urlscan.io logo urlscan.io
SecurityTrails logo

uzi.tguzi.com Open in urlscan Pro
67.212.173.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7331532216788320334&website=26345-b8b14fbe-4a3c...
Effective URL: https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=00941c74...
Submission: On March 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 15 domains to perform 16 HTTP transactions. The main IP is 67.212.173.76, located in United States and belongs to SINGLEHOP-LLC, US. The main domain is uzi.tguzi.com.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.
This is the only time uzi.tguzi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.68.82.147 16276 (OVH)
1 1 104.26.6.190 13335 (CLOUDFLAR...)
1 4 172.67.134.193 13335 (CLOUDFLAR...)
2 172.67.185.188 13335 (CLOUDFLAR...)
1 185.66.201.43 201702 (SKHOSTING-EU)
2 142.250.80.14 15169 (GOOGLE)
1 185.66.201.8 201702 (SKHOSTING-EU)
1 172.253.115.156 15169 (GOOGLE)
1 1 49.51.78.191 132203 (TENCENT-N...)
1 4 104.21.40.9 13335 (CLOUDFLAR...)
1 67.212.173.76 32475 (SINGLEHOP...)
1 1 5.9.41.148 ()
3 4 23.73.240.126 ()
2 2 23.73.245.98 ()
16 10
1    51.68.82.147 (France)

ASN16276 (OVH, FR)
cimentbuilder.one
1    104.26.6.190 (None, )

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
4    172.67.134.193 (United States)

ASN13335 (CLOUDFLARENET, US)
mety.panparan.com
2    172.67.185.188 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu
05790.click
2    142.250.80.14 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f14.1e100.net
www.google-analytics.com
1    185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu
pfpfp.click
1    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
stats.g.doubleclick.net
1    49.51.78.191 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
mengine.fusetracking.com
4    104.21.40.9 (None, )

ASN13335 (CLOUDFLARENET, US)
tulac.gindence.com
1    67.212.173.76 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
uzi.tguzi.com
1    5.9.41.148 (None, )

ASN- ()
alpine-vpn.com
4    23.73.240.126 (None, )

ASN- ()
s.click.aliexpress.com
www.aliexpress.com
www.aliexpress.us
2    23.73.245.98 (None, )

ASN- ()
login.aliexpress.com
login.aliexpress.us
Domain Requested by
4 tulac.gindence.com 1 redirects pfpfp.click
tulac.gindence.com
4 mety.panparan.com 1 redirects mety.panparan.com
2 www.aliexpress.us 1 redirects uzi.tguzi.com
2 www.google-analytics.com 05790.click
www.google-analytics.com
2 cdn.addlnk.com mety.panparan.com
tulac.gindence.com
1 login.aliexpress.us 1 redirects
1 login.aliexpress.com 1 redirects
1 www.aliexpress.com 1 redirects
1 s.click.aliexpress.com 1 redirects
1 alpine-vpn.com 1 redirects
1 uzi.tguzi.com tulac.gindence.com
1 mengine.fusetracking.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 pfpfp.click 05790.click
1 05790.click mety.panparan.com
1 admoustache.aftrad-visit.com 1 redirects
1 cimentbuilder.one 1 redirects
0 www.googletagmanager.com Failed www.google-analytics.com
16 18

This site contains no links.

Subject Issuer Validity Valid
panparan.com
GTS CA 1P5		 2024-03-06 -
2024-06-04		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
05790.click
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
pfpfp.click
R3		 2024-02-28 -
2024-05-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
gindence.com
Cloudflare Inc ECC CA-3		 2023-12-25 -
2024-12-24		 a year crt.sh
uzi.tguzi.com
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh
ae01.alicdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-15 -
2024-10-16		 a year crt.sh

This page contains 3 frames:

Frame: https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&aff_fsk=_oomXYCE&aff_platform=portals-billboard-sea&sk=_oomXYCE&aff_trace_key=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&terminal_id=d13c0c8316724e128320fd77dbb91395&afSmartRedirect=y&gatewayAdapt=glo2usa4itemAdapt&_randl_shipto=US
Frame ID: F3CF40D5CAA912B3A307F01B03B755A9
Requests: 12 HTTP requests in this frame

Frame: https://mety.panparan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 4534195A8D949B03E205A014EDDFE071
Requests: 2 HTTP requests in this frame

Frame: https://tulac.gindence.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 073A8D4F0F8539E5A6A1C83B6F6925B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7331532216788320334&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001... HTTP 302
    https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfz... Page URL
  2. https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub60ab3c18f1154a6895cafdb7c6640ce5&plac... Page URL
  3. https://pfpfp.click/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D266946%... Page URL
  4. https://mengine.fusetracking.com/tl?a=25&o=266946&aff_click_id=30affC1710367880aff7d2598a827121a571a620&sub_a... HTTP 302
    https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306 Page URL
  5. https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

15
Domains

18
Subdomains

10
IPs

4
Countries

40 kB
Transfer

85 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7331532216788320334&website=26345-b8b14fbe-4a3cf64e&placement=26345&eyeg=3&eyer=0.06278136771307508&eyei=0&eyew=1920&eyeh=1001&eyetd=210&eyef=ref.beheracrossa.com HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001990a929de35ec02a45ad91cf7aeb5d40313-202403-flb*5738009-ccc5a*m7331532216788320334*sl_5738009-ccc5a*a9d81ccc6716e4a2e2d40d382d1cc572bed142dd*26345-b8b14fbe-4a3cf64e*26345 HTTP 302
    https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid= Page URL
  2. https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub60ab3c18f1154a6895cafdb7c6640ce5&placementName=f31e77b4 Page URL
  3. https://pfpfp.click/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D266946%26aff_click_id%3D30affC1710367880aff7d2598a827121a571a620%26sub_affid%3D29611306&do=71d09fb2141724bb19ec3f3af9bf9db8 Page URL
  4. https://mengine.fusetracking.com/tl?a=25&o=266946&aff_click_id=30affC1710367880aff7d2598a827121a571a620&sub_affid=29611306 HTTP 302
    https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306 Page URL
  5. https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=00941c74&cid=pubcc43c7df8e094256a19e5338d76b49f9&2=25_29611306 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7331532216788320334&website=26345-b8b14fbe-4a3cf64e&placement=26345&eyeg=3&eyer=0.06278136771307508&eyei=0&eyew=1920&eyeh=1001&eyetd=210&eyef=ref.beheracrossa.com HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001990a929de35ec02a45ad91cf7aeb5d40313-202403-flb*5738009-ccc5a*m7331532216788320334*sl_5738009-ccc5a*a9d81ccc6716e4a2e2d40d382d1cc572bed142dd*26345-b8b14fbe-4a3cf64e*26345 HTTP 302
  • https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid=
Request Chain 2
  • https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mety.panparan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Request Chain 10
  • https://mengine.fusetracking.com/tl?a=25&o=266946&aff_click_id=30affC1710367880aff7d2598a827121a571a620&sub_affid=29611306 HTTP 302
  • https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306
Request Chain 12
  • https://tulac.gindence.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://tulac.gindence.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Request Chain 14
  • https://alpine-vpn.com/click?key=231e99abe3a9c829b439&clickid=M7345974117335564346&click_cost=0&zoneid=13260-1f9a1b71-9c59e430&partner_id=13260 HTTP 307
  • https://s.click.aliexpress.com/e/_oomXYCE HTTP 302
  • https://www.aliexpress.com/item/1005003201891191.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&aff_fsk=_oomXYCE&aff_platform=portals-billboard-sea&sk=_oomXYCE&aff_trace_key=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&terminal_id=d13c0c8316724e128320fd77dbb91395&afSmartRedirect=y HTTP 302
  • https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&aff_fsk=_oomXYCE&aff_platform=portals-billboard-sea&sk=_oomXYCE&aff_trace_key=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&terminal_id=d13c0c8316724e128320fd77dbb91395&afSmartRedirect=y&gatewayAdapt=glo2usa4itemAdapt&_randl_shipto=US HTTP 302
  • https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fwww.aliexpress.us%2Fitem%2F3256803015576439.html%3Fpdp_npi%3D4%2540dis%2521USD%252136.29%252126.49%2521%2521%252136.29%252126.49%2521%2540211667e617091355634683164d6c61%252112000024635514538%2521affd%2521%2521%2521%26aff_fcid%3D0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE%26aff_fsk%3D_oomXYCE%26aff_platform%3Dportals-billboard-sea%26sk%3D_oomXYCE%26aff_trace_key%3D0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE%26terminal_id%3Dd13c0c8316724e128320fd77dbb91395%26afSmartRedirect%3Dy%26gatewayAdapt%3Dglo2usa4itemAdapt%26_randl_shipto%3DUS HTTP 302
  • https://login.aliexpress.us/sync_cookie_write.htm?acs_random_token=d13c0c8316724e128320fd77dbb91395&xman_goto=https%3A%2F%2Fwww.aliexpress.us%2Fitem%2F3256803015576439.html%3Fpdp_npi%3D4%2540dis%2521USD%252136.29%252126.49%2521%2521%252136.29%252126.49%2521%2540211667e617091355634683164d6c61%252112000024635514538%2521affd%2521%2521%2521%26aff_fcid%3D0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE%26aff_fsk%3D_oomXYCE%26aff_platform%3Dportals-billboard-sea%26sk%3D_oomXYCE%26aff_trace_key%3D0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE%26terminal_id%3Dd13c0c8316724e128320fd77dbb91395%26afSmartRedirect%3Dy%26gatewayAdapt%3Dglo2usa4itemAdapt%26_randl_shipto%3DUS&_ga=GA1.1.1662696888009054.1710367884910 HTTP 302
  • https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&aff_fsk=_oomXYCE&aff_platform=portals-billboard-sea&sk=_oomXYCE&aff_trace_key=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&terminal_id=d13c0c8316724e128320fd77dbb91395&afSmartRedirect=y&gatewayAdapt=glo2usa4itemAdapt&_randl_shipto=US

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a91581ead4
mety.panparan.com/rc/
Redirect Chain
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7331532216788320334&website=26345-b8b14fbe-4a3cf64e&placement=26345&eyeg=3&eyer=0.06278136771307508&eyei=0&eyew=1920&eyeh=1...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001990a929de35ec02a45ad91cf7aeb5d40313-202403-flb*5738009-ccc5a*m7331532216788320334*sl...
  • https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.134.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243e5f1bc425523ac6c50de93bde760fdc8af5a6e7f540ef51485972a0ab3dfc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
863f5be8ef0b0262-ORD
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 22:11:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owSvjmzeschJffnxPJorJTJ7p8aFzeNmgcEIq9NeW%2BCnB9naZtWbjpUye97wjG1kOOwc5p9HTHC0FqTkN5oKSAJnOSoA08GpiNOYO0SLdTV0VHtkYSNvIXUQWZcDI0ZRCvCYHg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
863f5be70f450125-ORD
content-length
173
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 22:11:18 GMT
location
https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFvh4%2BwELAg2BeUNYbOkc%2BtXpPls3qXU6Wq5z0eTVSPXhM7KYuS8JTC3r6BABQOSCSuynR%2Fuf71U2LwdoJj8ANxLFrtd0l0VgGVRuCwBKnxWVQwDyxxUY6K2SSL1Z19RgPMDn0ooxVwsvKk%2Bugo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:11:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SFDAT17VQW1F8N8E
age
5641
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NEsBbdbfjOpCzboGbgq4GrN5niMrrjATCBnb4Y3yxDbh39pAxlhG9wqcelMnhSZddySu1UK8TTXCBYvVb7OLHw==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNby9phDkXYGx%2FBvNjGredWcz8ztAbnqpoDVimASaafwWN62DVHBtfu9rzuodnd9RnxQJbfIvtRRy907Zu0536O%2BYt4bIkC0a%2BLFPg8thcwVarE1xvudYbzzvqSuuFiP7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
863f5beb3d11124e-ORD
main.js
mety.panparan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 4534
Redirect Chain
  • https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mety.panparan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Protocol
H2
Server
172.67.134.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:11:19 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z6z8BpumjvYd2QlJ7z7PPhhQ4qM2cXiY%2F%2B6m5ezQ30u%2FRahnDYJ7CCU7d6aRBJ19CVyZzOPCeoffM%2FnOHSYJvMRKkGmZb8Z0le98woyEPEUDRkEj5%2BCUlxghG%2FaPZ1bW9tMVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
863f5bebdb730262-ORD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 13 Mar 2024 22:11:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLv%2BpYMzyTcW02SmlxyK1QM4nuOTuKQ65iXuh2NkWVFF15cF8IgbK0Zn6vqB2U3PtTYBb4xoJO8s4T%2BLVcSnDDb0iDs6JIWvAYiSpOrmJi31M6zHDbdP36La7cPOC0yL7LgaeA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
cache-control
max-age=300, public
cf-ray
863f5bebab220262-ORD
alt-svc
h3=":443"; ma=86400
content-length
0
/
05790.click/692fdd6300e7c8ac6d37/d93493d774/ 		1 KB
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub60ab3c18f1154a6895cafdb7c6640ce5&placementName=f31e77b4
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=201FtCEpRY1j6ifqv1gX1VvJ9MiyL15JKCHWF7vAsceeCKCA8jFfzaLm3X5JmVgboVnzjY&pubid=1B7fmUHKE&pubid=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.43.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 22:11:20 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex,nofollow
863f5be8ef0b0262
mety.panparan.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4534 		0
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/cdn-cgi/challenge-platform/h/g/jsd/r/863f5be8ef0b0262
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Mar 2024 22:11:19 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yayk5W%2Br0kpucPkuCjo61fsGZiomM06ZwF7OAeVROcawbThR8ew3nIi77e7V6XGKA3ZhZp%2FXYQNeuHSlCcytTSM3p48lOvBXUHgqQBm88TAM%2BtMv4AFMs00ilMkbyEm3Q5Mz%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
863f5bed48688f44-ORD
alt-svc
h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 05790.click
URL: https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub60ab3c18f1154a6895cafdb7c6640ce5&placementName=f31e77b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://05790.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 22:06:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
277
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 14 Mar 2024 00:06:43 GMT
go.php
pfpfp.click/ 		575 B
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pfpfp.click/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D266946%26aff_click_id%3D30affC1710367880aff7d2598a827121a571a620%26sub_affid%3D29611306&do=71d09fb2141724bb19ec3f3af9bf9db8
Requested by
Host: 05790.click
URL: https://05790.click/692fdd6300e7c8ac6d37/d93493d774/?cv=pub60ab3c18f1154a6895cafdb7c6640ce5&placementName=f31e77b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://05790.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Mar 2024 22:11:21 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
collect
www.google-analytics.com/j/ 		16 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=650301371&t=pageview&_s=1&dl=https%3A%2F%2F05790.click%2F692fdd6300e7c8ac6d37%2Fd93493d774%2F%3Fcv%3Dpub60ab3c18f1154a6895cafdb7c6640ce5%26placementName%3Df31e77b4&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=540680980&gjid=1878105041&cid=1996643484.1710367881&tid=UA-68398243-1&_gid=202293176.1710367881&_r=1&_slc=1&z=1021469150
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.14 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://05790.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 22:11:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://05790.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68398243-1&cid=1996643484.1710367881&jid=540680980&gjid=1878105041&_gid=202293176.1710367881&_u=IEBAAEAAAAAAACAAI~&z=717775306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://05790.click/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 13 Mar 2024 22:11:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://05790.click
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		0
0
a52512fbcf
tulac.gindence.com/rc/
Redirect Chain
  • https://mengine.fusetracking.com/tl?a=25&o=266946&aff_click_id=30affC1710367880aff7d2598a827121a571a620&sub_affid=29611306
  • https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306
Requested by
Host: pfpfp.click
URL: https://pfpfp.click/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D266946%26aff_click_id%3D30affC1710367880aff7d2598a827121a571a620%26sub_affid%3D29611306&do=71d09fb2141724bb19ec3f3af9bf9db8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.40.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3183eebc17c4c98afcdd6a55615765126335a58354805041da4a1698f650ad4

Request headers

Referer
https://pfpfp.click/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D266946%26aff_click_id%3D30affC1710367880aff7d2598a827121a571a620%26sub_affid%3D29611306&do=71d09fb2141724bb19ec3f3af9bf9db8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
863f5bfe3f4a2aa2-ORD
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 22:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeByBpl3PeDMddGOMJFR7ehDyEb4z5VfLUWtdq8J6hP1DYxs5TEXxQmgk5RiIbVmKet8%2FlqTKKupPY63glYfJJzCjCsrsIqOf7BUe1vIwttSmr5T6K5iA6LLKncoBoarCVW24%2Fs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
278
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 22:11:21 GMT
expires
Sun, 06 Nov 1994 08:49:37 GMT
location
https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306
p3p
CP="NOI CUR OUR NOR INT"
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow
redirect.css
cdn.addlnk.com/ 		1 KB
700 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: tulac.gindence.com
URL: https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:11:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SFDAT17VQW1F8N8E
age
5645
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NEsBbdbfjOpCzboGbgq4GrN5niMrrjATCBnb4Y3yxDbh39pAxlhG9wqcelMnhSZddySu1UK8TTXCBYvVb7OLHw==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTFG%2BoeU34IEt14EIDIbfgGv05Cwz12Rs%2BIsiTjFQnuvkOPXV4x%2FohofCPAjzBp33PhuUVMI%2F9JARVgEDiRbl8jXtHiXHBPKWrXo8knRKTbDl30vGszYZMVXE9GKcDqyBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
863f5c001a5a124e-ORD
main.js
tulac.gindence.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 073A
Redirect Chain
  • https://tulac.gindence.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://tulac.gindence.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tulac.gindence.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Protocol
H3
Server
104.21.40.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdd4e9679dd4707db748b80d350c0efb371e03a3c63a43e15ffb19fc37842bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:11:22 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy2RzHB%2FYNzZ%2Fo%2BgMPMC7xim5gWS85nKFpSBObGbFSpXb1dRV3u5J7iWf6w%2B6iNokDiTD2iydpDj%2FRshh4uI%2B%2B%2BaVKzxGk2ml0NBlXMPxkaKc84FI8IKGo0SQ2M2ty078f%2BD%2F18%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
863f5c00a82b2af6-ORD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 13 Mar 2024 22:11:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmL%2Fh%2FhtmKbjvli7x9MGx8%2BlZEQRzukOQBPh1GYLOFUSLp93NB6mLeR4x2iSmUefh1a%2FIY0DivFyCswiEuxRRBEt%2FaZjbaSipWcb%2FXrAXV6ccfUIUosqu5Qq%2FEZD%2B8YYVl0By3Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
cache-control
max-age=300, public
cf-ray
863f5c0079db2aa2-ORD
alt-svc
h3=":443"; ma=86400
content-length
0
863f5bfe3f4a2aa2
tulac.gindence.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 073A 		0
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tulac.gindence.com/cdn-cgi/challenge-platform/h/g/jsd/r/863f5bfe3f4a2aa2
Requested by
Host: tulac.gindence.com
URL: https://tulac.gindence.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.40.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Mar 2024 22:11:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B8Roee4Xz4YlWz1Gj8UGqrnAdusSnNJli8dy2VbLGt3sbVX0DPHshuzJKNDLv8%2BLW2q%2FygSkd26%2FweiJEqequxdL4iyKizeuU7GdCnlz%2B6uI49NEnyThFKNu2db77bMVXiMFII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
863f5c0239bd2af6-ORD
alt-svc
h3=":443"; ma=86400
Primary Request /
uzi.tguzi.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&1=00941c74&cid=pubcc43c7df8e094256a19e5338d76b49f9&2=25_29611306
Requested by
Host: tulac.gindence.com
URL: https://tulac.gindence.com/rc/a52512fbcf?affclick=028915E8C09361710367881394989&pubid=25_29611306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.212.173.76 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 13 Mar 2024 22:11:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
3256803015576439.html
www.aliexpress.us/item/
Redirect Chain
  • https://alpine-vpn.com/click?key=231e99abe3a9c829b439&clickid=M7345974117335564346&click_cost=0&zoneid=13260-1f9a1b71-9c59e430&partner_id=13260
  • https://s.click.aliexpress.com/e/_oomXYCE
  • https://www.aliexpress.com/item/1005003201891191.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e...
  • https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e5...
  • https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fwww.aliexpress.us%2Fitem%2F3256803015576439.html%3Fpdp_npi%3D4%2540dis%2521USD%252136.29%252126.49%2521%2521%252136.29%2521...
  • https://login.aliexpress.us/sync_cookie_write.htm?acs_random_token=d13c0c8316724e128320fd77dbb91395&xman_goto=https%3A%2F%2Fwww.aliexpress.us%2Fitem%2F3256803015576439.html%3Fpdp_npi%3D4%2540dis%25...
  • https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e5...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&aff_fsk=_oomXYCE&aff_platform=portals-billboard-sea&sk=_oomXYCE&aff_trace_key=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&terminal_id=d13c0c8316724e128320fd77dbb91395&afSmartRedirect=y&gatewayAdapt=glo2usa4itemAdapt&_randl_shipto=US
Requested by
Host: uzi.tguzi.com
URL: https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&cid=pubcc43c7df8e094256a19e5338d76b49f9&1=00941c74&2=25_29611306&3=&4=&5=&puid=7345974117335564346&fl=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.240.126 -, , ASN (),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uzi.tguzi.com/?utm_medium=226c76fec428b59fbe6cfec4185643de26d2506c&utm_campaign=mainstream_redirect&cid=pubcc43c7df8e094256a19e5338d76b49f9&1=00941c74&2=25_29611306&3=&4=&5=&puid=7345974117335564346&fl=1#0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
https://hz.aliexpress.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-language
en-US
content-type
text/html;charset=UTF-8
date
Wed, 13 Mar 2024 22:11:25 GMT
eagleeye-traceid
2101fb1117103678852096126e7677
expires
0
link
<https://assets.alicdn.com>;rel="preconnect"
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine/Aserver
server-timing
cdn-cache; desc=MISS edge; dur=169 origin; dur=302 ak_p; desc="1710367885193_389060528_2710511_47129_2331_29_0_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-application-context
ae-glodetail-web:prod,us:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

content-language
en-US
content-length
0
content-type
text/html;charset=UTF-8
date
Wed, 13 Mar 2024 22:11:25 GMT
eagleeye-traceid
211b619a17103678851007930e9b79
location
https://www.aliexpress.us/item/3256803015576439.html?pdp_npi=4%40dis%21USD%2136.29%2126.49%21%21%2136.29%2126.49%21%40211667e617091355634683164d6c61%2112000024635514538%21affd%21%21%21&aff_fcid=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&aff_fsk=_oomXYCE&aff_platform=portals-billboard-sea&sk=_oomXYCE&aff_trace_key=0e59a78ace254a218e0ac0bb167a83d3-1710367883639-07135-_oomXYCE&terminal_id=d13c0c8316724e128320fd77dbb91395&afSmartRedirect=y&gatewayAdapt=glo2usa4itemAdapt&_randl_shipto=US
p3p
CP="CAO PSA OUR"
server
Tengine/Aserver
server-timing
ak_p; desc="1710367885047_389060508_68911861_10057_1717_20_0_255";dur=1
strict-transport-security
max-age=31536000
timing-allow-origin
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-H0S4FW156W&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
05790.click/692fdd6300e7c8ac6d37/d93493d774 Name: shown1
Value: 0
05790.click/692fdd6300e7c8ac6d37/d93493d774 Name: total_impressions
Value: 1
.panparan.com/ Name: cf_clearance
Value: z432rV0sx0sUX7R52F9TpuVaUyrShCks31Au3g_QP1s-1710367879-1.0.1.1-U_WiAThTpTsHWt_Pz3MAZwOO._mhBScHKBBeZeAuZ8XFLdk_jBbB4zwsHw_ArUmIUV.9lFjhzJlheBEXXbXzyw
05790.click/ Name: used_ad3045479
Value: 1
.05790.click/ Name: _ga
Value: GA1.2.1996643484.1710367881
.05790.click/ Name: _gid
Value: GA1.2.202293176.1710367881
.05790.click/ Name: _gat
Value: 1
.gindence.com/ Name: cf_clearance
Value: XfOnRXB8bHOlYyuTCnx6wO7HZgPFdXQVAXktepecC9s-1710367882-1.0.1.1-35GZXolQDGotwowq_HJgAK5u3d.NgWjqYDxwURo1Q6D98FT38rvRd0slqDbnHHmlULx9VcOrOu3qI0p0zuTz4A