urlscan.io logo urlscan.io
SecurityTrails logo

venadvstar.com Open in urlscan Pro
2606:4700:3032::ac43:d080  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpc...
Effective URL: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Submission: On March 27 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3032::ac43:d080, located in and belongs to . The main domain is venadvstar.com.
TLS certificate: Issued by GTS CA 1P5 on February 10th 2023. Valid for: 3 months.
This is the only time venadvstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    121.189.48.181 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
PTR: www.gamejob.co.kr
www.gamejob.co.kr
1    5.199.130.138 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: prepshoot.com
fullyfledgedsystem.com
1    81.128.197.187 (London, United Kingdom)

ASN2856 (BT-UK-AS BTnet UK Regional network, GB)
valleyutilityplay.com
1    38.102.245.195 (Redondo Beach, United States)

ASN174 (COGENT-174, US)
offer-connect.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    13.32.99.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net
api.pushnami.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    100.26.12.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-12-248.compute-1.amazonaws.com
trc.pushnami.com
2    54.167.183.48 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-183-48.compute-1.amazonaws.com
psp.pushnami.com
3    2606:4700:3032::6815:1cae (None, )

ASN- ()
lynku.jukminung.com
1    2606:4700:3030::6815:4a8d (None, )

ASN- ()
cdn.addlnk.com
1    94.237.99.118 (None, )

ASN- ()
1d6c9396fa1.777offers.net
1    34.141.179.97 (None, )

ASN- ()
aditmedia.g2afse.com
2    2606:4700:3032::ac43:d080 (None, )

ASN- ()
venadvstar.com
2    172.67.197.244 (None, )

ASN- ()
feed.cn-rtb.com
t.cn-rtb.com
1    2606:4700:20::681a:7e4 (None, )

ASN- ()
sdk.ocmhood.com
3    2606:4700:20::ac43:4809 (None, )

ASN- ()
cdn.ocmhood.com
t.ocmhood.com
Domain Requested by
3 lynku.jukminung.com offer-connect.com
www.gamejob.co.kr
lynku.jukminung.com
2 t.ocmhood.com sdk.ocmhood.com
2 venadvstar.com venadvstar.com
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com offer-connect.com
api.pushnami.com
2 maxcdn.bootstrapcdn.com offer-connect.com
maxcdn.bootstrapcdn.com
1 t.cn-rtb.com venadvstar.com
1 cdn.ocmhood.com sdk.ocmhood.com
1 sdk.ocmhood.com venadvstar.com
1 feed.cn-rtb.com venadvstar.com
1 aditmedia.g2afse.com
1 1d6c9396fa1.777offers.net lynku.jukminung.com
1 cdn.addlnk.com lynku.jukminung.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com offer-connect.com
1 ajax.googleapis.com offer-connect.com
1 offer-connect.com valleyutilityplay.com
1 valleyutilityplay.com www.gamejob.co.kr
1 fullyfledgedsystem.com 1 redirects
1 www.gamejob.co.kr
29 21

This site contains no links.

Subject Issuer Validity Valid
valleyutilityplay.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-15 -
2024-04-14		 a year crt.sh
offer-connect.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.pushnami.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.777offers.net
R3		 2023-02-24 -
2023-05-25		 3 months crt.sh
*.g2afse.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-04 -
2023-09-04		 a year crt.sh
*.venadvstar.com
GTS CA 1P5		 2023-02-10 -
2023-05-11		 3 months crt.sh
*.cn-rtb.com
GTS CA 1P5		 2023-02-22 -
2023-05-23		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh

This page contains 3 frames:

Primary Page: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Frame ID: 288C918A2A2F3BC519D5426AF1B7345B
Requests: 25 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 4A42E628CD44BC73DF0013D30AA143E0
Requests: 1 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679918400
Frame ID: 8C4FE9AFA81D13384046C2D354D18092
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

offer-connect

Page URL History Show full URLs

  1. http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz... Page URL
  2. http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D HTTP 302
    https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-25... Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444 Page URL
  5. https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pubddbfc1062fd84526b27a7bdb17eff7d9&pu... Page URL
  6. https://aditmedia.g2afse.com/click?pid=1011&offer_id=17716&sub1=5ydi2rx1rdeipjbq3rpc0scg4,16703586,5,4379... Page URL
  7. https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

47 %
IPv6

15
Domains

21
Subdomains

19
IPs

4
Countries

242 kB
Transfer

445 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D Page URL
  2. http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D HTTP 302
    https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107 Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444 Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444 Page URL
  5. https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pubddbfc1062fd84526b27a7bdb17eff7d9&pubid=690444&pi=690444 Page URL
  6. https://aditmedia.g2afse.com/click?pid=1011&offer_id=17716&sub1=5ydi2rx1rdeipjbq3rpc0scg4,16703586,5,4379&sub2=4379 Page URL
  7. https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D HTTP 302
  • https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Co_HomePage_Open.asp
www.gamejob.co.kr/List_GI/ 		147 B
511 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
Protocol
HTTP/1.1
Server
121.189.48.181 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
www.gamejob.co.kr
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
261
Content-Type
text/html
Date
Mon, 27 Mar 2023 15:50:24 GMT
Server
Vary
Accept-Encoding
489719797_80-255-7-107
valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/
Redirect Chain
  • http://fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
  • https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107
252 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107
Requested by
Host: www.gamejob.co.kr
URL: http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.128.197.187 London, United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
252
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Mar 2023 15:50:26 GMT
Server
Apache

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Mar 2023 15:50:25 GMT
Location
https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107
Server
Apache
/
offer-connect.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Requested by
Host: valleyutilityplay.com
URL: https://valleyutilityplay.com/1764a66a318a23e6800/1_229547_2732002/1795_3523026_4469252_63/489719797_80-255-7-107
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.102.245.195 Redondo Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d

Request headers

Referer
https://valleyutilityplay.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10008
Content-Type
text/html
Date
Mon, 27 Mar 2023 19:14:40 GMT
ETag
"63efd888-2718"
Last-Modified
Fri, 17 Feb 2023 19:42:00 GMT
Server
nginx/1.10.2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 18:05:11 GMT
css
fonts.googleapis.com/ 		6 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 15:50:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 15:50:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 15:50:27 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
625262
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
be050c61329891fb4ef880afd785a1b0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7ae8ca06abf09165-FRA
cdn-requestpullsuccess
True
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
/
Resource Hash
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:42:11 GMT
content-encoding
gzip
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
496
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
bkXIZBTclO5IkJUsbihQJ9CdFXDDb3DpmpMSN0a10OmcMzWKCGSdTw==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
1809099
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
2e56bff437689279e4fe6d53542c41a7
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7ae8ca079e282bc0-FRA
cdn-requestpullsuccess
True
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 10:43:11 GMT
x-content-type-options
nosniff
age
450436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 10:43:11 GMT
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-12-248.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 27 Mar 2023 15:50:28 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.12.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-12-248.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Mon, 27 Mar 2023 15:50:28 GMT
hub
api.pushnami.com/scripts/v1/ Frame 4A42 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2698
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Mon, 27 Mar 2023 15:05:29 GMT
vary
accept-encoding
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-id
gYlQonU-kxeqx7L2Z6i7zkiLi7ebhpqr94G9wOM6b9RKRYU0OOTroA==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.183.48 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-183-48.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://offer-connect.com
date
Mon, 27 Mar 2023 15:50:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.167.183.48 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-167-183-48.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://offer-connect.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 27 Mar 2023 15:50:28 GMT
vary
accept-encoding
9e8aef8068
lynku.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
14f1c8a7c64537b3d447b87d13c50d9bd8525a9dbae38e6b38471905cc9736eb

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ae8ca2add4e2bd1-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 27 Mar 2023 15:50:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZs6CKFRZMfcu4xC5qb7QeUh5fASOvQNKk2OT8p7YRO%2F3mmpOboRPoKB38azEPMSOpK5tDYGGhKkTzfQ2bESjbKjfxWrHGcq2wWgQrIVRUFqlRuPSXjipXwJhub5nkR2QglX8rJiB7%2BHtch7PglexD3t"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
3336
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT4lzAutdR3DY1RxLWpZQFo8g8uNNwrerj3gGnHgQd6KdqaUQEDMu0ZhHrVIQXJsulPkXZXCL4UZtV3LbXfxbyNVkeDdf%2FWceCo%2FBxqg3gYTqhRZJylQUDlNBKA9ljSYXTBnprUV4%2BmZRQr5Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7ae8ca2c8afb6928-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 8C4F 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679918400
Requested by
Host: www.gamejob.co.kr
URL: http://www.gamejob.co.kr/List_GI/Co_HomePage_Open.asp?home=fullyfledgedsystem.com/3kXTvJY2f.dbm?dsYSz0cc4dT5cy1x5cccF6dpcBMQldCTycbbb2D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8f2567c59118ebc5357981a56fa1fb07c39d7f1cc27bca2fbfd1d82f92d99f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BEZzY8K77kEvtjDJ6WAwQxzRwR2QPnhN%2FkuaKnmmgVETgJOEdGA8WnehOF7hXbko3Vk4EkhmAVjLpxFBup9Kpjm3h0XZAS26uKkN2esNUt5sLysUam3u4BdHgDL4d9lGTAL%2BRYhPf1ZWxg1%2BXSmiPk3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7ae8ca2ce8fa2bd1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 8C4F 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wK86BXxmrCAKPbxy2irVlZaDYkP1e8FqGPet1%2BGMzfsuy0oeloeAVUzT5YsxpodbXolyewWleNINoBej4SSCK3uJ%2FO%2FHQQigRap4CrO%2Be2sI4jteDrzd5LjtjJaCHJwdopWKddLHsetpfab142tBhp4v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7ae8ca2d58652c1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
1d6c9396fa1.777offers.net// 		945 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pubddbfc1062fd84526b27a7bdb17eff7d9&pubid=690444&pi=690444
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.99.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
61835d2463a910e0a5c69632b6d97f400b13dadbd3514e2c4b588293242ec79b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 15:50:33 GMT
expires
Mon, 27 Mar 2023 15:50:33 GMT
last-modified
Mon, 27 Mar 2023 15:50:33 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
7ae8ca2add4e2bd1
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 8C4F 		0
0
click
aditmedia.g2afse.com/ 		249 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aditmedia.g2afse.com/click?pid=1011&offer_id=17716&sub1=5ydi2rx1rdeipjbq3rpc0scg4,16703586,5,4379&sub2=4379
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.141.179.97 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6fbff55fe9991ccc8f2aa975fcdd78e711b3dd856caefc230d54efa4b172f72e

Request headers

Referer
https://1d6c9396fa1.777offers.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 27 Mar 2023 15:50:34 GMT
server
nginx
x-adjust-use-original-forwarded-for
1
Primary Request /
venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/ 		29 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d080 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1cfd435c6ac3d2468e0ae8abf4383ffe5b7d1110a8e180f59fab8f36874bdb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ae8ca30cc5d3803-FRA
content-encoding
br
content-type
text/html
date
Mon, 27 Mar 2023 15:50:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sf5vdc8xh%2BdkP9Ttcfqm37j2UyfOZOllxhPEfQYLNEBK4a2RtaFqjibRZnXFd2l8w0LGbrZ7e0zDgXUrd%2BdDIKnf98rTKDR8dzSnnIKGpdEgE6m5djHfVCQc0cuGNzuJVRB7VGruC5Fh2HP0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ 		663 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=50118&uid=45e78653-8011-4637-b9ca-94adf3855b48&kw=download%20install
Requested by
Host: venadvstar.com
URL: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.244 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7a94a3a820c8a2febf507c498d7ea5a0cc6e54eb5f3600431d3fd871e7d62a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://venadvstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
model
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8QH5mFb7k8wJASpWkX5YIzzLjhFMDQ2DDQ2c417ExAEHDTdySf%2BsRCUS1XFErZomN29Wpzn8kfBvfSwUpxmwOwjphFODq2zZM7RYK4O5ukVhm3Fopsl%2BfGLX%2BBqWJBQlGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7ae8ca330d169165-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conf.json
venadvstar.com/hood/dmVuYWR2c3Rhci5jb20=/ 		49 B
417 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://venadvstar.com/hood/dmVuYWR2c3Rhci5jb20=/conf.json
Requested by
Host: venadvstar.com
URL: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d080 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 27 Mar 2023 15:44:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6421b9f3-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEUYwLkDpMUv9WWgQ1SeH%2BJdUvZ6uKqbsQRPyx6BUoEZMVmjel%2F4SGke9V6q8OrJpMKpGq5%2F%2FJv2CY%2BdkrpanOp66pG1oYb%2F3TdTIr22DLqDEJVaUMpN%2FfNwmTDH9%2BTAkGzE7ZprMcoevwxaxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
7ae8ca325eec3803-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
ht.js
sdk.ocmhood.com/sdk/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Requested by
Host: venadvstar.com
URL: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7e4 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25

Request headers

Referer
https://venadvstar.com/
Origin
https://venadvstar.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Mon, 13 Feb 2023 09:58:42 GMT
server
cloudflare
etag
W/"63ea09d2-2e94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8%2FuRMORs6qFWRrxkqPJtltuWCfmsZAMRSDZua5DPg2LyboPMRht06q56agKbEdSl82e5WlSfAsucDstffALmwRHaWCeo3vgEa3rXFydGa41GgUGOGtXR6ALrur8M6mrxIOVOZE7bi2rX2zcgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7ae8ca345af36937-FRA
NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
cdn.ocmhood.com/tag/ 		191 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmhood.com/tag/NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4809 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://venadvstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
857
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 13 Dec 2022 16:12:01 GMT
server
cloudflare
etag
W/"6398a451-bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxrUOUoTOX%2BOxa1XS%2Fsvyqh5%2F3lCYbgcTItOGZm%2FDt3sP3AOjqshUg4DIK%2BtLJuBgBjWtl9ZwEJEGlk1tVdGlClcIkS9M8VqZRKJEM%2FPTfsgR9JuSAthucsvmnuQU3xs5OWVZoR7XSSwuu9bzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
cf-ray
7ae8ca355a2e03b8-FRA
activity
t.ocmhood.com/v2/ 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4809 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://venadvstar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Mar 2023 15:50:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIGtOOLBAg5n9VseP821V90kynHgmNH%2FmPFG%2FFPsAFzzj0%2FSh6sUXetfUTx5G%2FpmPy%2Bg4F9UcMO%2FZTlSHKiBs3h8KDnUIaeK29WwcMW2bWLKNd%2BVxWwcxkrf8xvnRCUnwHer6TaMR8huG60%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7ae8ca35cad303b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
304 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NiwxNDY4MjE0Nmxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4809 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://venadvstar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Mar 2023 15:50:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHfX4dmZ47Xwj47ZwE2TiCtdJN6xJMtMCdgn7e3aM9qxQPiAdRjLLuNDGDuOWupK9NoNp0nRZn%2BlbqD4tWn6LDd83DZ%2B2VxXHO4ImfqEUpkfLlG%2F%2B8osFVczZsjl%2FX09GpY3ltqovUhIhKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
7ae8ca35cace03b8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imp
t.cn-rtb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.cn-rtb.com/imp?l2=ODp59z618v2ncNV4CeOkUsWZuGHH_WBC5XGLKvj2Afb3BafK7dYy2OTyQv5pe-_J05sy2t7FL8QzpIEObJSF10a_1FJI_uPfN-posX6-nmHa4Ojz8f48jCQKRdJRewXTIg_HVo2GJ5vfeaav8snFTTusOfuEwFvJGW8nx73LLDmfBDNB8IXgBqeyBYLP1ZOL
Requested by
Host: venadvstar.com
URL: https://venadvstar.com/YY7HeM9G35NeoP3yhHRIalBEFNT3tzVlpFOdy9cGePw/?clck=6421bb4ac1adff0001b447a4&sid=1011_4379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.197.244 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://venadvstar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 15:50:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsvAPWWQvaHw2%2FvD24Mohz0ubvTEwY1wm4HEWUtvPG5CUacdhjlRMwZXN9E5hq%2B3hUTQe1nh%2B7bw3wnNj3C4XJVTmLIvqe0twigF64m5gxzZ96db49jwgmIyQksfGCI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7ae8ca36db7f9165-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lynku.jukminung.com
URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7ae8ca2add4e2bd1

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| showSecondStep boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid

2 Cookies

Domain/Path Name / Value
www.gamejob.co.kr/ Name: ASPSESSIONIDQQBDRSTD
Value: KHNCGLLAOOBPECIIABEJGJOL
valleyutilityplay.com/ Name: uid15295
Value: 1333903852-20230327115026-0ecbe18cc764c84426ae0484675fc259-

1 Console Messages

Source Level URL
Text
other error URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1333903852&pubid=690444
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6c9396fa1.777offers.net
aditmedia.g2afse.com
ajax.googleapis.com
api.pushnami.com
cdn.addlnk.com
cdn.ocmhood.com
feed.cn-rtb.com
fonts.googleapis.com
fonts.gstatic.com
fullyfledgedsystem.com
lynku.jukminung.com
maxcdn.bootstrapcdn.com
offer-connect.com
psp.pushnami.com
sdk.ocmhood.com
t.cn-rtb.com
t.ocmhood.com
trc.pushnami.com
valleyutilityplay.com
venadvstar.com
www.gamejob.co.kr
lynku.jukminung.com
100.26.12.248
121.189.48.181
13.32.99.54
172.67.197.244
2606:4700:20::681a:7e4
2606:4700:20::ac43:4809
2606:4700:3030::6815:4a8d
2606:4700:3032::6815:1cae
2606:4700:3032::ac43:d080
2606:4700::6812:acf
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
34.141.179.97
38.102.245.195
5.199.130.138
54.167.183.48
81.128.197.187
94.237.99.118
14f1c8a7c64537b3d447b87d13c50d9bd8525a9dbae38e6b38471905cc9736eb
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
52ab4af643bc4aab5c955ce99d8779d3804217c85a695bfb5c41bb8f90a33036
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
61835d2463a910e0a5c69632b6d97f400b13dadbd3514e2c4b588293242ec79b
6fbff55fe9991ccc8f2aa975fcdd78e711b3dd856caefc230d54efa4b172f72e
70ca645441ebfae7bb9653172c781bd55e9bcf45e3c0d49fe2bbce6c8a83da25
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a94a3a820c8a2febf507c498d7ea5a0cc6e54eb5f3600431d3fd871e7d62a13
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
b2a8bfbdb86407809072fa664ba652957f4397d1c98ce2279b0dbb1359b7fb8f
ce8f2567c59118ebc5357981a56fa1fb07c39d7f1cc27bca2fbfd1d82f92d99f
cf1cfd435c6ac3d2468e0ae8abf4383ffe5b7d1110a8e180f59fab8f36874bdb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc