urlscan.io logo urlscan.io
SecurityTrails logo

vibiu-dau.com Open in urlscan Pro
35.171.236.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://diskord.club/
Effective URL: http://vibiu-dau.com/zclkvisitor/7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid...
Submission Tags: phisherman
Submission: On October 28 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 12 HTTP transactions. The main IP is 35.171.236.221, located in and belongs to . The main domain is vibiu-dau.com.
This is the only time vibiu-dau.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 64.225.91.73 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 64.190.63.136 47846 (SEDO-AS)
1 205.234.175.175 23352 (SERVERCEN...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 1 65.21.84.133 24940 (HETZNER-AS)
1 1 72.52.179.174 32244 (LIQUIDWEB)
4 76.223.26.96 16509 (AMAZON-02)
1 2600:9000:225... ()
1 35.171.236.221 ()
12 8
1    64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
diskord.club
1    2606:4700::6812:1b2d (United States)

ASN13335 (CLOUDFLARENET, US)
domaincntrol.com
4    64.190.63.136 (Germany)

ASN47846 (SEDO-AS, DE)
ww2.diskord.club
1    205.234.175.175 (Carrollton, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
1    173.239.53.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.sedodna.com
1    65.21.84.133 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.84.21.65.clients.your-server.de
myadsserver.com
1    72.52.179.174 (Sedona, United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com
betterwayhealth.co
4    76.223.26.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com
ww12.betterwayhealth.co
1    2600:9000:2250:aa00:1d:4618:5c80:21 (None, )

ASN- ()
d38psrni17bvxu.cloudfront.net
1    35.171.236.221 (None, )

ASN- ()
vibiu-dau.com
Apex Domain
Subdomains		 Transfer
5 betterwayhealth.co
betterwayhealth.co
ww12.betterwayhealth.co
5 KB
5 diskord.club
diskord.club
ww2.diskord.club
4 KB
1 vibiu-dau.com
vibiu-dau.com
2 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
2 KB
1 myadsserver.com
myadsserver.com — Cisco Umbrella Rank: 214659
512 B
1 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 396778
179 B
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 70629
5 KB
1 domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 228745
329 B
12 8
Domain Requested by
4 ww12.betterwayhealth.co ww2.diskord.club
d38psrni17bvxu.cloudfront.net
ww12.betterwayhealth.co
4 ww2.diskord.club 2 redirects diskord.club
ww2.diskord.club
1 vibiu-dau.com ww12.betterwayhealth.co
vibiu-dau.com
1 d38psrni17bvxu.cloudfront.net ww12.betterwayhealth.co
1 betterwayhealth.co 1 redirects
1 myadsserver.com 1 redirects
1 xml.sedodna.com 1 redirects
1 img.sedoparking.com ww2.diskord.club
1 domaincntrol.com diskord.club
1 diskord.club
12 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-28		 a year crt.sh

This page contains 1 frames:

Frame: http://vibiu-dau.com/zclkredirect?visitid=7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false
Frame ID: 2747B08F2CE4D32BC4B2280B07114CC8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://diskord.club/ Page URL
  2. http://ww2.diskord.club/ Page URL
  3. http://ww2.diskord.club/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGd... HTTP 302
    http://ww2.diskord.club/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGd... HTTP 302
    http://xml.sedodna.com/click?i=Lp*q51WGdxI_0 HTTP 302
    http://myadsserver.com/cemyl5k.php?key=admaventest5 HTTP 302
    http://betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472 HTTP 302
    http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472 Page URL
  4. http://vibiu-dau.com/zclkvisitor/7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09/85aefdc2-9ed0-48aa-922d-60f... Page URL

Page Statistics

12
Requests

8 %
HTTPS

20 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

15 kB
Transfer

11 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://diskord.club/ Page URL
  2. http://ww2.diskord.club/ Page URL
  3. http://ww2.diskord.club/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGdxI_0&v=MGU3ZDQyNTY1OTQwYzM3NDZmZWFhNWY2NGU3OTMwNGUJMQl3dzIuZGlza29yZC5jbHViNjUzZDUwOTliY2Y0ZTAuMTEyMTAwMTgJd3cyLmRpc2tvcmQuY2x1YjY1M2Q1MDk5YmNmNzg3LjIwMDg1ODEwCTE2OTg1MTcxNDcJYWRfNjNfMA==&l=OAkzYmU4OTFkYWUwZThkZDFiNjAwZmI3NmQ4NjEyMGQwZQkwCTEzCTAJMTFiM2Y1MThhNTEyMWQyZjI3ZjZiYTAzNDNiMTllMmMJNTI5MjI1MzA2CWRpc2tvcmQJMAk2Mwk0CTMJMTY5ODUxNzE0NwkwLjAwMDIyCU4JMAkxCTE1MTIJMTIwNQkzODc0MzgyNjIJMTk0Ljc0LjIxMi43Nwkw HTTP 302
    http://ww2.diskord.club/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGdxI_0&v=MGU3ZDQyNTY1OTQwYzM3NDZmZWFhNWY2NGU3OTMwNGUJMQl3dzIuZGlza29yZC5jbHViNjUzZDUwOTliY2Y0ZTAuMTEyMTAwMTgJd3cyLmRpc2tvcmQuY2x1YjY1M2Q1MDk5YmNmNzg3LjIwMDg1ODEwCTE2OTg1MTcxNDcJYWRfNjNfMA==&l=OAkzYmU4OTFkYWUwZThkZDFiNjAwZmI3NmQ4NjEyMGQwZQkwCTEzCTAJMTFiM2Y1MThhNTEyMWQyZjI3ZjZiYTAzNDNiMTllMmMJNTI5MjI1MzA2CWRpc2tvcmQJMAk2Mwk0CTMJMTY5ODUxNzE0NwkwLjAwMDIyCU4JMAkxCTE1MTIJMTIwNQkzODc0MzgyNjIJMTk0Ljc0LjIxMi43Nwkw HTTP 302
    http://xml.sedodna.com/click?i=Lp*q51WGdxI_0 HTTP 302
    http://myadsserver.com/cemyl5k.php?key=admaventest5 HTTP 302
    http://betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472 HTTP 302
    http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472 Page URL
  4. http://vibiu-dau.com/zclkvisitor/7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=9f91b420-e5de-11ed-a30d-0a918cbcbb97 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://ww2.diskord.club/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGdxI_0&v=MGU3ZDQyNTY1OTQwYzM3NDZmZWFhNWY2NGU3OTMwNGUJMQl3dzIuZGlza29yZC5jbHViNjUzZDUwOTliY2Y0ZTAuMTEyMTAwMTgJd3cyLmRpc2tvcmQuY2x1YjY1M2Q1MDk5YmNmNzg3LjIwMDg1ODEwCTE2OTg1MTcxNDcJYWRfNjNfMA==&l=OAkzYmU4OTFkYWUwZThkZDFiNjAwZmI3NmQ4NjEyMGQwZQkwCTEzCTAJMTFiM2Y1MThhNTEyMWQyZjI3ZjZiYTAzNDNiMTllMmMJNTI5MjI1MzA2CWRpc2tvcmQJMAk2Mwk0CTMJMTY5ODUxNzE0NwkwLjAwMDIyCU4JMAkxCTE1MTIJMTIwNQkzODc0MzgyNjIJMTk0Ljc0LjIxMi43Nwkw HTTP 302
  • http://ww2.diskord.club/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGdxI_0&v=MGU3ZDQyNTY1OTQwYzM3NDZmZWFhNWY2NGU3OTMwNGUJMQl3dzIuZGlza29yZC5jbHViNjUzZDUwOTliY2Y0ZTAuMTEyMTAwMTgJd3cyLmRpc2tvcmQuY2x1YjY1M2Q1MDk5YmNmNzg3LjIwMDg1ODEwCTE2OTg1MTcxNDcJYWRfNjNfMA==&l=OAkzYmU4OTFkYWUwZThkZDFiNjAwZmI3NmQ4NjEyMGQwZQkwCTEzCTAJMTFiM2Y1MThhNTEyMWQyZjI3ZjZiYTAzNDNiMTllMmMJNTI5MjI1MzA2CWRpc2tvcmQJMAk2Mwk0CTMJMTY5ODUxNzE0NwkwLjAwMDIyCU4JMAkxCTE1MTIJMTIwNQkzODc0MzgyNjIJMTk0Ljc0LjIxMi43Nwkw HTTP 302
  • http://xml.sedodna.com/click?i=Lp*q51WGdxI_0 HTTP 302
  • http://myadsserver.com/cemyl5k.php?key=admaventest5 HTTP 302
  • http://betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472 HTTP 302
  • http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
diskord.club/ 		593 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
http://diskord.club/
Protocol
HTTP/1.1
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 28 Oct 2023 18:19:05 GMT
etag
W/"63f68860-251"
last-modified
Wed, 22 Feb 2023 21:25:52 GMT
server
nginx/1.18.0 (Ubuntu)
transfer-encoding
chunked
/
domaincntrol.com/ 		25 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://domaincntrol.com/?orighost=http://diskord.club/
Requested by
Host: diskord.club
URL: http://diskord.club/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://diskord.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x_details
{"destination":"sedo","orighost":"diskord.club","type":"org","finalurl":"http://ww2.diskord.club","browser":"chrome","os":"windows","country":"GB","device":"desktop","isbot":false,"botscore":99}
date
Sat, 28 Oct 2023 18:19:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cf-ray
81d52f5e8a22654a-LHR
content-length
25
/
ww2.diskord.club/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww2.diskord.club/
Requested by
Host: diskord.club
URL: http://diskord.club/
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash
5df7fb57e6f68893f0447e7ae6b299c1e7439ec9dbff440d7a3279cc741cc4b8

Request headers

Referer
http://diskord.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 28 Oct 2023 18:19:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 28 Oct 2023 18:19:05 GMT
pragma
no-cache
server
NginX
transfer-encoding
chunked
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_tJ/EpD4csMnFLL9UjvKHrzKlsIXhcdNveggCoDWzHaMb/qIoGDDqNJ/VbX+e9A5fwbrFToWXe985wcvRCZN0TQ==
x-cache-miss-from
parking-697977dd84-k4d52
x-powered-by
PHP/8.1.17
js_preloader.gif
img.sedoparking.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.sedoparking.com/images/js_preloader.gif
Requested by
Host: ww2.diskord.club
URL: http://ww2.diskord.club/
Protocol
HTTP/1.1
Server
205.234.175.175 Carrollton, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww2.diskord.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:19:07 GMT
x-cf-tsc
1673427522
X-CF3
M
CF4ttl
31536000.000
X-CF1
11696:fC.lon1:cf:cacheN.lon1-01:H
X-CF-ReqID
e04600218b4fed8f53ed2686d2a30152
Connection
keep-alive
Content-Length
4254
X-CF2
H
Last-Modified
Fri, 15 Mar 2019 12:24:07 GMT
Server
CFS 0215
X-CFF
B
Content-Type
image/gif
Access-Control-Allow-Origin
*
X-CFHash
"90c93102a88c2ab94bff1575b7a6e86e"
Cache-Control
max-age=604800
CF4Age
0
Accept-Ranges
bytes
Expires
Sat, 04 Nov 2023 18:19:07 GMT
tsc.php
ww2.diskord.club/search/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww2.diskord.club/search/tsc.php?200=NTI5MjI1MzA2&21=MTk0Ljc0LjIxMi43Nw==&681=MTY5ODUxNzE0NzMzZmNkNzRmMjlmOGY0NDg2Y2RmODM2MTM5Y2M5NGEx&crc=17f2ddd353c73d0f79c74e34dce5351a37eb5174&cv=1
Requested by
Host: ww2.diskord.club
URL: http://ww2.diskord.club/
Protocol
HTTP/1.1
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX / PHP/8.1.17
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww2.diskord.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:19:07 GMT
x-cache-miss-from
parking-697977dd84-fd6rv
server
NginX
x-powered-by
PHP/8.1.17
content-length
0
content-type
text/html; charset=UTF-8
/
ww12.betterwayhealth.co/
Redirect Chain
  • http://ww2.diskord.club/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGdxI_0&v=MGU3ZDQyNTY1OTQwYzM3NDZmZWFhNWY2NGU3OTMwNGUJMQl3dzIuZGlza29yZC5jbHViNjUzZDUwOTliY2Y0ZTAuMT...
  • http://ww2.diskord.club/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DLp%2Aq51WGdxI_0&v=MGU3ZDQyNTY1OTQwYzM3NDZmZWFhNWY2NGU3OTMwNGUJMQl3dzIuZGlza29yZC5jbHViNjUzZDUwOTliY2Y0ZTAuMT...
  • http://xml.sedodna.com/click?i=Lp*q51WGdxI_0
  • http://myadsserver.com/cemyl5k.php?key=admaventest5
  • http://betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
  • http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
Requested by
Host: ww2.diskord.club
URL: http://ww2.diskord.club/
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
64f33b630c898cf942cdca6de842da06a93c0140ddd4d78318ecf639e704625b

Request headers

Referer
http://ww2.diskord.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Oct 2023 18:19:10 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ZpGHH0cmSdR6reSFN1EeAge+MJAiAUB/ZnllTgUu811qfmGA2Qbhx1kbh+seXpQ1UaB1JZF4SWkNi8i889Q1Mw==
X-Buckets
bucket011
X-Domain
betterwayhealth.co
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
ww12
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 28 Oct 2023 18:19:08 GMT
Location
http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By
PHP/5.4.16
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: ww12.betterwayhealth.co
URL: http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
Protocol
HTTP/1.1
Server
2600:9000:2250:aa00:1d:4618:5c80:21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.betterwayhealth.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 04:30:59 GMT
Via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
FRA60-P2
Age
49691
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
FN2CGMWCB9sCPr3_NcrY8fT04eoAwLNBJifKDeF_T2iuPtBwfcIlBQ==
track.php
ww12.betterwayhealth.co/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.betterwayhealth.co/track.php?domain=betterwayhealth.co&toggle=browserjs&uid=MTY5ODUxNzE0OS42NzY2OjIzNGM0NGExYjdmNWI5YWY2YzIzZGQ1ZGQ1NzFkZjBiNGE2NjMyOTQzMzM1ZjE1Yzc0NzdiNDk2NjA0ODAxOGM6NjUzZDUwOWRhNTMxZg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:19:10 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
ww12.betterwayhealth.co/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.betterwayhealth.co/ls.php?t=653d509e&token=ea12863b465de9f11b6a0e79ada1df751f3ef594
Requested by
Host: ww12.betterwayhealth.co
URL: http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:19:10 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_nH7irUqktM7xXoqOmVid6eWGboP8lBef0qlJkzbjo8TxgC4I7kV3N+9BeoCdScn6aHRSdXP5O3WEQj8DbFYqLg==
Connection
keep-alive
X-Log-Success
653d509e846a2c311d01b547
track.php
ww12.betterwayhealth.co/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ww12.betterwayhealth.co/track.php?click=fb81174a71cc301346734670fe68f524cf434b54&domain=betterwayhealth.co&uid=MTY5ODUxNzE0OS42NzY2OjIzNGM0NGExYjdmNWI5YWY2YzIzZGQ1ZGQ1NzFkZjBiNGE2NjMyOTQzMzM1ZjE1Yzc0NzdiNDk2NjA0ODAxOGM6NjUzZDUwOWRhNTMxZg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NTNkNTA5ZGE1MmY4fHx8MTY5ODUxNzE1MC4wNTA3fDg2NWExNWVkZDM2MjNmNjlkNjNmMjhkMTdhNmIzMTkzOTNkNjA5MzN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXxlYTEyODYzYjQ2NWRlOWYxMWI2YTBlNzlhZGExZGY3NTFmM2VmNTk0fDB8fDB8MHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
76.223.26.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Sat, 28 Oct 2023 18:19:10 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
Primary Request 85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
vibiu-dau.com/zclkvisitor/7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vibiu-dau.com/zclkvisitor/7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=9f91b420-e5de-11ed-a30d-0a918cbcbb97
Requested by
Host: ww12.betterwayhealth.co
URL: http://ww12.betterwayhealth.co/?uclick=vcx9q5my&uclickhash=vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472
Protocol
HTTP/1.1
Server
35.171.236.221 -, , ASN (),
Reverse DNS
Software
zpWyxAri /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://ww12.betterwayhealth.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Sat, 28 Oct 2023 18:19:11 GMT
Server
zpWyxAri
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
vibiu-dau.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vibiu-dau.com
URL
http://vibiu-dau.com/zclkredirect?visitid=7d1cf5b1-75be-11ee-8ddf-0a0e3cafcb09&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| domain string| uniqueTrackingID boolean| clickTracking string| themedata string| xkw string| xsearch string| xpcat string| bucket string| clientID string| clientIDs number| num_ads string| adtest string| scriptPath

2 Cookies

Domain/Path Name / Value
myadsserver.com/ Name: uclick
Value: vcx9q5my
myadsserver.com/ Name: uclickhash
Value: vcx9q5my-vcx9q5my-ir-0-2ti4-9zsydz-9za98n-0c1472