urlscan.io logo urlscan.io
SecurityTrails logo

trk74.onnur.xyz Open in urlscan Pro
2606:4700:e6::ac40:c50b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://letsweb.info/tsn34?x=Wow+magic+sing+download+songs+free
Effective URL: https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf...
Submission: On November 08 via manual from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 6 HTTP transactions. The main IP is 2606:4700:e6::ac40:c50b, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk74.onnur.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.
This is the only time trk74.onnur.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.208.81.246 14618 (AMAZON-AES)
1 188.72.236.136 35415 (WEBZILLA)
1 2 204.155.145.103 40824 (WZCOM-)
1 2 99.198.108.198 32475 (SINGLEHOP...)
1 1 212.7.204.100 60781 (LEASEWEB-...)
2 3 213.32.106.166 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
6 5
1    3.208.81.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-81-246.compute-1.amazonaws.com
letsweb.info
1    188.72.236.136 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
igredownload.com
2    204.155.145.103 (Dallas, United States)

ASN40824 (WZCOM-, US)
PTR: proven.masterliberty.com
mixupabc.com
2    99.198.108.198 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
kar.uptoabc.com
1    212.7.204.100 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rdtrck2.com
3    213.32.106.166 (France)

ASN16276 (OVH, FR)
PTR: ip166.ip-213-32-106.eu
www.platinium.best
1    2606:4700:3030::ac43:c486 (United States)

ASN13335 (CLOUDFLARENET, US)
arloreed.com
2    2606:4700:e6::ac40:c50b (United States)

ASN13335 (CLOUDFLARENET, US)
trk74.onnur.xyz
Apex Domain
Subdomains		 Transfer
3 platinium.best
www.platinium.best
6 KB
2 onnur.xyz
trk74.onnur.xyz
12 KB
2 uptoabc.com
kar.uptoabc.com
4 KB
2 mixupabc.com
mixupabc.com
4 KB
1 arloreed.com
arloreed.com
887 B
1 rdtrck2.com
rdtrck2.com
842 B
1 igredownload.com
igredownload.com
6 KB
1 letsweb.info
letsweb.info
359 B
6 8
Domain Requested by
3 www.platinium.best 2 redirects kar.uptoabc.com
2 trk74.onnur.xyz www.platinium.best
igredownload.com
2 kar.uptoabc.com 1 redirects
2 mixupabc.com 1 redirects igredownload.com
1 arloreed.com 1 redirects
1 rdtrck2.com 1 redirects
1 igredownload.com
1 letsweb.info 1 redirects
6 8

This site contains no links.

Subject Issuer Validity Valid
igredownload.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh
mixupabc.com
Let's Encrypt Authority X3		 2020-10-13 -
2021-01-11		 3 months crt.sh
kar.uptoabc.com
Let's Encrypt Authority X3		 2020-10-02 -
2020-12-31		 3 months crt.sh
www.platinium.best
Let's Encrypt Authority X3		 2020-08-25 -
2020-11-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-27 -
2021-06-27		 a year crt.sh

This page contains 1 frames:

Frame: https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}&code=41Y3VvBDU7NjtAPjo-RUZGREERhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PKa1QHE2MTIDbW0HODo5OgtthA9ARkFCE3V9F0hKSUobkJcfTFZRIoWZjoooKIyVkC1eLpKblDNjNKSopaw6OrGqoT.Gr29obmgkTnRqNglyfnJwD4OChncTeoeDGH56ho6BHZOAIW6RnY2RkohXXlhbTFV7kJOaoKejqJ5yWIKor6GpXoyhYyFRViRdJjg4aDs-a0I3L1GBgn95bHt5Y4KOSlFQVU1TV0JLb216dHRVSpeVmJNPd5aVnqNeVnqgq6mooWx2cm4wLzY0NDg0PTkpXWxyboB4P0ZFSkJITBd5jxtTHIGLIFghg1dXJlZXWVlaWyyOYmMxYWIzp5s3Z2hpajuioz9vcTABZWtoBjYHbnWADHJueoJ1EXV7gRZHSEkZhomDHk9PUFEilpiXjShZWltcXV5eL5.klaOpNjanqp2tsJ4.cG9wMzEzMzsFa310dws.Pw2AdHYSEoV2eHkYSUlMUE1OU1IghJCXlCYmnpaWKyujlJqlMWEylpicN2hpamtsbW5vb3AwMjM0NTU3ODk6Ozw9Pj9AQUJDREVGRkhJSktMTU5PUFFSUlRVVldYWVpbXF1eX2BhYmNkZGY2mqGuO2xtbm9wcTEyMzQ1Njc3OTo6PDw.P0BBQhKKiYkXjkZJVZJKdlR1dlyZUZZZlJWWl2WiWplinZ6foG6rY6ptrXSxaYGIq3eWAGxucWsGa3U1Xl0LfoGCEEARfnSDFhZ-hIwbSxyLkiBRUlJUVVZWWFgpoY8tXl9gkmMylqatNzernJ48bnE.srBkAjQ3BGl2eQk6CnlvcQ9AQBF-h4QWR0w_&_tdf=17
Frame ID: EA2962A4D21A29777E23085A76EB306B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://letsweb.info/tsn34?x=Wow+magic+sing+download+songs+free HTTP 302
    https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20downloa... Page URL
  2. https://mixupabc.com/i/4537?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENINAASAMh6GF0A Page URL
  3. https://mixupabc.com/d/4537/1604850498416350_qHD?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENIN... HTTP 302
    https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&c... Page URL
  4. https://kar.uptoabc.com/proc.php?78c6705a1f44c9e33313e0b08ccd59e678623932 HTTP 302
    https://rdtrck2.com/5f78a5adab809d00017d65c8?ref_id=M6892780408191058077&sub1=5761&sub2=5761-c59... HTTP 302
    https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&web... Page URL
  5. https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&web... HTTP 302
    https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&web... HTTP 301
    https://arloreed.com/l/26782215e6f9f3b85550?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-... HTTP 302
    https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-2020... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

29 kB
Transfer

70 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://letsweb.info/tsn34?x=Wow+magic+sing+download+songs+free HTTP 302
    https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20 Page URL
  2. https://mixupabc.com/i/4537?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENINAASAMh6GF0A Page URL
  3. https://mixupabc.com/d/4537/1604850498416350_qHD?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENINAASAMh6GF0A HTTP 302
    https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498 Page URL
  4. https://kar.uptoabc.com/proc.php?78c6705a1f44c9e33313e0b08ccd59e678623932 HTTP 302
    https://rdtrck2.com/5f78a5adab809d00017d65c8?ref_id=M6892780408191058077&sub1=5761&sub2=5761-c597eb70 HTTP 302
    https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a Page URL
  5. https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a&eyeg=a314c8f1e5f39c168a8f92bab4d72309&eyer=0.43272378399361755&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=kar.uptoabc.com HTTP 302
    https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a&oyeg=a314c8f1e5f39c168a8f92bab4d72309&eyer=0.43272378399361755&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=kar.uptoabc.com&eyeg=3 HTTP 301
    https://arloreed.com/l/26782215e6f9f3b85550?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID} HTTP 302
    https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://letsweb.info/tsn34?x=Wow+magic+sing+download+songs+free HTTP 302
  • https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
Request Chain 2
  • https://mixupabc.com/d/4537/1604850498416350_qHD?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENINAASAMh6GF0A HTTP 302
  • https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498
Request Chain 3
  • https://kar.uptoabc.com/proc.php?78c6705a1f44c9e33313e0b08ccd59e678623932 HTTP 302
  • https://rdtrck2.com/5f78a5adab809d00017d65c8?ref_id=M6892780408191058077&sub1=5761&sub2=5761-c597eb70 HTTP 302
  • https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9
igredownload.com/
Redirect Chain
  • http://letsweb.info/tsn34?x=Wow+magic+sing+download+songs+free
  • https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.236.136 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
1f2-12-d2456-136.webazilla.com
Software
nginx/1.18.0 /
Resource Hash
ebde14abb8b09518f12e29a5d22b86b5a1abf3cd84493a86c29e7aa668c6da95

Request headers

:method
GET
:authority
igredownload.com
:scheme
https
:path
/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.18.0
date
Sun, 08 Nov 2020 15:48:17 GMT
content-type
text/html; charset=utf-8
set-cookie
bd_context=rOXnMIOx07GZAAiCFhBwLiBK3BBCRVXpmkU6Pc3v3dtgNL0IIAMpMy8Rac81wr04Q7zFzoDHwEdp4vjYcW6oq9t2YL2u6zYDlwEig3/ntBH615o/MA66S+hjlojHe0nI4ZUmLQxzzjHCDJ0HrvkVbSMQOUbVwRDAns7bfD85XkEZGo3TkkyaRD8UVhvKbB2nC1RBkv2jdJ9GdRcqvDtepbChMWEtpCoaPsZBBohLYJvw36epu4+GEFKNJ6HcLPLPYbCJeZfMgnzgFcJKGYSTO+qF7kqizvGcrtovzJh3E4DmzKJ5Ph5M4W1D/wemMM/rjtNSClhNCCPR; Expires=Mon, 08 Nov 2021 15:48:17 GMT

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Sun, 08 Nov 2020 15:48:17 GMT
Content-Type
text/html; charset=utf-8
Content-Length
547
Connection
keep-alive
Location
https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
4537
mixupabc.com/i/ 		15 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mixupabc.com/i/4537?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENINAASAMh6GF0A
Requested by
Host: igredownload.com
URL: https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.155.145.103 Dallas, United States, ASN40824 (WZCOM-, US),
Reverse DNS
proven.masterliberty.com
Software
nginx-more /
Resource Hash
a49a59deb6acd028770f8e9d11aa24596061191ef4dfee841371f7076e341c17
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Host
mixupabc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://igredownload.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://igredownload.com/

Response headers

Date
Sun, 08 Nov 2020 15:48:18 GMT
Content-Type
text/html; charset=utf8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Server
nginx-more
Strict-Transport-Security
max-age=15768000
Content-Encoding
br
/
kar.uptoabc.com/
Redirect Chain
  • https://mixupabc.com/d/4537/1604850498416350_qHD?&nsid=262516&partner_subid=AEETqF90AQQAIT0CAENINAASAMh6GF0A
  • https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c7222...
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.198 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
40dab7eda3b8cc317691b45fcae296fc2edd1d3eb4420bc44de5bbac1a737d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
kar.uptoabc.com
:scheme
https
:path
/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Sun, 08 Nov 2020 15:48:19 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=1909edf86a3bd51d54a4cf894930af1e; expires=Mon, 08-Nov-2021 15:48:19 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Date
Sun, 08 Nov 2020 15:48:19 GMT
Content-Length
0
Connection
keep-alive
Location
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498
Set-Cookie
ird4537=3409; path=/ ifd=[{"c":3409,"i":1,"e":1604936898}]; path=/
Server
nginx-more
Strict-Transport-Security
max-age=15768000
/
www.platinium.best/
Redirect Chain
  • https://kar.uptoabc.com/proc.php?78c6705a1f44c9e33313e0b08ccd59e678623932
  • https://rdtrck2.com/5f78a5adab809d00017d65c8?ref_id=M6892780408191058077&sub1=5761&sub2=5761-c597eb70
  • https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a
Requested by
Host: kar.uptoabc.com
URL: https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.32.106.166 , France, ASN16276 (OVH, FR),
Reverse DNS
ip166.ip-213-32-106.eu
Software
/
Resource Hash
6722d5db0cac4caa32ac36237ed4ce13c58a9f354b488a8677236b53ee22acce

Request headers

Host
www.platinium.best
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kar.uptoabc.com/?utm_medium=0c24dff2b5ab00d5d9cae147627d390de68e13d6&utm_campaign=newsmart&cid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&1=MjYyNTE2_4111_4537&isubid=ea2ef41c722268f1e16e51bfd4695c77_1604850498_4537_3409&iclick_id=ea2ef41c722268f1e16e51bfd4695c77_1604850498#

Response headers

Date
Sun, 08 Nov 2020 15:48:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-transform

Redirect headers

Server
nginx
Date
Sun, 08 Nov 2020 15:48:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
213
Connection
keep-alive
Location
https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a
Set-Cookie
redhash=NWZhODEzNDMzYmMwYjgwMDAxZmNiMjhhfDB8NWY3OGE1YWRhYjgwOWQwMDAxN2Q2NWM4fHwyNjBiY2FkMC0xM2I0LTQwYWQtODRlZi0wNjRhZmFkM2MzZDF8MTYwNDg1MDQ5OQ==; Path=/; Domain=rdtrck2.com; Expires=Mon, 08 Nov 2021 15:48:19 GMT; SameSite=None; Secure
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers
Content-Length,Content-Range
Primary Request 26782215e6f9f3b85550.js
trk74.onnur.xyz/l/
Redirect Chain
  • https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a&eyeg=a314c8f1e5f39c168a8f92bab...
  • https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a&oyeg=a314c8f1e5f39c168a8f92bab...
  • https://arloreed.com/l/26782215e6f9f3b85550?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa...
  • https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb22979...
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}
Requested by
Host: www.platinium.best
URL: https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a

Request headers

:method
GET
:authority
trk74.onnur.xyz
:scheme
https
:path
/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.platinium.best/?sl=4925906-56ebf&data1=Track1&data2=Track2&tag=5fa813433bc0b80001fcb28a&website={subID}&placement={sub_subID}&tag=5fa813433bc0b80001fcb28a

Response headers

status
200
date
Sun, 08 Nov 2020 15:48:19 GMT
content-type
text/html
set-cookie
__cfduid=d9efa1e951efd37637af70b971da851101604850499; expires=Tue, 08-Dec-20 15:48:19 GMT; path=/; domain=.onnur.xyz; HttpOnly; SameSite=Lax
last-modified
Tue, 20 Aug 2019 14:25:20 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-cache-status
HIT
age
27995
cf-request-id
064a2458e6000032405a8f8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1ed1Q%2Biwj78fzKb9QZWi31aW5Pf%2B72eOWPe2ExFGiPMBj4RoLqmv9myxp9NO9bFStukVhvxBg%2F8ycuQ%2BhIRyLo7loKxulC0YcNTN5oP9okrLxKgtBJRUwDoOx4U%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
5ef07007de423240-FRA
content-encoding
br

Redirect headers

status
302
date
Sun, 08 Nov 2020 15:48:19 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}
cf-request-id
064a2458bf0000643dbbb05000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=17d508bbbb78ca4b506a63621d6b5c119321fc73-1604850499-1800-AaL2fFTw0snIH/6i17cvsBNOvel5gl+p8kdMxEKL7U/2t7YWkphjCmVyWaXmv1Bi2nEc/bIorSIGwjLP09ktrmo=; path=/; expires=Sun, 08-Nov-20 16:18:19 GMT; domain=.arloreed.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jA9osXkJ%2BnnRUXa%2F7hulpAsUUMn8QZQf0sbhiwLIVqr9ZiWQKa6myevX%2BiSI7FvlOCtWAoSf3EOOaKbToj6oD%2FfEpYTloRFU%2F3mW6jlL%2FVwPRanGClZ6ePg%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
5ef070079ffa643d-FRA
26782215e6f9f3b85550.js
trk74.onnur.xyz/l/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}&code=41Y3VvBDU7NjtAPjo-RUZGREERhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PKa1QHE2MTIDbW0HODo5OgtthA9ARkFCE3V9F0hKSUobkJcfTFZRIoWZjoooKIyVkC1eLpKblDNjNKSopaw6OrGqoT.Gr29obmgkTnRqNglyfnJwD4OChncTeoeDGH56ho6BHZOAIW6RnY2RkohXXlhbTFV7kJOaoKejqJ5yWIKor6GpXoyhYyFRViRdJjg4aDs-a0I3L1GBgn95bHt5Y4KOSlFQVU1TV0JLb216dHRVSpeVmJNPd5aVnqNeVnqgq6mooWx2cm4wLzY0NDg0PTkpXWxyboB4P0ZFSkJITBd5jxtTHIGLIFghg1dXJlZXWVlaWyyOYmMxYWIzp5s3Z2hpajuioz9vcTABZWtoBjYHbnWADHJueoJ1EXV7gRZHSEkZhomDHk9PUFEilpiXjShZWltcXV5eL5.klaOpNjanqp2tsJ4.cG9wMzEzMzsFa310dws.Pw2AdHYSEoV2eHkYSUlMUE1OU1IghJCXlCYmnpaWKyujlJqlMWEylpicN2hpamtsbW5vb3AwMjM0NTU3ODk6Ozw9Pj9AQUJDREVGRkhJSktMTU5PUFFSUlRVVldYWVpbXF1eX2BhYmNkZGY2mqGuO2xtbm9wcTEyMzQ1Njc3OTo6PDw.P0BBQhKKiYkXjkZJVZJKdlR1dlyZUZZZlJWWl2WiWplinZ6foG6rY6ptrXSxaYGIq3eWAGxucWsGa3U1Xl0LfoGCEEARfnSDFhZ-hIwbSxyLkiBRUlJUVVZWWFgpoY8tXl9gkmMylqatNzernJ48bnE.srBkAjQ3BGl2eQk6CnlvcQ9AQBF-h4QWR0w_&_tdf=17
Requested by
Host: igredownload.com
URL: https://igredownload.com/Gorgy924d51f9eb7d0c9bf56bd3a277892013db4d4bb9?q=Wow%20magic%20sing%20download%20songs%20free&s1=Wow%20magic%20sing%20download%20songs%20free&s2=b20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c50b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
trk74.onnur.xyz
:scheme
https
:path
/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}&code=41Y3VvBDU7NjtAPjo-RUZGREERhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3eVm6OnUKlqaZNrajesnKI8PKa1QHE2MTIDbW0HODo5OgtthA9ARkFCE3V9F0hKSUobkJcfTFZRIoWZjoooKIyVkC1eLpKblDNjNKSopaw6OrGqoT.Gr29obmgkTnRqNglyfnJwD4OChncTeoeDGH56ho6BHZOAIW6RnY2RkohXXlhbTFV7kJOaoKejqJ5yWIKor6GpXoyhYyFRViRdJjg4aDs-a0I3L1GBgn95bHt5Y4KOSlFQVU1TV0JLb216dHRVSpeVmJNPd5aVnqNeVnqgq6mooWx2cm4wLzY0NDg0PTkpXWxyboB4P0ZFSkJITBd5jxtTHIGLIFghg1dXJlZXWVlaWyyOYmMxYWIzp5s3Z2hpajuioz9vcTABZWtoBjYHbnWADHJueoJ1EXV7gRZHSEkZhomDHk9PUFEilpiXjShZWltcXV5eL5.klaOpNjanqp2tsJ4.cG9wMzEzMzsFa310dws.Pw2AdHYSEoV2eHkYSUlMUE1OU1IghJCXlCYmnpaWKyujlJqlMWEylpicN2hpamtsbW5vb3AwMjM0NTU3ODk6Ozw9Pj9AQUJDREVGRkhJSktMTU5PUFFSUlRVVldYWVpbXF1eX2BhYmNkZGY2mqGuO2xtbm9wcTEyMzQ1Njc3OTo6PDw.P0BBQhKKiYkXjkZJVZJKdlR1dlyZUZZZlJWWl2WiWplinZ6foG6rY6ptrXSxaYGIq3eWAGxucWsGa3U1Xl0LfoGCEEARfnSDFhZ-hIwbSxyLkiBRUlJUVVZWWFgpoY8tXl9gkmMylqatNzernJ48bnE.srBkAjQ3BGl2eQk6CnlvcQ9AQBF-h4QWR0w_&_tdf=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d9efa1e951efd37637af70b971da851101604850499
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://trk74.onnur.xyz/l/26782215e6f9f3b85550.js?sub=2300075aec3be8ade6d7801e1ea1253b109751108-202011-flb*4925906-56ebf*5fa813433bc0b80001fcb28a*sl_4925906-56ebf*bd374a6b7b71339ba5e1ca256cacb2297931fefa*{subID}*{sub_subID}

Response headers

status
204
date
Sun, 08 Nov 2020 15:48:19 GMT
set-cookie
BSESSID=trke988b53f-ec9a-4299-81ae-657b2bbe7c5d; Max-Age=63072000; Expires=Tue, 8 Nov 2022 15:48:19 GMT; Path=/
cf-cache-status
DYNAMIC
cf-request-id
064a24592600003240b7846000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xm3AoxE7yB6x%2B5NqPi4cKQaeYsguMtzD%2BNXj8PyFostaA7HVexxP4m4O%2F3ti2MKts1VO99zA8jM%2FY7WFpRj6aWlq8Pc6%2F2dWfAX2UvWwCAEDpbfjiKz3TML9vAU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5ef070083f5b3240-FRA

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| Y6VV number| r4nnnn number| l4nnnn number| t6u function| EKm8V

1 Cookies

Domain/Path Name / Value
.onnur.xyz/ Name: __cfduid
Value: d9efa1e951efd37637af70b971da851101604850499