urlscan.io logo urlscan.io
SecurityTrails logo

ak.zougreek.com Open in urlscan Pro
23.55.110.148  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://appurl.io/aaSnsB0CMU
Effective URL: https://ak.zougreek.com/4/6730278?var=6553935&ymid=770805785218523620&oaid=f4541d92ba2e45b2ace49db227309e95
Submission: On January 15 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 23 HTTP transactions. The main IP is 23.55.110.148, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is ak.zougreek.com. The Cisco Umbrella rank of the primary domain is 332156.
TLS certificate: Issued by R3 on January 15th 2024. Valid for: 3 months.
This is the only time ak.zougreek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 104.26.1.237 13335 (CLOUDFLAR...)
2 104.18.11.207 13335 (CLOUDFLAR...)
2 142.250.186.162 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
2 142.250.186.174 15169 (GOOGLE)
1 142.250.185.136 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
1 139.45.197.237 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
1 23.55.110.148 20940 (AKAMAI-ASN1)
1 1 54.196.173.211 14618 (AMAZON-AES)
1 44.217.91.37 14618 (AMAZON-AES)
23 13
8    104.26.1.237 (None, )

ASN13335 (CLOUDFLARENET, US)
appurl.io
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
1    142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
thaudray.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    23.55.110.148 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-148.deploy.static.akamaitechnologies.com
ak.zougreek.com
1    54.196.173.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-173-211.compute-1.amazonaws.com
www.cns23nnn.com
1    44.217.91.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-91-37.compute-1.amazonaws.com
www.getgx.net
Apex Domain
Subdomains		 Transfer
8 appurl.io
appurl.io — Cisco Umbrella Rank: 957228
39 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11663
1011 B
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
187 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019
26 KB
1 getgx.net
www.getgx.net — Cisco Umbrella Rank: 411510
1 cns23nnn.com
www.cns23nnn.com — Cisco Umbrella Rank: 632236
648 B
1 zougreek.com
ak.zougreek.com — Cisco Umbrella Rank: 332156
2 KB
1 thaudray.com
thaudray.com — Cisco Umbrella Rank: 216099
2 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
82 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 760
23 KB
23 12
Domain Requested by
8 appurl.io 2 redirects appurl.io
2 my.rtmark.net thaudray.com
ak.zougreek.com
2 www.google-analytics.com appurl.io
www.google-analytics.com
2 pagead2.googlesyndication.com appurl.io
pagead2.googlesyndication.com
2 maxcdn.bootstrapcdn.com appurl.io
1 www.getgx.net ak.zougreek.com
1 www.cns23nnn.com 1 redirects
1 ak.zougreek.com thaudray.com
1 thaudray.com appurl.io
1 region1.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagmanager.com www.google-analytics.com
1 code.jquery.com appurl.io
23 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-24 -
2024-04-23		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
thaudray.com
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
ak.hetaruwg.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
getgx.net
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh

This page contains 5 frames:

Frame: https://www.getgx.net/662FP6J/KM2JJWB/?sub1=2T4B5B&sub2=3978b09c94c146f388b2cda805c5becb&sub3=5419283_6730278
Frame ID: 263B79E3429CD2104850D07D17472A44
Requests: 18 HTTP requests in this frame

Frame: https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: DD7022AA40FDD14E31D0EC1191106BEB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 7D2ED2B9D4ACD957C3CA471CF21799C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1704909552&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2FaaSnsB0CMU&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705337938130&bpp=2&bdt=440&idt=230&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6904424834291&frm=20&pv=2&ga_vid=419937329.1705337938&ga_sid=1705337938&ga_hid=67312209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31080266%2C31080443%2C44795922%2C95320892%2C95321626%2C95321967%2C95322164&oid=2&pvsid=1592545206621380&tmod=1826713151&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=239
Frame ID: DBAEA1A38096C395CAA5D70B9A859CD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1704909552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2FaaSnsB0CMU&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705337938140&bpp=2&bdt=450&idt=233&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=6904424834291&frm=20&pv=1&ga_vid=419937329.1705337938&ga_sid=1705337938&ga_hid=67312209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31080266%2C31080443%2C44795922%2C95320892%2C95321626%2C95321967%2C95322164&oid=2&pvsid=1592545206621380&tmod=1826713151&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=238
Frame ID: 5F4E614B6898D6EC7781528AFBB2CB5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirect

Page URL History Show full URLs

  1. http://appurl.io/aaSnsB0CMU HTTP 301
    https://appurl.io/aaSnsB0CMU Page URL
  2. https://thaudray.com/4/6553935 Page URL
  3. https://ak.zougreek.com/4/6730278?var=6553935&ymid=770805785218523620&oaid=f4541d92ba2e45b2ace49db22... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

87 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

387 kB
Transfer

1108 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://appurl.io/aaSnsB0CMU HTTP 301
    https://appurl.io/aaSnsB0CMU Page URL
  2. https://thaudray.com/4/6553935 Page URL
  3. https://ak.zougreek.com/4/6730278?var=6553935&ymid=770805785218523620&oaid=f4541d92ba2e45b2ace49db227309e95 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://appurl.io/aaSnsB0CMU HTTP 301
  • https://appurl.io/aaSnsB0CMU
Request Chain 9
  • https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 21
  • https://www.cns23nnn.com/2T4B5B/RHG34M/?source_id=6730278&sub1=770805785981887021 HTTP 302
  • https://www.getgx.net/662FP6J/KM2JJWB/?sub1=2T4B5B&sub2=3978b09c94c146f388b2cda805c5becb&sub3=5419283_6730278

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aaSnsB0CMU
appurl.io/
Redirect Chain
  • http://appurl.io/aaSnsB0CMU
  • https://appurl.io/aaSnsB0CMU
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f9ae3b9fb08ec0e6f12da10748ccc76ae93dbbe73d3e89f356469765f8a938

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
31
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
845faa9e2ae60e1d-MXP
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 16:58:57 GMT
last-modified
Wed, 10 Jan 2024 17:59:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbFduobvZLB6rB8e4YfbaJjRKi4WacSioZkcNhUztayn3ERKZm4K%2BcuVEsF3Cw2WG6PvePqQEP8ML6EPsJODKV2y1%2FUkG6z5NVADfZbxVAUecyeqsagj4v4htg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 cd4dfe3c4e4ae7c889b30370e31a809e.cloudfront.net (CloudFront)
x-amz-cf-id
f2aA2LWxfkCUYscEkg1yuoliNpT29eOLBtARVtvBnsHHJmpo4W8t1A==
x-amz-cf-pop
MXP63-P4
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
DkdY0GuzY5p_I_yLj8Ae8Knl7jlNQct1
x-cache
Hit from cloudfront

Redirect headers

CF-RAY
845faa9d3c7f0e0b-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 15 Jan 2024 16:58:57 GMT
Expires
Mon, 15 Jan 2024 17:58:57 GMT
Location
https://appurl.io/aaSnsB0CMU
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMwZGT0WvxIUnpID79Ews5em9vDbjBGlZz7nM3A23xbyQ2RwlafabV%2FBRlVEe3G%2B0vOwsGHiuXZ6fMABdLxWlL8jY06YoRKgKSRx8Z8G3t%2BHPhWAZNTeFrxM8A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
632, 617, 617, 617
age
5912837
cdn-cachedat
2021-06-08 21:21:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f3a3007506374a305b1a96efe5ee1490
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
845faa9f2dc15a37-MXP
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
3930602
cdn-cachedat
11/18/2022 06:19:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"0831cba6a670e405168b84aa20798347"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3af916a75e1d48e1e2c7726fdf7b3994
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
845faa9f2dc25a37-MXP
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1ebb0864a695a13d2d0f48bdcbef68f6f8ff320e1c81bf4157067dcdaa09904e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51626
x-xss-protection
0
server
cafe
etag
13653621732755420007
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 16:58:58 GMT
appurl-logo.png
appurl.io/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://appurl.io/images/appurl-logo.png
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/aaSnsB0CMU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
via
1.1 e7a1e221dc79357f183831391807903a.cloudfront.net (CloudFront)
x-amz-version-id
7yXkJHZznTRQiEpUtdjqKx4EVy7qQMwS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6526
x-amz-cf-pop
MXP63-P4
cf-polished
origFmt=png, origSize=25721
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="appurl-logo.webp"
content-length
23746
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Dec 2021 22:04:29 GMT
server
cloudflare
etag
"85b2e8868db81fa9a39b35a70edc31e0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REU4PpbcUB9ffWeZfBLcUVwygqEaVNhr75r2beG1mJD2%2BGwGT%2BFUNb6JBtYaUo1UYqdK%2F%2BtF0J0m4K%2FyyarBT99sKpixqVZl7lzrEMSxbiPs0V60%2BSAc4RnQpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
845faa9eac010e1d-MXP
x-amz-cf-id
WP2xlr0ygsdZyGEzoSsVRdMTNVfZOwB3qitx1kGuVqxspoqOL3sh5A==
jquery-3.1.1.slim.min.js
code.jquery.com/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.slim.min.js
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

Request headers

Referer
https://appurl.io/
Origin
https://appurl.io
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
10537317
x-cache
HIT, HIT
content-length
23709
x-served-by
cache-lga21978-LGA, cache-fco2270030-FCO
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1705337938.760736,VS0,VE0
etag
W/"28feccc0-10ebd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
38, 4427
ua-parser-min.js
appurl.io/javascripts/vendor/min/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appurl.io/javascripts/vendor/min/ua-parser-min.js
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/aaSnsB0CMU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
x-amz-version-id
null
via
1.1 dcb150b6d29d870238d0b44e37d745a8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P4
age
6548
content-encoding
br
x-cache
Hit from cloudfront
last-modified
Mon, 07 Nov 2016 12:40:40 GMT
server
cloudflare
etag
W/"bb04355ce387383532230a11c09091aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37ir%2FWEc%2FKhQPEWgbkfE8n56QOlK%2BbvF1zybuFWx8bvwesVmdRPqV3GdrKahnIvGB3Sa3NUuGQ%2FRs2g%2BwP%2FlLISBylItiTtwm3V4TMR9NLCTQFgzFF%2Fsd3wJVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
845faa9f3d2b0e1d-MXP
x-amz-cf-id
CwS3xH1t78_did4Lhq2wJyW34NGaiaYGmOalkTljm0noeB5oePEVzA==
redirect-min.js
appurl.io/javascripts/min/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1704909551719
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/aaSnsB0CMU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
x-amz-version-id
9M7B3iVhOibLRAgQIfsmO4Iy653N6J.p
via
1.1 e57379aeeaf825df3f0a6972a5cb719c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P4
age
2619
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 01 Feb 2021 01:26:50 GMT
server
cloudflare
etag
W/"10bb0164a9f84b027874e3f0efbe4b45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjb7vdoKYxM%2BhQvbURcBaJ5AUrq7ictTUcr2EgGAfW89f6zzemLJwT8FBUQPsHPvM95tjV%2BwlaLp5TiwKm0HEJaKwoakBEqqb5qR4SVC%2FbHRV8oZU%2BwLZyRy7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
845faa9f5da20e1d-MXP
x-amz-cf-id
Erpuh4gLIzCgl7MNyGUY5j01oraM4HQMEq2OlUWA2mLvj327PMJkkQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 Jan 2024 15:48:13 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4244
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 15 Jan 2024 17:48:13 GMT
main.js
appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame DD70
Redirect Chain
  • https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appurl.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: appurl.io
URL: https://appurl.io/aaSnsB0CMU
Protocol
H2
Server
104.26.1.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb536b3415215ac6cc17b2a691e0a29fbfd25dfb1c76fd2d4d2c230c1192f81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:57 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOSset71XoUN85Am9fKSbaLwLotRmbJRWdoxWK2R%2BzLrKZ2i0YY%2B0c2icNW7HeeGmcFBo1GrWcFUTsN59XmOSSJrQVxlfSMZTcsOCnYOBEMgw2HFytPdekssQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
845faaa02f7d0e1d-MXP

Redirect headers

date
Mon, 15 Jan 2024 16:58:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpNqLfBFAyVheueed%2B%2BaSry7I3GVTDZ9RnptH6S6vzxG5ChwgG2SdQgyvuKHltB9o1%2FIvXBMvzgCiBj2l1rowax0QN2pYfW8zk7GkbohLYPvVmjxkLi0vU8yNw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
845faa9fdee20e1d-MXP
845faa9e2ae60e1d
appurl.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame DD70 		0
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://appurl.io/cdn-cgi/challenge-platform/h/b/jsd/r/845faa9e2ae60e1d
Requested by
Host: appurl.io
URL: https://appurl.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Jan 2024 16:58:58 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
845faaa0c8e20e1d-MXP
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltqlmBtOru67S8WZu4Et8C3wisCNo4CKVsFGPwR3ygJ%2F6sV22vFEIARoiUxQtzFDd%2BlkRFqu2NLhGyxeXkh7wyDWd4XVVPPIT6NyriRjXOtiL8TG3Gnu4%2BbGMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		15 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=67312209&t=pageview&_s=1&dl=https%3A%2F%2Fappurl.io%2FaaSnsB0CMU&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=342771799&gjid=1242214836&cid=419937329.1705337938&tid=UA-1416913-22&_gid=898076021.1705337938&_r=1&_slc=1&z=1123535143
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appurl.io/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 16:58:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appurl.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L4PYPET04L&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b7c43a06f32d47d329971c97059439de1dc6f093946f29b45e6b0f5e0dc78127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83752
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 16:58:58 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503947100737582&plah=appurl.io
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139379
x-xss-protection
0
server
cafe
etag
13633374483896092855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 16:58:58 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 7D2E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appurl.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

age
73126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 20:40:12 GMT
etag
9219409622527106327
expires
Sun, 28 Jan 2024 20:40:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L4PYPET04L&gtm=45je41a0v9135398817&_p=1705337938104&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=419937329.1705337938&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fappurl.io%2FaaSnsB0CMU&sid=1705337938&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=932
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4PYPET04L&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://appurl.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 16:58:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appurl.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DBAE 		0
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5F4E 		0
0
6553935
thaudray.com/4/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thaudray.com/4/6553935
Requested by
Host: appurl.io
URL: https://appurl.io/javascripts/min/redirect-min.js?version=1.0.0.1704909551719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://appurl.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Mon, 15 Jan 2024 16:58:58 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ak.zougreek.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache no-cache
server
nginx
timing-allow-origin
*
x-trace-id
5859e37a8dd9bcdd9bfdce5621d6ceb4
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=f4541d92ba2e45b2ace49db227309e95
Requested by
Host: thaudray.com
URL: https://thaudray.com/4/6553935
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://thaudray.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request 6730278
ak.zougreek.com/4/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.zougreek.com/4/6730278?var=6553935&ymid=770805785218523620&oaid=f4541d92ba2e45b2ace49db227309e95
Requested by
Host: thaudray.com
URL: https://thaudray.com/4/6553935
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9a3284f3625183f5d89d74d16f283f0a024b06833d7472bd3576c84222afe5b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
636
content-type
text/html; charset=utf8
date
Mon, 15 Jan 2024 16:58:58 GMT
expires
Mon, 15 Jan 2024 16:58:58 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://www.cns23nnn.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
0ff6a66775ab7a67cfc7114f275e8007
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=f4541d92ba2e45b2ace49db227309e95
Requested by
Host: ak.zougreek.com
URL: https://ak.zougreek.com/4/6730278?var=6553935&ymid=770805785218523620&oaid=f4541d92ba2e45b2ace49db227309e95
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:58:58 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://ak.zougreek.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
www.getgx.net/662FP6J/KM2JJWB/
Redirect Chain
  • https://www.cns23nnn.com/2T4B5B/RHG34M/?source_id=6730278&sub1=770805785981887021
  • https://www.getgx.net/662FP6J/KM2JJWB/?sub1=2T4B5B&sub2=3978b09c94c146f388b2cda805c5becb&sub3=5419283_6730278
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getgx.net/662FP6J/KM2JJWB/?sub1=2T4B5B&sub2=3978b09c94c146f388b2cda805c5becb&sub3=5419283_6730278
Requested by
Host: ak.zougreek.com
URL: https://ak.zougreek.com/4/6730278?var=6553935&ymid=770805785218523620&oaid=f4541d92ba2e45b2ace49db227309e95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.217.91.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-217-91-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ak.zougreek.com/partitial/5117854/?var=6730278&ab2r=0&prfrev=false&rhd=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

apigw-requestid
RlydHjOdoAMEa5A=
date
Mon, 15 Jan 2024 16:58:59 GMT

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
content-length
140
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 16:58:59 GMT
location
https://www.getgx.net/662FP6J/KM2JJWB/?sub1=2T4B5B&sub2=3978b09c94c146f388b2cda805c5becb&sub3=5419283_6730278
server
nginx
vary
Origin
x-eflow-request-id
779fd712-4b0e-4955-a92a-6c93e408cae7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&h=280&slotname=1787055170&adk=646328967&adf=4134371643&pi=t.ma~as.1787055170&w=660&fwrn=4&fwrnh=100&lmt=1704909552&rafmt=1&format=660x280&url=https%3A%2F%2Fappurl.io%2FaaSnsB0CMU&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705337938130&bpp=2&bdt=440&idt=230&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&correlator=6904424834291&frm=20&pv=2&ga_vid=419937329.1705337938&ga_sid=1705337938&ga_hid=67312209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=470&ady=590&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31080266%2C31080443%2C44795922%2C95320892%2C95321626%2C95321967%2C95322164&oid=2&pvsid=1592545206621380&tmod=1826713151&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=239
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503947100737582&output=html&adk=1812271804&adf=3025194257&lmt=1704909552&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fappurl.io%2FaaSnsB0CMU&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705337938140&bpp=2&bdt=450&idt=233&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=660x280&nras=1&correlator=6904424834291&frm=20&pv=1&ga_vid=419937329.1705337938&ga_sid=1705337938&ga_hid=67312209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079266%2C31080266%2C31080443%2C44795922%2C95320892%2C95321626%2C95321967%2C95322164&oid=2&pvsid=1592545206621380&tmod=1826713151&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=238

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| url function| redirect

11 Cookies

Domain/Path Name / Value
.appurl.io/ Name: _ga
Value: GA1.2.419937329.1705337938
.appurl.io/ Name: _gid
Value: GA1.2.898076021.1705337938
.appurl.io/ Name: _gat
Value: 1
.appurl.io/ Name: cf_clearance
Value: 1PbqNqD4gfSZHY13_lSgqemRxtCURGcXuogO6j9hxDY-1705337938-1-AfCcmMvQTrF+1Ql1vbLkss7QBfRwDeWrsgkUFfmRLTt2qCqbaf9EkyomkJSxJ/dyMMVYwaHQCs+W6hoqi/v428I=
.appurl.io/ Name: _ga_L4PYPET04L
Value: GS1.2.1705337938.1.0.1705337938.0.0.0
thaudray.com/ Name: OAID
Value: f4541d92ba2e45b2ace49db227309e95
thaudray.com/ Name: oaidts
Value: 1705337938
my.rtmark.net/ Name: ID
Value: f4541d92ba2e45b2ace49db227309e95
ak.zougreek.com/ Name: OAID
Value: f4541d92ba2e45b2ace49db227309e95
ak.zougreek.com/ Name: oaidts
Value: 1705337938
ak.zougreek.com/ Name: syncedCookie
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.zougreek.com
appurl.io
code.jquery.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
my.rtmark.net
pagead2.googlesyndication.com
region1.google-analytics.com
thaudray.com
www.cns23nnn.com
www.getgx.net
www.google-analytics.com
www.googletagmanager.com
googleads.g.doubleclick.net
104.18.11.207
104.26.1.237
139.45.195.8
139.45.197.237
142.250.185.136
142.250.186.162
142.250.186.174
142.250.186.66
151.101.66.137
216.239.34.36
23.55.110.148
44.217.91.37
54.196.173.211
0cb536b3415215ac6cc17b2a691e0a29fbfd25dfb1c76fd2d4d2c230c1192f81
1ebb0864a695a13d2d0f48bdcbef68f6f8ff320e1c81bf4157067dcdaa09904e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5e41a7428c89d172ea125c6b0bd7a3e04250d8a949f82a4dd7d8f84586192aa8
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9a3284f3625183f5d89d74d16f283f0a024b06833d7472bd3576c84222afe5b7
b7c43a06f32d47d329971c97059439de1dc6f093946f29b45e6b0f5e0dc78127
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0cca353da10587986b5da53a4ed0391880809af5c1101f3047b5fc5e3383742
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a1e8dfe89632088e1ec8147765e5a1faf08f7414ede4c9f3cce701f8b85b2f
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
f6f9ae3b9fb08ec0e6f12da10748ccc76ae93dbbe73d3e89f356469765f8a938
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8e703adf731c76be52f8ed94756940446a493cfb92f14a5432c33db5b2a7a36
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217