ads.traffichunt.com Open in urlscan Pro
2600:1f18:454c:f520:5f11:72a8:8b05:7d3f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://web.willulovemextonight.com/c/oYePKSLcIsMfW?s=BgUABQ4aHQcSBBsaXiYCGgcBG0sFBxpYUV9KVFtTWEJWW1FVRVFdW1hTBx4DCRMCGBMKCxUPEQAIAx...
Effective URL:
https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com
Submission: On July 10 via api (July 10th 2021, 11:30:41 am UTC) from BE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 16 domains to perform 13 HTTP transactions. The main IP is 2600:1f18:454c:f520:5f11:72a8:8b05:7d3f, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is ads.traffichunt.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 29th 2020. Valid for: a year.

This is the only time ads.traffichunt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.3.233.6 192.3.233.6	36352 (AS-COLOCR...) (AS-COLOCROSSING)
1 1	18.195.128.171 18.195.128.171	16509 (AMAZON-02) (AMAZON-02)
2 2	34.86.82.32 34.86.82.32	15169 (GOOGLE) (GOOGLE)
1 1	63.34.19.61 63.34.19.61	16509 (AMAZON-02) (AMAZON-02)
2 2	2606:4700:303... 2606:4700:3035::6815:252d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f18:454... 2600:1f18:454c:f520:5f11:72a8:8b05:7d3f	14618 (AMAZON-AES) (AMAZON-AES)
2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	45.11.57.36 45.11.57.36	43180 (CLOUDNETW...) (CLOUDNETWORKS-AS)
1	54.177.19.227 54.177.19.227	16509 (AMAZON-02) (AMAZON-02)
3	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	136.243.130.121 136.243.130.121	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.79.105 46.4.79.105	24940 (HETZNER-AS) (HETZNER-AS)
2	64.210.149.57 64.210.149.57	29789 (REFLECTED) (REFLECTED)
1	46.4.104.25 46.4.104.25	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a05:d018:244... 2a05:d018:244:5200::ab	16509 (AMAZON-02) (AMAZON-02)
1	34.117.199.78 34.117.199.78	15169 (GOOGLE) (GOOGLE)
13	9

1 192.3.233.6 (Newark, United States) 1 redirects

ASN36352 (AS-COLOCROSSING, US)
PTR: 192-3-233-6-host.colocrossing.com

web.willulovemextonight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.128.171 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-128-171.eu-central-1.compute.amazonaws.com

enents-buisten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.86.82.32 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 32.82.86.34.bc.googleusercontent.com

trxthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.19.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-19-61.eu-west-1.compute.amazonaws.com

www.heywhatsup.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:252d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

towertraffic.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:454c:f520:5f11:72a8:8b05:7d3f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ads.traffichunt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.11.57.36 (Amherst, United States) 1 redirects

ASN43180 (CLOUDNETWORKS-AS, UA)

main.exoclick.com.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.177.19.227 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-19-227.us-west-1.compute.amazonaws.com

com.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.211.229.245 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.130.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.130.243.136.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.79.105 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.105.79.4.46.clients.your-server.de

tsyndicate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.210.149.57 (United States)

ASN29789 (REFLECTED, US)

ctrack.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.104.25 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.104.4.46.clients.your-server.de

runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:244:5200::ab (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

www.adultoffers4you.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.199.78 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 78.199.117.34.bc.googleusercontent.com

www.dql2clk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	trafficjunky.net ctrack.trafficjunky.net	2 KB
2	realsrv.com main.realsrv.com	836 B
2	com.com 1 redirects main.exoclick.com.com com.com	470 B
2	exdynsrv.com main.exdynsrv.com	838 B
2	towertraffic.top 2 redirects towertraffic.top	2 KB
2	trxthis.com 2 redirects trxthis.com	1 KB
1	dql2clk.com www.dql2clk.com
1	adultoffers4you.com 1 redirects www.adultoffers4you.com	554 B
1	runative-syndicate.com runative-syndicate.com	453 B
1	tsyndicate.net tsyndicate.net	500 B
1	tsyndicate.com tsyndicate.com	461 B
1	exoclick.com main.exoclick.com	419 B
1	traffichunt.com ads.traffichunt.com	1 KB
1	heywhatsup.xyz 1 redirects www.heywhatsup.xyz	2 KB
1	enents-buisten.com 1 redirects enents-buisten.com	889 B
1	willulovemextonight.com 1 redirects web.willulovemextonight.com	238 B
13	16

	Domain	Requested by
2	ctrack.trafficjunky.net	ads.traffichunt.com
2	main.realsrv.com	ads.traffichunt.com
2	main.exdynsrv.com	ads.traffichunt.com
2	towertraffic.top	2 redirects
2	trxthis.com	2 redirects
1	www.dql2clk.com	ads.traffichunt.com
1	www.adultoffers4you.com	1 redirects
1	runative-syndicate.com	ads.traffichunt.com
1	tsyndicate.net	ads.traffichunt.com
1	tsyndicate.com	ads.traffichunt.com
1	main.exoclick.com	ads.traffichunt.com
1	com.com	ads.traffichunt.com
1	main.exoclick.com.com	1 redirects
1	ads.traffichunt.com
1	www.heywhatsup.xyz	1 redirects
1	enents-buisten.com	1 redirects
1	web.willulovemextonight.com	1 redirects
13	17

This site contains no links.

Subject Issuer	Validity	Valid
*.traffichunt.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-29` - `2021-07-29`	a year	crt.sh
exdynsrv.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.com.com Amazon	`2020-10-02` - `2021-11-01`	a year	crt.sh
realsrv.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
exoclick.com R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
tsyndicate.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
tsyndicate.net R3	`2021-04-30` - `2021-07-29`	3 months	crt.sh
*.trafficjunky.net DigiCert SHA2 High Assurance Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
runative-syndicate.com R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
dql2clk.com Go Daddy Secure Certificate Authority - G2	`2021-02-01` - `2021-12-01`	10 months	crt.sh

This page contains 1 frames:

Frame: https://www.dql2clk.com/5T1GM4/75NF3M3/?uid=624&source_id=sliv_mail_BK&sub1=sliv_mail_BK&sub5=qrqri60e984d20004df3e
Frame ID: 56449F32948F465296550A631F32CFDA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://web.willulovemextonight.com/c/oYePKSLcIsMfW?s=BgUABQ4aHQcSBBsaXiYCGgcBG0sFBxpYUV9KVFtTWEJWW1FVRVFdW1hTBx... HTTP 302
https://enents-buisten.com/15b4bd9e-2cd0-47b3-8109-06e70f3f5f52?S1=OD&S2=Multi&EM=breakmyheart8@gmail.com HTTP 302
https://trxthis.com/smart.track?VID=4&AFID=15&PUBID=1372&SOURCE=&S1=OD&S2=Multi&EM=breakmyheart8... HTTP 302
https://trxthis.com/sanitize.go?u=https%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D2350%26a... HTTP 301
https://www.heywhatsup.xyz/aff_c?offer_id=2350&aff_id=1372&source=&aff_sub=OD&aff_sub2=Multi&aff_sub3=b... HTTP 302
https://towertraffic.top/www/delivery/afrm.php?zoneid=44&cb=20285&email=breakmyheart8@gmail.com HTTP 302
https://towertraffic.top/www/delivery/cl.php?bannerid=300&zoneid=44&sig=e1d9a0fe25d5aee6c8944efaea572... HTTP 302
https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

19 %
IPv6

16
Domains

17
Subdomains

9
IPs

4
Countries

6 kB
Transfer

2 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://web.willulovemextonight.com/c/oYePKSLcIsMfW?s=BgUABQ4aHQcSBBsaXiYCGgcBG0sFBxpYUV9KVFtTWEJWW1FVRVFdW1hTBx4DCRMCGBMKCxUPEQAIAxcfEUgJHxpIIiVdNDxLLjUsWl1WR0JHVFpNR1hUXkNKBAoEFgcFDEZFOgsLGwAVFgsSEQMKGAwDFlRFVlRTR1hZTFZRQlFbSUZTXkRT HTTP 302
https://enents-buisten.com/15b4bd9e-2cd0-47b3-8109-06e70f3f5f52?S1=OD&S2=Multi&EM=breakmyheart8@gmail.com HTTP 302
https://trxthis.com/smart.track?VID=4&AFID=15&PUBID=1372&SOURCE=&S1=OD&S2=Multi&EM=breakmyheart8%40gmail.com&SID=1372_OD HTTP 302
https://trxthis.com/sanitize.go?u=https%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D2350%26aff_id%3D1372%26source%3D%26aff_sub%3DOD%26aff_sub2%3DMulti%26aff_sub3%3Dbreakmyheart8%2540gmail.com%26aff_click_id%3D15263705_WEwXaOPTYxmwFo2ojdC6XUayGydCluJ6&v=e82a5d081a7d70e91588ae5dd973ca0151bbd6310088f6928b9df1e80291654a HTTP 301
https://www.heywhatsup.xyz/aff_c?offer_id=2350&aff_id=1372&source=&aff_sub=OD&aff_sub2=Multi&aff_sub3=breakmyheart8@gmail.com&aff_click_id=15263705_WEwXaOPTYxmwFo2ojdC6XUayGydCluJ6 HTTP 302
https://towertraffic.top/www/delivery/afrm.php?zoneid=44&cb=20285&email=breakmyheart8@gmail.com HTTP 302
https://towertraffic.top/www/delivery/cl.php?bannerid=300&zoneid=44&sig=e1d9a0fe25d5aee6c8944efaea5728f83970fcff6eb7b833fab221ef16570608&oadest=https%3A%2F%2Fads.traffichunt.com%2Fadx-dir-d%2Flink%3Faid%3D7304654%26nid%3D3%26imp%3D1%26w%3D1%26h%3D1&zoneid=44&cb=20285&email=breakmyheart8@gmail.com HTTP 302
https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://main.exoclick.com.com/tag.php?goal=c186203e6284fb34510ccce56087a9f1 HTTP 302
https://com.com/results?q=main.exoclick

Request Chain 11

https://www.adultoffers4you.com/c/82c8217fe05682c8?s1=sliv_mail_BK HTTP 302
https://www.dql2clk.com/5T1GM4/75NF3M3/?uid=624&source_id=sliv_mail_BK&sub1=sliv_mail_BK&sub5=qrqri60e984d20004df3e

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request link Show response ads.traffichunt.com/adx-dir-d/ Redirect Chain http://web.willulovemextonight.com/c/oYePKSLcIsMfW?s=BgUABQ4aHQcSBBsaXiYCGgcBG0sFBxpYUV9KVFtTWEJWW1FVRVFdW1hTBx4DCRMCGBMKCxUPEQAIAxcfEUgJHxpIIiVdNDxLLjUsWl1WR0JHVFpNR1hUXkNKBAoEFgcFDEZFOgsLGwAVFgsS... https://enents-buisten.com/15b4bd9e-2cd0-47b3-8109-06e70f3f5f52?S1=OD&S2=Multi&EM=breakmyheart8@gmail.com https://trxthis.com/smart.track?VID=4&AFID=15&PUBID=1372&SOURCE=&S1=OD&S2=Multi&EM=breakmyheart8%40gmail.com&SID=1372_OD https://trxthis.com/sanitize.go?u=https%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D2350%26aff_id%3D1372%26source%3D%26aff_sub%3DOD%26aff_sub2%3DMulti%26aff_sub3%3Dbreakmyheart8%2540gmail.com%2... https://www.heywhatsup.xyz/aff_c?offer_id=2350&aff_id=1372&source=&aff_sub=OD&aff_sub2=Multi&aff_sub3=breakmyheart8@gmail.com&aff_click_id=15263705_WEwXaOPTYxmwFo2ojdC6XUayGydCluJ6 https://towertraffic.top/www/delivery/afrm.php?zoneid=44&cb=20285&email=breakmyheart8@gmail.com https://towertraffic.top/www/delivery/cl.php?bannerid=300&zoneid=44&sig=e1d9a0fe25d5aee6c8944efaea5728f83970fcff6eb7b833fab221ef16570608&oadest=https%3A%2F%2Fads.traffichunt.com%2Fadx-dir-d%2Flink%... https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com	2 KB 1 KB	302ms 107ms	Document text/html	2600:1f18:454c:f520:5f11:72a8:8b05:7d3f AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:454c:f520:5f11:72a8:8b05:7d3f Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash `66f7736d118da9024668f7ebfff0460c39b5315e569cc13350d3a7bcc4968473` Request headers :method GET :authority ads.traffichunt.com :scheme https :path /adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 10 Jul 2021 11:30:24 GMT content-type text/html;charset=ISO-8859-1 server nginx vary Accept-Encoding expires Sat, 1 May 2020 12:00:00 GMT cache-control no-cache, must-revalidate set-cookie new_adx_profile_guid=f4ba92c3-5c6b-44e7-ad87-a610ccc3b36d;Max-Age=7776000;path=/;SameSite=None; Secure new_3.adx_rt_0=308.879;Max-Age=31536000;path=/;SameSite=None; Secure new_3.adx_daily_rt_0=308.879;Max-Age=44975;path=/;SameSite=None; Secure 3.adx_daily_rt_0=308.879; path=/; Max-Age=44975; Expires=Sat, 10-Jul-2021 23:59:59 GMT 3.adx_rt_0=308.879; path=/; Max-Age=31536000; Expires=Sun, 10-Jul-2022 11:30:24 GMT adx_profile_guid=f4ba92c3-5c6b-44e7-ad87-a610ccc3b36d; path=/; Max-Age=7776000; Expires=Fri, 08-Oct-2021 11:30:24 GMT p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' pragma no-cache content-encoding gzip Redirect headers date Sat, 10 Jul 2021 11:30:23 GMT content-type text/html; charset=UTF-8 pragma no-cache cache-control no-cache, no-store, must-revalidate expires 0 access-control-allow-origin * p3p CP="CUR ADM OUR NOR STA NID" set-cookie OAID=e131f107d1c0c4093d46124be10edcb6; expires=Sun, 10-Jul-2022 11:30:23 GMT; Max-Age=31536000; path=/; secure; SameSite=none location https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com strict-transport-security max-age=31536000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rtKP7Ng16qINRmxST4r%2F39hlwER%2BOLZetHxYpJmCCI2Htc7oEBD6pXVGZrUT8hsh5peXgoQdyQ9d29eZfV1TcUi%2FhyvG3dcewrN%2BfKpBaHrymf46ILpdTbjnmxcF4nnPtibkeyl5rWu9Gg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 66c975b00a9cc2db-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H/1.1	200 OK	tag.php main.exdynsrv.com/	0 419 B	166ms 57ms	Image text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://main.exdynsrv.com/tag.php?goal=c186203e6284fb34510ccce56087a9f1 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 10 Jul 2021 11:30:24 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	results com.com/ Redirect Chain https://main.exoclick.com.com/tag.php?goal=c186203e6284fb34510ccce56087a9f1 https://com.com/results?q=main.exoclick	0 0	565ms 194ms	Image text/html	54.177.19.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://com.com/results?q=main.exoclick Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.19.227 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-19-227.us-west-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers pragma no-cache date Sat, 10 Jul 2021 11:30:13 GMT server nginx/1.4.6 (Ubuntu) x-powered-by PHP/5.5.9-1ubuntu4.29 transfer-encoding chunked content-type text/html location https://com.com/results?q=main.exoclick cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	tag.php main.realsrv.com/	0 418 B	166ms 57ms	Image text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://main.realsrv.com/tag.php?goal=c186203e6284fb34510ccce56087a9f1 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 10 Jul 2021 11:30:24 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	tag.php main.exdynsrv.com/	0 419 B	163ms 57ms	Image text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://main.exdynsrv.com/tag.php?goal=868d9159218a23928937b35dfdf3f1cc Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 10 Jul 2021 11:30:24 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	tag.php main.exoclick.com/	0 419 B	166ms 58ms	Image text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://main.exoclick.com/tag.php?goal=868d9159218a23928937b35dfdf3f1cc Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 10 Jul 2021 11:30:24 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	tag.php main.realsrv.com/	0 418 B	165ms 56ms	Image text/html	95.211.229.245 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://main.realsrv.com/tag.php?goal=868d9159218a23928937b35dfdf3f1cc Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 10 Jul 2021 11:30:24 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	8f67f609-c7a5-4451-8dfd-1c7a87401456 tsyndicate.com/api/v1/retargeting/set/	35 B 461 B	161ms 53ms	Image image/gif	136.243.130.121 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tsyndicate.com/api/v1/retargeting/set/8f67f609-c7a5-4451-8dfd-1c7a87401456?tracking=1 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.130.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.130.243.136.clients.your-server.de Software nginx / Resource Hash `6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 10 Jul 2021 11:30:24 GMT server nginx x-api-version 1 vary * report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type text/plain; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow content-length 35 x-request-id 472e57bdb044950c expires 0
GET H2	200	8f67f609-c7a5-4451-8dfd-1c7a87401456 tsyndicate.net/api/v1/retargeting/set/	35 B 500 B	177ms 54ms	Image image/gif	46.4.79.105 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tsyndicate.net/api/v1/retargeting/set/8f67f609-c7a5-4451-8dfd-1c7a87401456?tracking=1 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.79.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.79.4.46.clients.your-server.de Software nginx / Resource Hash `6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 10 Jul 2021 11:30:24 GMT content-encoding gzip server nginx x-api-version 1 vary * report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type text/plain; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow content-length 57 x-request-id 909f45181311bcbf expires 0
GET H/1.1	200 OK	ctrack ctrack.trafficjunky.net/	35 B 814 B	487ms 133ms	Image image/gif	64.210.149.57 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=lwpsite&cookiename=lwp2&age=545600&maxcookiecount=10 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.210.149.57 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software openresty / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 10 Jul 2021 11:30:24 GMT Server openresty Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST P3p CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Content-Type image/gif Access-Control-Allow-Headers Content-Type Content-Length 35 Expires Sun, 22 Jan 1984 03:00:00 GMT
GET H/1.1	200 OK	ctrack ctrack.trafficjunky.net/	35 B 814 B	758ms 404ms	Image image/gif	64.210.149.57 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=1&context=dtrtsite2&cookiename=lwp2n&age=545600&maxcookiecount=10 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.210.149.57 , United States, ASN29789 (REFLECTED, US), Reverse DNS Software openresty / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Sat, 10 Jul 2021 11:30:24 GMT Server openresty Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST P3p CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Content-Type image/gif Access-Control-Allow-Headers Content-Type Content-Length 35 Expires Sun, 22 Jan 1984 03:00:00 GMT
GET H2	200	86d74dfb-dde8-4997-bc0d-9b5fe3f48af6 runative-syndicate.com/api/v1/retargeting/set/	35 B 453 B	166ms 54ms	Image image/gif	46.4.104.25 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://runative-syndicate.com/api/v1/retargeting/set/86d74dfb-dde8-4997-bc0d-9b5fe3f48af6 Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.4.104.25 Rostock, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.25.104.4.46.clients.your-server.de Software nginx / Resource Hash `6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992` Request headers Referer https://ads.traffichunt.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 10 Jul 2021 11:30:24 GMT server nginx x-api-version 1 vary * report-to { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } content-type text/plain; charset=utf-8 cache-control no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag none, noindex, nofollow content-length 35 x-request-id 293d5b0cff8bdf64 expires 0
GET H2	204	/ www.dql2clk.com/5T1GM4/75NF3M3/ Redirect Chain https://www.adultoffers4you.com/c/82c8217fe05682c8?s1=sliv_mail_BK https://www.dql2clk.com/5T1GM4/75NF3M3/?uid=624&source_id=sliv_mail_BK&sub1=sliv_mail_BK&sub5=qrqri60e984d20004df3e	0 0	213ms 155ms	Document text/plain	34.117.199.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.dql2clk.com/5T1GM4/75NF3M3/?uid=624&source_id=sliv_mail_BK&sub1=sliv_mail_BK&sub5=qrqri60e984d20004df3e Requested by Host: ads.traffichunt.com URL: https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.199.78 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 78.199.117.34.bc.googleusercontent.com Software nginx / Resource Hash Request headers :method GET :authority www.dql2clk.com :scheme https :path /5T1GM4/75NF3M3/?uid=624&source_id=sliv_mail_BK&sub1=sliv_mail_BK&sub5=qrqri60e984d20004df3e pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://ads.traffichunt.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ads.traffichunt.com/adx-dir-d/link?aid=7304654&nid=3&imp=1&w=1&h=1&email=breakmyheart8@gmail.com Response headers server nginx date Sat, 10 Jul 2021 11:30:26 GMT vary Origin x-eflow-request-id b0b70bb8-8498-4724-8bdd-c0fa83fdfb88 via 1.1 google alt-svc clear Redirect headers server nginx date Sat, 10 Jul 2021 11:30:26 GMT content-type text/html; charset=utf-8 content-length 150 location https://www.dql2clk.com/5T1GM4/75NF3M3/?uid=624&source_id=sliv_mail_BK&sub1=sliv_mail_BK&sub5=qrqri60e984d20004df3e set-cookie unique_519702=unique_519702; Path=/; Expires=Wed, 08 Sep 2021 11:30:26 GMT; Secure; SameSite=None unique_id=60e984d2000de388; Path=/; Expires=Wed, 08 Sep 2021 11:30:26 GMT; Secure; SameSite=None unique_id2=60e984d2000dec7d; Path=/; Expires=Mon, 09 Aug 2021 11:30:26 GMT; Secure; SameSite=None impression=; Path=/; Expires=Sat, 10 Jul 2021 11:30:26 GMT; Secure; SameSite=None tid=qrqri60e984d20004df3e; Path=/; Expires=Sun, 14 Jun 2026 11:30:26 GMT; Secure; SameSite=None

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.traffichunt.com
com.com
ctrack.trafficjunky.net
enents-buisten.com
main.exdynsrv.com
main.exoclick.com
main.exoclick.com.com
main.realsrv.com
runative-syndicate.com
towertraffic.top
trxthis.com
tsyndicate.com
tsyndicate.net
web.willulovemextonight.com
www.adultoffers4you.com
www.dql2clk.com
www.heywhatsup.xyz
136.243.130.121
18.195.128.171
192.3.233.6
2600:1f18:454c:f520:5f11:72a8:8b05:7d3f
2606:4700:3035::6815:252d
2a05:d018:244:5200::ab
34.117.199.78
34.86.82.32
45.11.57.36
46.4.104.25
46.4.79.105
54.177.19.227
63.34.19.61
64.210.149.57
95.211.229.245
95.211.229.247
66f7736d118da9024668f7ebfff0460c39b5315e569cc13350d3a7bcc4968473
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ads.traffichunt.com Open in urlscan Pro 2600:1f18:454c:f520:5f11:72a8:8b05:7d3f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

19 %IPv6

16 Domains

17 Subdomains

9 IPs

4 Countries

6 kBTransfer

2 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

Indicators

ads.traffichunt.com Open in urlscan Pro
2600:1f18:454c:f520:5f11:72a8:8b05:7d3f Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

19 %
IPv6

16
Domains

17
Subdomains

9
IPs

4
Countries

6 kB
Transfer

2 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions