinepromoting.com.
TLS certificate: Issued by GTS CA 1P5 on September 2nd 2023. Valid for: 3 months.
This is the only time osc.eonlinepromoting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 35.244.216.24 15169 (GOOGLE)
1 1 104.21.24.193 13335 (CLOUDFLAR...)
6 172.67.220.30 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 163.171.128.172 54994 (ML-1432-5...)
1 2a00:1450:400... 15169 (GOOGLE)
8 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 207.120.33.10 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 12
1    2606:4700:3035::6815:24e (United States)

ASN13335 (CLOUDFLARENET, US)
adv1.xupmail.xyz
1    2606:4700:3037::6815:12b8 (United States)

ASN13335 (CLOUDFLARENET, US)
offer-manage.arn1.workers.dev
2    35.244.216.24 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 24.216.244.35.bc.googleusercontent.com
www.manydest.com
1    104.21.24.193 (None, )

ASN13335 (CLOUDFLARENET, US)
osc.eonlinepromoting.com
6    172.67.220.30 (United States)

ASN13335 (CLOUDFLARENET, US)
osc.eonlinepromoting.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    163.171.128.172 (Germany)

ASN54994 (ML-1432-54994, CA)
geoip.joinsafelyonline.com
joinsafelyonline.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
knjbtt.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    207.120.33.10 (United States)

ASN3356 (LEVEL3, US)
geoip.registersafely.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
8 knjbtt.com
knjbtt.com
44 KB
7 eonlinepromoting.com
osc.eonlinepromoting.com
493 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
189 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
32 KB
2 joinsafelyonline.com
geoip.joinsafelyonline.com
joinsafelyonline.com
2 KB
2 manydest.com
www.manydest.com
782 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2220
12 KB
1 registersafely.com
geoip.registersafely.com
460 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
61 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137
6 KB
1 workers.dev
offer-manage.arn1.workers.dev
506 B
1 xupmail.xyz
adv1.xupmail.xyz
498 B
27 14
Domain Requested by
8 knjbtt.com osc.eonlinepromoting.com
knjbtt.com
ajax.googleapis.com
7 osc.eonlinepromoting.com 1 redirects osc.eonlinepromoting.com
3 www.googletagmanager.com knjbtt.com
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.manydest.com 2 redirects
1 www.google-analytics.com www.googletagmanager.com
1 ajax.aspnetcdn.com knjbtt.com
1 ajax.googleapis.com knjbtt.com
1 geoip.registersafely.com knjbtt.com
1 joinsafelyonline.com 1 redirects
1 fonts.googleapis.com osc.eonlinepromoting.com
1 geoip.joinsafelyonline.com osc.eonlinepromoting.com
1 cdnjs.cloudflare.com osc.eonlinepromoting.com
1 maxcdn.bootstrapcdn.com osc.eonlinepromoting.com
1 offer-manage.arn1.workers.dev 1 redirects
1 adv1.xupmail.xyz 1 redirects
27 16

This site contains no links.

Subject Issuer Validity Valid
eonlinepromoting.com
GTS CA 1P5		 2023-09-02 -
2023-12-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.joinsafelyonline.com
AlphaSSL CA - SHA256 - G4		 2023-04-20 -
2024-05-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
knjbtt.com
E1		 2023-10-16 -
2024-01-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
geoip.registersafely.com
R3		 2023-09-19 -
2023-12-18		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Frame ID: 536372CA62844398BDEB83E2226E3A20
Requests: 12 HTTP requests in this frame

Frame: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Frame ID: 21F9BA19D18037F060527F4BA5AA3E6C
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Age Verification!

Page URL History Show full URLs

  1. https://adv1.xupmail.xyz/?fb6&jadahull HTTP 302
    https://offer-manage.arn1.workers.dev/?fb6&jadahull HTTP 302
    https://www.manydest.com/NR6DW7S/2KSCL9T/?sub1=fb6 HTTP 302
    https://www.manydest.com/cmp/CT19198/CXJR37/?__rpt=0&__po=904&__ptid=0ecaced9f5884cee9d893559bf07c1da... HTTP 302
    http://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246... HTTP 301
    https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

56 %
IPv6

14
Domains

16
Subdomains

12
IPs

4
Countries

890 kB
Transfer

1816 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://adv1.xupmail.xyz/?fb6&jadahull HTTP 302
    https://offer-manage.arn1.workers.dev/?fb6&jadahull HTTP 302
    https://www.manydest.com/NR6DW7S/2KSCL9T/?sub1=fb6 HTTP 302
    https://www.manydest.com/cmp/CT19198/CXJR37/?__rpt=0&__po=904&__ptid=0ecaced9f5884cee9d893559bf07c1da&__rpa=0&__rc=1&sub1=fb6&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    http://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6 HTTP 301
    https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://joinsafelyonline.com/routes/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207 HTTP 302
  • https://knjbtt.com/user/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207&sitekey=e1710e363a062894&rtr=1&rtid=141536129

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
osc.eonlinepromoting.com/tools/landers/st/001erz/
Redirect Chain
  • https://adv1.xupmail.xyz/?fb6&jadahull
  • https://offer-manage.arn1.workers.dev/?fb6&jadahull
  • https://www.manydest.com/NR6DW7S/2KSCL9T/?sub1=fb6
  • https://www.manydest.com/cmp/CT19198/CXJR37/?__rpt=0&__po=904&__ptid=0ecaced9f5884cee9d893559bf07c1da&__rpa=0&__rc=1&sub1=fb6&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
  • http://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
  • https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deabfb35b8bcf4126b07e0df70ee66d217af569924c0cd7814422b6f1b7aca3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81e87ae23f891907-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 02:31:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bA00W%2B6Gb%2B0pPQDFTAvd3huEoEG5jCWehQdRTUhj5IixuIvcv1b32JXTJtkzWxx%2FR6TqajOqz1Ue5JC69ilFTwFeuHdGyUkavgYcrpjc5ZoVG27kpQKHfbRFHYV%2BaJoMhal%2BjQO8CUWfggI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
81e87ae1bb381e50-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 31 Oct 2023 02:31:07 GMT
Expires
Tue, 31 Oct 2023 03:31:07 GMT
Location
https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmrhdLcRAfyKDdi2YuwIPghSeB5hy%2FMqDjMyPhNDWpfLmWgyyNNVCd1HrLpImkY3FGyrpJyqbTVT%2BSxnZDUk5%2BYiY4a8Gzae2r8XzpUqL44QK3w2YW0ecCtRbxkZyO8cTixs4oitVuwcx3k%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
bootstrap.css
osc.eonlinepromoting.com/tools/landers/st/001erz/css/ 		137 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://osc.eonlinepromoting.com/tools/landers/st/001erz/css/bootstrap.css
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a73625a19827c57f4547776fd9be3bd0163bfc3872b6edcfa57a65e9abcc7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de477-22456"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuMBBAGQpFxQ3Rxp2ykB7UzwjKkk2tiGUBQWcKzvQ9YD0Nw3axG49g%2FALw%2BiKlggIDSPWeYhPWmcGGVgpN0kwzy7eLqT24eqe03qWk3rjNCSfpJXowdpy6c6Ycw0HAEMoJUY%2FDOA3RujiM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81e87ae569451907-FRA
alt-svc
h3=":443"; ma=86400
style.css
osc.eonlinepromoting.com/tools/landers/st/001erz/css/ 		1 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://osc.eonlinepromoting.com/tools/landers/st/001erz/css/style.css
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e70cb6fb00fd052ce02e49eaf22fbc51cf04b1235b3d8b7b3c5c24e41416f9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de477-42c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPnsqsSF4FLcRrYbdcp9N4vkW1tljTOUzekOeM8rlEQpjtQ1RbHn949R9hYEGUqsbNFt52mIiZ7NYhH1%2FIBvn4ynw%2B0Q9kfKA%2BgQ6ymSMbrfOJdRgoRpoCMhiL04qBLtvf8FAYBcO3YlfXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81e87ae569461907-FRA
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
26937874
cdn-cachedat
2021-04-13 02:55:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a4c754a17577d74a872d3c9c794d1a4f
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
81e87ae5caa52bf1-FRA
cdn-requestpullsuccess
True
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 		242 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.js
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828cbbcacb430f9c5b5d27fe9302f8795eb338f2421010f5141882125226f94f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4755083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
61632
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-f0c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6rlptPA%2BzfCMEGtsXAiq6TAubUsyOcJ%2B%2BSmtNxn8FnrcDMQQT00a799Weuasz01iwslEVPbB%2BWQ6JieNk8hprLvxlDOtm1rRSJ8vFEeyg14cAevEnfTdZkxUyLNih3qxObIlZyYPyVRXYft4QlUkRwi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81e87ae5bd2935e6-FRA
expires
Sun, 20 Oct 2024 02:31:08 GMT
bootstrap.min.js
osc.eonlinepromoting.com/tools/landers/st/001erz/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://osc.eonlinepromoting.com/tools/landers/st/001erz/js/bootstrap.min.js
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:53:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de477-8a7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQiOJyttIbzhZLQ9qZqC1Y7gNculyY%2FO1TORfNpfn%2BwrpgMytZxTbj4UUSPf47dzVnXuvxxjQEvbcykzGswlTHaAnPWjyZl9IUBDzlqgdk9uir0CfKz5ghWvqitGjM2A5KcdSF7%2F%2BwKXy4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81e87ae569471907-FRA
alt-svc
h3=":443"; ma=86400
/
geoip.joinsafelyonline.com/ 		408 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.joinsafelyonline.com/
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.171.128.172 , Germany, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
waf/4.35.0-0.el7 /
Resource Hash
3df5559575ece6d51f4dd444105d8d97423bfc0843c8525b889ab2285f6ba46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 02:31:08 GMT
server
waf/4.35.0-0.el7
x-ws-request-id
654066ec_PSdgflkfFRA1gi91_30193-29812
x-via
1.1 PS-LAX-01iL8141:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
expires
0
iframeResizer.min.js
osc.eonlinepromoting.com/common/js/iframeResizer/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://osc.eonlinepromoting.com/common/js/iframeResizer/iframeResizer.min.js
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:08 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Sep 2022 16:50:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632de3d5-2e17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Okq3Ig7fehRPXVuBr9pw08BeaxfhXyv%2FXOcZOszcKjF%2FfcgaPur0QzCaaFDELdeKbuv0qwgAeHiCPLHd%2BR%2Bj6Bo7nJgZnLxTlBjcHJHEXKlDTeo5ZX6vS4RItI81wt0uNqPV%2BMszdfYAxzw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81e87ae569481907-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Oct 2023 02:31:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 02:22:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Oct 2023 02:31:08 GMT
/
knjbtt.com/user/ Frame 21F9
Redirect Chain
  • https://joinsafelyonline.com/routes/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207
  • https://knjbtt.com/user/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207&sitekey=e1710e363a062894&rtr=1&rtid=141536129
339 B
742 B 		Document
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/user/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207&sitekey=e1710e363a062894&rtr=1&rtid=141536129
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e884290229c84aa7891c3b8fb0fa4720a35b2e86ea122e3f8b36a2917b5e66

Request headers

Referer
https://osc.eonlinepromoting.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81e87aebdb335d85-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 02:31:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXp%2Fgz8UfupaBBNLcH0rLzWWKPQM7TAiWKsEJu0h6IHgdtyZQBCQbfA2QEEyvT04d9YcPH3mmQuGCnF%2BIKi2Oju8aRtoeQgTn8JVhY02UP8wf1mI%2FVkIUN4fOtGd"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 02:31:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://knjbtt.com/user/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207&sitekey=e1710e363a062894&rtr=1&rtid=141536129
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
waf/4.35.0-0.el7
x-via
1.1 PS-LAX-01iL8141:3 (Cdn Cache Server V2.0), 1.1 kf160:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:15 (Cdn Cache Server V2.0)
x-ws-request-id
654066ed_PSdgflkfFRA1gi91_30193-29821
bg.jpg
osc.eonlinepromoting.com/tools/landers/st/001erz/images/ 		453 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osc.eonlinepromoting.com/tools/landers/st/001erz/images/bg.jpg
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e5b3e931aa0d05356fc7cc1110382abebbe672a2758cb5f700e20b82411b8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://osc.eonlinepromoting.com/tools/landers/st/001erz/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:09 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 18:09:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
39
etag
"613264d2-71479"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wmSKbBj72LKMu6okdqkFkhx2zbajupsUBpIPfSQ0%2Fm82jlDoAEKQzxyOSr3O0KHYLkiP4sPNDAT%2BbdgKq6pvBEkwfqwL6VsBFxKTFmXmv4iOzt21bVTaCb7e2T8Gl%2FGAHxJrDMK92oo5Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81e87ae96b5865bb-FRA
alt-svc
h3=":443"; ma=86400
content-length
463993
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://osc.eonlinepromoting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 11:33:01 GMT
x-content-type-options
nosniff
age
226688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14964
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 11:33:01 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://osc.eonlinepromoting.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 07:27:08 GMT
x-content-type-options
nosniff
age
241441
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16324
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:08:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 07:27:08 GMT
/
knjbtt.com/user/ Frame 21F9 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Requested by
Host: osc.eonlinepromoting.com
URL: https://osc.eonlinepromoting.com/tools/landers/st/001erz/?a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ebb6c7c80bb6c5beca94b72fd901455b60ea6f60230144d4a5c554d12691c40

Request headers

Referer
https://knjbtt.com/user/?ofid=51&a_aid=987123654&a_bid=0edbd96a&x_xid=a0396d468a1246fd849c48afffbaf404&x_subid=12207&x_subid2=fb6&a_sid=12207&sitekey=e1710e363a062894&rtr=1&rtid=141536129
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81e87aef7d1b5d85-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 02:31:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSL0gw%2FqSGEv5BdGWcm5YYq%2BuLS6M4GnBNSdtdowNMctV2a0VTXSe2kxV7p5aXCQRVPRpEMosi3Q0NUeHqf5DR7h2glBYldUUsUPOgZWsUv%2BHiqtubRvcxur5KvU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
geoip.registersafely.com/ Frame 21F9 		408 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.registersafely.com/?v=1
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.120.33.10 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
3df5559575ece6d51f4dd444105d8d97423bfc0843c8525b889ab2285f6ba46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 02:31:10 GMT
via
1.1 varnish-84f56c8bcd-dg8mz (Varnish/7.2)
content-encoding
gzip
age
0
vary
Accept-Encoding
x-varnish
6041746
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
section-io-cache
Miss
section-io-id
8f3c25d5f40ee86b75bb3ec55da7dd5f
expires
0
oscams.css
knjbtt.com/common_tpls/compact/css/ Frame 21F9 		129 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/common_tpls/compact/css/oscams.css
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24e40234dc5ca0a4e52034eb6a6c0a33a69b0ae8bb63ad34a293c1eddd9f9e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 16 Dec 2015 18:26:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5671ace9-20525"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9re%2Bz1dfMuRiJTTUBHJc%2BBDF%2FzMWNfCzQa4F8XPE4pgF7mmI8WseDsIYWXy8jaFaZKCIYIIKZ%2BCfyiU1%2FlkbM0XfKOtRRSMr0I7SB3aDmtj0BYp4%2BY2CycUYo1C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
81e87af1a9359049-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 21F9 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://knjbtt.com/
Origin
https://knjbtt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 07:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 07:03:18 GMT
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/ Frame 21F9 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.2/bootstrap.min.js
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AF) /
Resource Hash
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://knjbtt.com/
Origin
https://knjbtt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10088109
x-cache
HIT
content-length
12247
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:58 GMT
server
ECAcc (ama/48AF)
etag
"194598e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
form_support.js
knjbtt.com/common_tpls/js/ Frame 21F9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 18 Nov 2022 21:23:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
767
etag
W/"6377f7d9-ed7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Vh9dVJpSW56uZ4gzgGJ7UbYDzhiJ5fporhXUm2VJT%2B4hj5XrDIS7kGeZOKRuftPVviZG6N64VcL8IZsUV7CxCs7X8rQvQpIZqTEDgCRKN%2FwjJAwaDpg6nQqqqtq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81e87af1a9369049-FRA
alt-svc
h3=":443"; ma=86400
validate_form_v2.js
knjbtt.com/common_tpls/js/ Frame 21F9 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/common_tpls/js/validate_form_v2.js?jsv=24
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3f9ad8a6b5ee12a78a32d898be23898f6d340765e340873e0253feb3b0e8825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Oct 2023 00:24:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
767
etag
W/"6530775a-6590"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snPkXJcs%2F8M1TpqSI94z7abPONVt0hnq9GklzTHRKFUoRS751qvUz7BqI9dz2Ab5lwhWu%2B8kErc%2Bp2ZbQ2HoIYeH%2FPVKGVnk8NYZYia6Wr1MbnwL5lG6kNVfEUrA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81e87af1a9379049-FRA
alt-svc
h3=":443"; ma=86400
ajax-loader.gif
knjbtt.com/common_tpls/images/ Frame 21F9 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://knjbtt.com/common_tpls/images/ajax-loader.gif
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Oct 2013 22:49:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
331
etag
"52533a73-c88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeAp4eqtOk7v4Aginh23Rpnb5LJVBvTnG%2FvqF5XulxKXBxkKm8LRjYVfN2Nm2YopiKkxFPnbLiunCUMwSKfKNEuZl0sND9coXFvz0bCsT5UJdWSeOZN0pSSYyqNx"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
81e87af1a9389049-FRA
alt-svc
h3=":443"; ma=86400
content-length
3208
iframeResizer.contentWindow.min.js
knjbtt.com/common_tpls/js/ Frame 21F9 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 04 Feb 2016 15:06:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
767
etag
W/"56b368db-3445"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjyA3%2FYR0aZ5QrOR2YRf1E7HHqFg3XcsuUNjLOBu42Hhbl%2FBg%2BPX7IuM%2BC6t6L0l4X%2BKliRU63vqckqqU%2F1LKzA0gsaZPTVCX7lHOPoxadYGVmcaAbukSG%2BByN8g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
81e87af1a9399049-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 21F9 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06ea01a24ea94396c3e4f54a275d3b811d19d664ee63c2b8f45fce6a6dce5992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68698
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Oct 2023 02:31:10 GMT
gtm.js
www.googletagmanager.com/ Frame 21F9 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSCK9H9
Requested by
Host: knjbtt.com
URL: https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed6bf9bde63dcffa004623b899bd2fa170df1fb1b058547e4ee55054ccfb045a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44041
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Oct 2023 02:31:10 GMT
/
knjbtt.com/user/trk/ Frame 21F9 		21 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://knjbtt.com/user/trk/?rtid=141536129
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b26330894af95096e9f1617a688009cc640d451ac28725b7e0a38a9b6845fa3

Request headers

Accept
*/*
Referer
https://knjbtt.com/user/?SID=259419c9d357dae1dbe8c94f9c935f5a
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 02:31:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5qLdTOd9uE6VhufoxWiPqIXyay2r1aeZTjePqqw2Ei04zgadI3rB0pk8W5EYqZcWXITU1T1Y6z3PZumXvuXXLmQUMDVABvc%2FNTzqAnA6bc4pZ%2FKzBv%2BM67oIVBZ"}],"group":"cf-nel","max_age":604800}
content-type
text/json;charset=UTF-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate
cf-ray
81e87af5aae49049-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ Frame 21F9 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-90FLKCEX7T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e1a77623d01faa3697a1405cce8732f94af8d3dabd69c38428b852fb2ba43411
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 02:31:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80692
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 31 Oct 2023 02:31:11 GMT
analytics.js
www.google-analytics.com/ Frame 21F9 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208173773-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://knjbtt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 01:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2379
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 31 Oct 2023 03:51:32 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_resolved_ip function| iFrameResize

6 Cookies

Domain/Path Name / Value
offer-manage.arn1.workers.dev/ Name: visit_count
Value: 1
www.manydest.com/ Name: uniqueClick_2KSCL9T
Value: 1ae57336-044d-4425-b635-0f14638684ea:1698719467
www.manydest.com/ Name: uniqueClick_CXJR37
Value: 51b1f808-d17b-469b-844a-e1c2699d2491:1698719467
www.manydest.com/ Name: transaction_id
Value: a0396d468a1246fd849c48afffbaf404
joinsafelyonline.com/ Name: PHPSESSID
Value: 44a665f083730bf911d3ae02ef60351e
knjbtt.com/ Name: PHPSESSID
Value: 259419c9d357dae1dbe8c94f9c935f5a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adv1.xupmail.xyz
ajax.aspnetcdn.com
ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
geoip.joinsafelyonline.com
geoip.registersafely.com
joinsafelyonline.com
knjbtt.com
maxcdn.bootstrapcdn.com
offer-manage.arn1.workers.dev
osc.eonlinepromoting.com
www.google-analytics.com
www.googletagmanager.com
www.manydest.com
104.21.24.193
152.199.19.160
163.171.128.172
172.67.220.30
188.114.97.3
207.120.33.10
2606:4700:3035::6815:24e
2606:4700:3037::6815:12b8
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:806::2008
2a00:1450:4001:813::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
35.244.216.24
06ea01a24ea94396c3e4f54a275d3b811d19d664ee63c2b8f45fce6a6dce5992
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
1b26330894af95096e9f1617a688009cc640d451ac28725b7e0a38a9b6845fa3
24e40234dc5ca0a4e52034eb6a6c0a33a69b0ae8bb63ad34a293c1eddd9f9e8a
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
37e884290229c84aa7891c3b8fb0fa4720a35b2e86ea122e3f8b36a2917b5e66
3df5559575ece6d51f4dd444105d8d97423bfc0843c8525b889ab2285f6ba46f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5e70cb6fb00fd052ce02e49eaf22fbc51cf04b1235b3d8b7b3c5c24e41416f9f
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
7654274cd06f347d0d6bf4dff07eb8216759e1e2d4d8af6f9ff8b08fd88bc333
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
828cbbcacb430f9c5b5d27fe9302f8795eb338f2421010f5141882125226f94f
8ebb6c7c80bb6c5beca94b72fd901455b60ea6f60230144d4a5c554d12691c40
94a73625a19827c57f4547776fd9be3bd0163bfc3872b6edcfa57a65e9abcc7e
a35efd7238a1ef4c6581aadc6d001e8554adf949dc6cde5650c2235483f19bf0
b3f9ad8a6b5ee12a78a32d898be23898f6d340765e340873e0253feb3b0e8825
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deabfb35b8bcf4126b07e0df70ee66d217af569924c0cd7814422b6f1b7aca3e
e1a77623d01faa3697a1405cce8732f94af8d3dabd69c38428b852fb2ba43411
e9e5b3e931aa0d05356fc7cc1110382abebbe672a2758cb5f700e20b82411b8a
ed6bf9bde63dcffa004623b899bd2fa170df1fb1b058547e4ee55054ccfb045a
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355