urlscan.io logo urlscan.io
SecurityTrails logo

lps.gamersanctum.com Open in urlscan Pro
2606:4700:3033::681f:5d2d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tracktrk.site/tracking202/redirect/rtr.php?t202id=5305&t202kw=
Effective URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Submission: On May 24 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3033::681f:5d2d, located in United States and belongs to CLOUDFLARENET, US. The main domain is lps.gamersanctum.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 23rd 2019. Valid for: a year.
This is the only time lps.gamersanctum.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 92.222.208.40 16276 (OVH)
3 4 18.202.12.61 16509 (AMAZON-02)
1 3 99.198.108.195 32475 (SINGLEHOP...)
1 2 18.195.128.171 16509 (AMAZON-02)
1 15 2606:4700:303... 13335 (CLOUDFLAR...)
1 65.60.9.237 32475 (SINGLEHOP...)
1 2a00:1450:400... 15169 (GOOGLE)
22 7
3    92.222.208.40 (Paris, France)

ASN16276 (OVH, FR)
PTR: server1.buybitcoinstoday.com
tracktrk.site
4    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
quiver.go2cloud.org
3    99.198.108.195 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
redirect.barcelonaliving.net
2    18.195.128.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-171.eu-central-1.compute.amazonaws.com
smaises-lesian.com
15    2606:4700:3033::681f:5d2d (United States)

ASN13335 (CLOUDFLARENET, US)
lps.gamersanctum.com
1    65.60.9.237 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
offers.gamersanctum.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Domain Requested by
15 lps.gamersanctum.com 1 redirects redirect.barcelonaliving.net
lps.gamersanctum.com
4 quiver.go2cloud.org 3 redirects tracktrk.site
3 redirect.barcelonaliving.net 1 redirects redirect.barcelonaliving.net
3 tracktrk.site 1 redirects tracktrk.site
2 smaises-lesian.com 1 redirects lps.gamersanctum.com
1 ajax.googleapis.com lps.gamersanctum.com
1 offers.gamersanctum.com lps.gamersanctum.com
22 7

This site contains links to these domains. Also see Links.

Domain
smaises-lesian.com
Subject Issuer Validity Valid
redirect.barcelonaliving.net
Let's Encrypt Authority X3		 2020-05-21 -
2020-08-19		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-23 -
2020-10-09		 a year crt.sh
offers.gamersanctum.com
Let's Encrypt Authority X3		 2020-03-27 -
2020-06-25		 3 months crt.sh
smaises-lesian.com
Sectigo RSA Domain Validation Secure Server CA		 2019-08-27 -
2020-08-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Frame ID: 7CC2B3F8FC0E9E6F6FCF4545C38D7CC9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tracktrk.site/tracking202/redirect/rtr.php?t202id=5305&t202kw= HTTP 302
    http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099 Page URL
  2. http://tracktrk.site/tracking202/redirect/cl2.php?q=http%3A%2F%2Fquiver.go2cloud.org%2Faff_c%3Fof... Page URL
  3. http://quiver.go2cloud.org/aff_c?offer_id=104&aff_id=1011&url_id=215 HTTP 302
    http://quiver.go2cloud.org/aff_c?offer_id=71&aff_id=1 HTTP 302
    http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F... Page URL
  4. http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&redirect_pass=1&url=https%3A%2F%2Fredirect.barcel... HTTP 302
    https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream... Page URL
  5. https://redirect.barcelonaliving.net/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  6. https://redirect.barcelonaliving.net/proc.php?6c7a23c3ba30d8da5c1e2e9b0516ae89620815a1 HTTP 302
    https://smaises-lesian.com/ce01ff7e-d6f6-4ef2-bf21-3e42bba38b7a?partner_ID=13006&pid=13006-4a224c66&cre... HTTP 302
    https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid?cep=yiBGXhKiDG25QUABzS_ibFb0pxwAqP449sRtUZm... HTTP 302
    https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

86 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

957 kB
Transfer

1026 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tracktrk.site/tracking202/redirect/rtr.php?t202id=5305&t202kw= HTTP 302
    http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099 Page URL
  2. http://tracktrk.site/tracking202/redirect/cl2.php?q=http%3A%2F%2Fquiver.go2cloud.org%2Faff_c%3Foffer_id%3D104%26aff_id%3D1011%26url_id%3D215&r=origin Page URL
  3. http://quiver.go2cloud.org/aff_c?offer_id=104&aff_id=1011&url_id=215 HTTP 302
    http://quiver.go2cloud.org/aff_c?offer_id=71&aff_id=1 HTTP 302
    http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760 Page URL
  4. http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&redirect_pass=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760 HTTP 302
    https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce Page URL
  5. https://redirect.barcelonaliving.net/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
  6. https://redirect.barcelonaliving.net/proc.php?6c7a23c3ba30d8da5c1e2e9b0516ae89620815a1 HTTP 302
    https://smaises-lesian.com/ce01ff7e-d6f6-4ef2-bf21-3e42bba38b7a?partner_ID=13006&pid=13006-4a224c66&creative_id=[[creative_id]]&click_cost=0&subid=6830440327984186552 HTTP 302
    https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid?cep=yiBGXhKiDG25QUABzS_ibFb0pxwAqP449sRtUZmdFdBNWrr1QLWVRRTzMjmDRrGltC3l030urclgaq9JwM2luFUQGn6cnWpPzuaNFUZ-DbQNeRAHikEfoG8tEOMonyPI0TrRilQSGGS3VK6GgCAzZOqYos2f5i_RvmcfyoETDk35kYd8CJhYppthP0C0xNDmig5DjZoXDg5X59xfmIKFshKf3Pd9yXWx1dRjNTrY0N1VKkuZQD2Yik9lue0PiOvh5qzlYiV-MmCaUwoHiDfLAQVU_vhbCjRsiT5efcHTGIsdykVRQPSePBRlqFaQkxPM8AYrfKHp_s2kFBkLcMl2ycYJOLHNgh7sI37Bfu8Ex0YR3y_tzpl-UMetEIHD8L1i-AwUvBcMuFibO2X5xJrSWyjo3QY-OBqu6t1uVC5ydNzejnhgh8IucL7AukAgs3kueEC-yM__958-r4Mbvq_u3Az8OidF3GECgO-IQBVEhzw&lptoken=15af90b833d0762a19f9&partner_ID=13006&pid=13006-4a224c66&creative_id=%5B%5Bcreative_id%5D%5D&click_cost=0&subid=6830440327984186552 HTTP 302
    https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tracktrk.site/tracking202/redirect/rtr.php?t202id=5305&t202kw= HTTP 302
  • http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099
Request Chain 2
  • http://quiver.go2cloud.org/aff_c?offer_id=104&aff_id=1011&url_id=215 HTTP 302
  • http://quiver.go2cloud.org/aff_c?offer_id=71&aff_id=1 HTTP 302
  • http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760
Request Chain 3
  • http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&redirect_pass=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760 HTTP 302
  • https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cl.php
tracktrk.site/tracking202/redirect/
Redirect Chain
  • http://tracktrk.site/tracking202/redirect/rtr.php?t202id=5305&t202kw=
  • http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099
840 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099
Protocol
HTTP/1.1
Server
92.222.208.40 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
server1.buybitcoinstoday.com
Software
Apache /
Resource Hash
794c99f3a3e6556d471791b261a1c4637fa0d837cc5935b3215ef6516b78dd02

Request headers

Host
tracktrk.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
tracking202subid=1455109; tracking202subid_a_27=1455109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 24 May 2020 15:56:58 GMT
Server
Apache
Content-Length
840
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 24 May 2020 15:56:58 GMT
Server
Apache
Set-Cookie
tracking202subid=1455109; expires=Tue, 23-Jun-2020 15:56:58 GMT; Max-Age=2592000; path=/; domain=tracktrk.site tracking202subid_a_27=1455109; expires=Tue, 23-Jun-2020 15:56:58 GMT; Max-Age=2592000; path=/; domain=tracktrk.site
location
http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
cl2.php
tracktrk.site/tracking202/redirect/ 		536 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tracktrk.site/tracking202/redirect/cl2.php?q=http%3A%2F%2Fquiver.go2cloud.org%2Faff_c%3Foffer_id%3D104%26aff_id%3D1011%26url_id%3D215&r=origin
Requested by
Host: tracktrk.site
URL: http://tracktrk.site/tracking202/redirect/cl.php?pci=514551099
Protocol
HTTP/1.1
Server
92.222.208.40 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
server1.buybitcoinstoday.com
Software
Apache /
Resource Hash
a958bbb3da4074f916e7f8bc226f722cf0d0d134a4b575331f5cf69a99fefcc0

Request headers

Host
tracktrk.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://tracktrk.site/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
tracking202subid=1455109; tracking202subid_a_27=1455109
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://tracktrk.site/

Response headers

Date
Sun, 24 May 2020 15:56:58 GMT
Server
Apache
Content-Length
536
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
aff_r
quiver.go2cloud.org/
Redirect Chain
  • http://quiver.go2cloud.org/aff_c?offer_id=104&aff_id=1011&url_id=215
  • http://quiver.go2cloud.org/aff_c?offer_id=71&aff_id=1
  • http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%2...
333 B
712 B 		Document
General
Check archive.org
Download Go to
Full URL
http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760
Requested by
Host: tracktrk.site
URL: http://tracktrk.site/tracking202/redirect/cl2.php?q=http%3A%2F%2Fquiver.go2cloud.org%2Faff_c%3Foffer_id%3D104%26aff_id%3D1011%26url_id%3D215&r=origin
Protocol
HTTP/1.1
Server
18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ecbaedb85bdb3e219bca66e9526cfdc31883353c0ec77aad08d58b824a957ea

Request headers

Host
quiver.go2cloud.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://tracktrk.site/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://tracktrk.site/tracking202/redirect/cl2.php?q=http%3A%2F%2Fquiver.go2cloud.org%2Faff_c%3Foffer_id%3D104%26aff_id%3D1011%26url_id%3D215&r=origin

Response headers

Server
nginx
Date
Sun, 24 May 2020 15:56:58 GMT
Content-Type
text/html
Content-Length
333
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Origin
*
X-Request-Id
68a91d59f15df1cf119f1ecca491fe9a
Access-Control-Allow-Headers
Tune-SDK-Version

Redirect headers

Server
nginx
Date
Sun, 24 May 2020 15:56:58 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
443
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
102f65f7aff3f6dbc189615b4482ce
Location
/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760
Set-Cookie
enc_aff_session_71=ENC0361ef5517b4b908f8a751bd1c81e9df4ef35452aabd1749d43dbb123470bb12b07a9e2509e010ac5284f679f6b50b6db7d679d09fcaecccb4dec5e89a5ab0bc56aceab53546eb33c1a861a3803b0eb63188e7555db5a53e87666169cf0af38fbb08bef5ac27a848216aca053ded877f51b21e64bb132179d735c5112c341530b834502bdd; expires=Wed, 24 Jun 2020 15:56:58 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Wed, 19 Apr 2023 02:36:58 GMT; path=/; SameSite=None; Secure
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
b8d74edade02cf2993b7ac9f724acfc5
Access-Control-Allow-Headers
Tune-SDK-Version
/
redirect.barcelonaliving.net/
Redirect Chain
  • http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&redirect_pass=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMain...
  • https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.195 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
886ea14c4537d3a08b66800913f1e9437b9cb92404bdd0663c29e3c2745e8b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
redirect.barcelonaliving.net
:scheme
https
:path
/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://quiver.go2cloud.org/aff_r?offer_id=71&aff_id=1&url=https%3A%2F%2Fredirect.barcelonaliving.net%2F%3Futm_medium%3D62cfe1e45fe90a53460ce42c993394ac741376d7%26utm_campaign%3DMainstream%261%3D1%26cid%3D102f65f7aff3f6dbc189615b4482ce&urlauth=614897652830085876587724479760

Response headers

status
200
server
nginx
date
Sun, 24 May 2020 15:56:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=fcc38cf14821513b7fc268a905f6b711; expires=Mon, 24-May-2021 15:56:58 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 24 May 2020 15:56:58 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
348
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Location
https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce
Access-Control-Allow-Origin
*
X-Request-Id
b27474caa2221584ef4993b0985b5d9f
Access-Control-Allow-Headers
Tune-SDK-Version
/
redirect.barcelonaliving.net/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.barcelonaliving.net/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Requested by
Host: redirect.barcelonaliving.net
URL: https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.198.108.195 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.4
Resource Hash
bf3d1fe337c7baf6079a1325054b0c4a1c154a1643489331e8b57a29e198a92a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
redirect.barcelonaliving.net
:scheme
https
:path
/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=fcc38cf14821513b7fc268a905f6b711
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://redirect.barcelonaliving.net/?utm_medium=62cfe1e45fe90a53460ce42c993394ac741376d7&utm_campaign=Mainstream&1=1&cid=102f65f7aff3f6dbc189615b4482ce

Response headers

status
200
server
nginx
date
Sun, 24 May 2020 15:56:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
Primary Request /
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Redirect Chain
  • https://redirect.barcelonaliving.net/proc.php?6c7a23c3ba30d8da5c1e2e9b0516ae89620815a1
  • https://smaises-lesian.com/ce01ff7e-d6f6-4ef2-bf21-3e42bba38b7a?partner_ID=13006&pid=13006-4a224c66&creative_id=[[creative_id]]&click_cost=0&subid=6830440327984186552
  • https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid?cep=yiBGXhKiDG25QUABzS_ibFb0pxwAqP449sRtUZmdFdBNWrr1QLWVRRTzMjmDRrGltC3l030urclgaq9JwM2luFUQGn6cnWpPzuaNFUZ-DbQNeRAHikEfoG8tEOMonyPI0Tr...
  • https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Requested by
Host: redirect.barcelonaliving.net
URL: https://redirect.barcelonaliving.net/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0af7f895b6e6158d52224322d5d1f90474485d32f1280f35dfe8a535d157762

Request headers

:method
GET
:authority
lps.gamersanctum.com
:scheme
https
:path
/push/monetizer/games/rpg/de/raid/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://redirect.barcelonaliving.net/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d3f98cc57439c0213bee8521bf65764ef1590335819
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://redirect.barcelonaliving.net/?utm_term=6830440327984186552&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e#

Response headers

status
200
date
Sun, 24 May 2020 15:56:59 GMT
content-type
text/html
x-amz-id-2
nfn9kkSm0TEyqxlfVcInSCJsXbJ914AkpwFoLugL5NpyPRCkkP7mtiSTikNr/9NOd0/l+kgEg/8=
x-amz-request-id
3A4005C1E7234DBB
last-modified
Wed, 25 Mar 2020 15:50:38 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
598835b8eac6145a-FRA
content-encoding
br
cf-request-id
02e8ffe7920000145ad6965200000001

Redirect headers

status
302
date
Sun, 24 May 2020 15:56:59 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d3f98cc57439c0213bee8521bf65764ef1590335819; expires=Tue, 23-Jun-20 15:56:59 GMT; path=/; domain=.gamersanctum.com; HttpOnly; SameSite=Lax
x-amz-error-code
Found
x-amz-error-message
Resource Found
x-amz-request-id
AA38582ADF14DD86
x-amz-id-2
5TOIgpbdsc22H3rJN7DdsS4xisUSVHExpiZHo2eVcMMEoyVncayUN59DYD1xAAbZojoRdu0C/ak=
location
/push/monetizer/games/rpg/de/raid/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
598835b76f12145a-FRA
cf-request-id
02e8ffe69f0000145ad6953200000001
pub.min.js
offers.gamersanctum.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.gamersanctum.com/js/pub.min.js
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.60.9.237 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
af5ce7433badc9c9ba9f6b66aff2e5c281c0613f995013e6b16879beac5e416d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:57:00 GMT
content-encoding
gzip
last-modified
Thu, 07 May 2020 09:37:47 GMT
server
nginx
etag
"5eb3d6eb-5fe"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubdomains;
content-length
1534
expires
Mon, 25 May 2020 15:57:00 GMT
_.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/_.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3930
cf-ray
598835b97c51145a-FRA
status
200
content-length
43
x-amz-id-2
VGKAZVD5b13Ro/Km1f/k42C5zpWZtVI7zt4ixBCEIBwFHEbIUaRQOWwPbopO1KFv+aW08vHcsv0=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"07fff40b5dd495aca2ac4e1c3fbc60aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
F7D1039D95AA66D8
cache-control
max-age=691200
cf-request-id
02e8ffe7e60000145ad696d200000001
accept-ranges
bytes
content-type
image/gif
seg.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/seg.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3970
cf-ray
598835b97c6b145a-FRA
status
200
content-length
43
x-amz-id-2
WoXD0FehFVABR8dhX2CDkzIas2ovO/fStWCMH12PZkmiVgqkqPRPJp2t/LMGduqP2ptEvona1z4=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"592ebefc7104d681d57852665e9ad514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
FFAC5EA3E9B97AD6
cache-control
max-age=691200
cf-request-id
02e8ffe7ec0000145ad696e200000001
accept-ranges
bytes
content-type
image/gif
in.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/in.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3970
cf-ray
598835b97c6e145a-FRA
status
200
content-length
42
x-amz-id-2
dyut6+mKYn1uSM41P6wiffQeLi4HRAGOmRRtxnhOW88tYvyXqxdkUUFSkXyVKTHkT3HEFNQjodc=
last-modified
Tue, 24 Mar 2020 10:53:18 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
BA42E169A5A2595F
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad696f200000001
accept-ranges
bytes
content-type
image/gif
sync.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/sync.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3919
cf-ray
598835b97c71145a-FRA
status
200
content-length
43
x-amz-id-2
k+z91bK4Sy8bBLLqOFTGj1uNncOaBbV6janXDUsZ0BIeQepBlLH77NHlGMMMttT4HNaJxCw+ico=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"df3e567d6f16d040326c7a0ea29a4f41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
C16C1982C9435377
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6970200000001
accept-ranges
bytes
content-type
image/gif
setuid.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/setuid.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3919
cf-ray
598835b97c73145a-FRA
status
200
content-length
43
x-amz-id-2
ruCKbudYOldIVaSPoe+hCoStFyhZ/n9CZMw5CqNsggliRhOYAH476jEUKQZpfRy20OFRxdI4xRI=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"592ebefc7104d681d57852665e9ad514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
724F709594D29630
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6971200000001
accept-ranges
bytes
content-type
image/gif
pixel.png
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		170 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/pixel.png
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3919
cf-ray
598835b97c75145a-FRA
status
200
content-length
170
x-amz-id-2
MNATf9VJxwGkvxb9j/5ktaK3rBlLGryrXg3wVqNgSRB0P0XYYlgBQFYsh4I5DXMn1WJcv3Zn7Rg=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"e7673c60af825466f83d46da72ca1635"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
15B80A915ABAED03
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6972200000001
accept-ranges
bytes
content-type
image/png
sd.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/sd.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3919
cf-ray
598835b97c77145a-FRA
status
200
content-length
43
x-amz-id-2
kSJwHnsFtuIYLMr3+YzNDqDoOXfWQBbUiRM1lfnRQ8U02LmnqPGQPqcqqv9KWHd3fBTushnhzcM=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"b4491705564909da7f9eaf749dbbfbb1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
F2312DE569734938
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6973200000001
accept-ranges
bytes
content-type
image/gif
out.gif
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		42 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/out.gif
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3919
cf-ray
598835b97c79145a-FRA
status
200
content-length
42
x-amz-id-2
jysFNDqvJToFH22VK3dH8aR0y8yPam2MU300Zxs2h2Y5F/gDeqhHvvNfpZFWxQ4IkbasKdtS7/M=
last-modified
Tue, 24 Mar 2020 10:53:18 GMT
server
cloudflare
etag
"d89746888da2d9510b64a9f031eaecd5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
7A49A36D20B06087
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6974200000001
accept-ranges
bytes
content-type
image/gif
hp
smaises-lesian.com/ 		382 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smaises-lesian.com/hp
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.128.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-128-171.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 May 2020 15:56:59 GMT
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Server
nginx
Connection
keep-alive
Content-Length
382
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 05:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
642726
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 05:24:53 GMT
bg.jpg
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/bg.jpg
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f947e045bdff3476f90dc830ab44877ef2543c2ed0a906ff0074361ae87d7fac

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3919
cf-ray
598835b97c7c145a-FRA
status
200
content-length
356410
x-amz-id-2
sVMDCYdIkp1UXJTELL3IicXZUKb/PS/GI8kkXWJIYCiyMSpYpTd15uPBe7dAQ5VkqERpsP/WmCc=
last-modified
Tue, 24 Mar 2020 10:53:18 GMT
server
cloudflare
etag
"2d0f6aa5068ead89d91f9abfe3c447b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
92E4D2C61B4813F3
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6975200000001
accept-ranges
bytes
content-type
image/jpeg
btn_off.png
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/btn_off.png
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66b8ede82e8331f182208beb3c66b25cce1c8b9ef7cd2048640ebe6b6ed864b

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
3874
cf-ray
598835b97c7d145a-FRA
status
200
content-length
26418
x-amz-id-2
gf3bs/cYr9d37nVYrIrVEonIqMisv3+x4f1fnEYajYQubmlG50l+VHleYA1pDOpppgoruYslNxw=
last-modified
Tue, 24 Mar 2020 10:53:18 GMT
server
cloudflare
etag
"acf26e2bddeb13ffcfbb2c4fef89a314"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
6EE4EEC14DFCC325
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6976200000001
accept-ranges
bytes
content-type
image/png
left.png
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		289 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/left.png
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7117960ca1e7c6c509966e1cee64b0dfa58043f05920900b0aeb499919872f0

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
4027
cf-ray
598835b97c7e145a-FRA
status
200
content-length
296096
x-amz-id-2
gVxCytylU0GikA0HGTCo/yMYG5r7ck8ooygkQZGjGKCvvyN753peuUzbv+5dSfJ35v7ZURUMg8c=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"25fd4ae80faf2de2e9efabafa35aeed3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
1131A7D7C688248E
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6977200000001
accept-ranges
bytes
content-type
image/png
right.png
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		245 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/right.png
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d204bc38610340bd0182e8f325f7f15f0e2b016996596dc98da9535a6943a6

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
cf-cache-status
HIT
age
4027
cf-ray
598835b97c7f145a-FRA
status
200
content-length
250918
x-amz-id-2
5FwMdQYEi9WHTMbqtfRk48Xpf5sgFPSxYmzzSL2maHnKrzu+5NBOHdaYqT29ST64JZKL3Otm0s4=
last-modified
Tue, 24 Mar 2020 10:53:19 GMT
server
cloudflare
etag
"b88d90c6a5c32baa77d4293c320e04f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
F8BB5331680B8C7F
cache-control
max-age=691200
cf-request-id
02e8ffe7ed0000145ad6978200000001
accept-ranges
bytes
content-type
image/png
fire_bg.png
lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/ 		572 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/fire_bg.png
Requested by
Host: lps.gamersanctum.com
URL: https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:5d2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb8a24ece359726e27d2faa9f2767ef1c88be245fa0df237303d53a24946b03

Request headers

Referer
https://lps.gamersanctum.com/push/monetizer/games/rpg/de/raid/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 15:56:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
154
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-id-2
JsFJggmMS5X3TE2DxbEqlGN2gZaoR3FtIPTmGGvfS0qXY64CCE+j9fm89a48gbKPV5uSjKI6/gg=
content-type
text/html; charset=utf-8
status
404
cache-control
max-age=691200
cf-ray
598835b97c80145a-FRA
x-amz-request-id
ED6EE91EA8356E59
cf-request-id
02e8ffe7ed0000145ad6979200000001

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| pm_tag string| pm_pid string| AFKClickUrl function| $ function| jQuery object| container object| link

1 Cookies

Domain/Path Name / Value
.gamersanctum.com/ Name: __cfduid
Value: d3f98cc57439c0213bee8521bf65764ef1590335819

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
lps.gamersanctum.com
offers.gamersanctum.com
quiver.go2cloud.org
redirect.barcelonaliving.net
smaises-lesian.com
tracktrk.site
18.195.128.171
18.202.12.61
2606:4700:3033::681f:5d2d
2a00:1450:4001:808::200a
65.60.9.237
92.222.208.40
99.198.108.195
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ecbaedb85bdb3e219bca66e9526cfdc31883353c0ec77aad08d58b824a957ea
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
794c99f3a3e6556d471791b261a1c4637fa0d837cc5935b3215ef6516b78dd02
886ea14c4537d3a08b66800913f1e9437b9cb92404bdd0663c29e3c2745e8b62
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4d204bc38610340bd0182e8f325f7f15f0e2b016996596dc98da9535a6943a6
a958bbb3da4074f916e7f8bc226f722cf0d0d134a4b575331f5cf69a99fefcc0
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af5ce7433badc9c9ba9f6b66aff2e5c281c0613f995013e6b16879beac5e416d
bf3d1fe337c7baf6079a1325054b0c4a1c154a1643489331e8b57a29e198a92a
c7117960ca1e7c6c509966e1cee64b0dfa58043f05920900b0aeb499919872f0
d66b8ede82e8331f182208beb3c66b25cce1c8b9ef7cd2048640ebe6b6ed864b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8a24ece359726e27d2faa9f2767ef1c88be245fa0df237303d53a24946b03
f0af7f895b6e6158d52224322d5d1f90474485d32f1280f35dfe8a535d157762
f947e045bdff3476f90dc830ab44877ef2543c2ed0a906ff0074361ae87d7fac