urlscan.io logo urlscan.io
SecurityTrails logo

agabreloomr.com Open in urlscan Pro
139.45.197.151  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kirutotukam.com/?ts=1667394322335&id=344
Effective URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Submission: On November 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 14 HTTP transactions. The main IP is 139.45.197.151, located in United Kingdom and belongs to RETN-AS, GB. The main domain is agabreloomr.com. The Cisco Umbrella rank of the primary domain is 142368.
TLS certificate: Issued by R3 on August 31st 2022. Valid for: 3 months.
This is the only time agabreloomr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.64.52 13335 (CLOUDFLAR...)
1 1 18.66.122.86 16509 (AMAZON-02)
1 1 137.74.247.34 16276 (OVH)
1 35.201.127.73 15169 (GOOGLE)
2 2 35.201.117.228 15169 (GOOGLE)
5 139.45.197.151 9002 (RETN-AS)
6 139.45.197.251 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
14 5
1    104.21.64.52 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
kirutotukam.com
1    18.66.122.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-86.fra60.r.cloudfront.net
waytogypts.xyz
1    137.74.247.34 (Villepinte, France)

ASN16276 (OVH, FR)
PTR: ip34.ip-137-74-247.eu
tm-offers.gamingadult.com
1    35.201.127.73 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com
www.trafyield.com
2    35.201.117.228 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 228.117.201.35.bc.googleusercontent.com
dexchangeinc.com
5    139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)
agabreloomr.com
6    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
yonhelioliskor.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
6 yonhelioliskor.com
yonhelioliskor.com — Cisco Umbrella Rank: 50625
56 KB
5 agabreloomr.com
agabreloomr.com — Cisco Umbrella Rank: 142368
23 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7322
1 KB
2 dexchangeinc.com
dexchangeinc.com — Cisco Umbrella Rank: 85445
1 KB
1 trafyield.com
www.trafyield.com — Cisco Umbrella Rank: 897720
3 KB
1 gamingadult.com
tm-offers.gamingadult.com — Cisco Umbrella Rank: 103838
144 B
1 waytogypts.xyz
waytogypts.xyz — Cisco Umbrella Rank: 207983
754 B
1 kirutotukam.com
kirutotukam.com — Cisco Umbrella Rank: 320734
661 B
14 8
Domain Requested by
6 yonhelioliskor.com agabreloomr.com
yonhelioliskor.com
5 agabreloomr.com www.trafyield.com
agabreloomr.com
2 my.rtmark.net yonhelioliskor.com
2 dexchangeinc.com 2 redirects
1 www.trafyield.com
1 tm-offers.gamingadult.com 1 redirects
1 waytogypts.xyz 1 redirects
1 kirutotukam.com 1 redirects
14 8

This site contains no links.

Subject Issuer Validity Valid
agabreloomr.com
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh
yonhelioliskor.com
R3		 2022-10-18 -
2023-01-16		 3 months crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-20 -
2022-11-26		 a year crt.sh

This page contains 1 frames:

Frame: https://agabreloomr.com/4/4470221/?rhd=1&var=2266485-2658448306-0&var3=$166739473209990TDETV424540911184V09
Frame ID: 1919690EA3929D8BC7A817D65A1E25A9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zulassen drücken

Page URL History Show full URLs

  1. https://kirutotukam.com/?ts=1667394322335&id=344 HTTP 302
    http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
    https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=39456525186950898... HTTP 302
    http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
  2. http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-... HTTP 302
    http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYV... HTTP 302
    https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-26584483... Page URL
  3. https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-26584483... Page URL

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

83 kB
Transfer

212 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kirutotukam.com/?ts=1667394322335&id=344 HTTP 302
    http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
    https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=394565251869508984&subid2=959637 HTTP 302
    http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
  2. http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRojzCFppeyuyNUcXIWTpr4qOisK9egWq4Gte5gsBu4kffU2AzdwAGhiKkUksdmpj4g%252C&cbpage=http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}&cbur=0.0374198252291984&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYVKfVxhkRVWw4EfmAV20Y3uLJs25DSlKhGH_TXOQeRgDYUZjnsxzM_lRsEmTgASYS006Y1EBVP3s3uosPSRn4SI58BNtE6O2An63yHYhLIEEiIsPfmi0BY5p8QDLFoxI7wPIaLmPT0zR6ljySt2e5-FlKblfVZvjdQhlVTFzgqawY_7UfJgDdtxJJfywtA0Hrj6NcNbBl5I97WpZLC5Q-K7Emu4AHdvghX6FA4yBDTGdXmtcjlcED9AbBZRR1bkQgyZasdqN9e8Dbccj9i1y-BRUX_jAc-oPC0-xit3kXTXgzSuVmMkvAkICX-RB4SMplviWq6As0yW1TELPjTZ_0PN8JgTCQf_ViIp34DN2TrJK2BnlcomXADFzqZ0ex59wW20Zya9kPKLeEnHmRJpuGwJS3CW1g7kF4SQlAlD7t8b1DuirZSqH49qWkXWdWxOfu6LYR9cJ1EB-1lJs_GkH4dUc7Ts48PpM-kVQ5HrgJmdOjp2VBcMM17NLnSiYivFcm-iJiVJjseEeA_JFStwB4zRZpidSFNvV9kQU40YI-qF5rVe0tIhwlEomnhEwgheFe5nnQ099L-zDXSYL2CaiqOzTRtVQ1VtB8eU2sWgnE-OvNvE4Tx07zZVa-Aacq HTTP 302
    https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0 Page URL
  3. https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://kirutotukam.com/?ts=1667394322335&id=344 HTTP 302
  • http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
  • https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=394565251869508984&subid2=959637 HTTP 302
  • http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Request Chain 1
  • http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRojzCFppeyuyNUcXIWTpr4qOisK9egWq4Gte5gsBu4kffU2AzdwAGhiKkUksdmpj4g%252C&cbpage=http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}&cbur=0.0374198252291984&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
  • http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYVKfVxhkRVWw4EfmAV20Y3uLJs25DSlKhGH_TXOQeRgDYUZjnsxzM_lRsEmTgASYS006Y1EBVP3s3uosPSRn4SI58BNtE6O2An63yHYhLIEEiIsPfmi0BY5p8QDLFoxI7wPIaLmPT0zR6ljySt2e5-FlKblfVZvjdQhlVTFzgqawY_7UfJgDdtxJJfywtA0Hrj6NcNbBl5I97WpZLC5Q-K7Emu4AHdvghX6FA4yBDTGdXmtcjlcED9AbBZRR1bkQgyZasdqN9e8Dbccj9i1y-BRUX_jAc-oPC0-xit3kXTXgzSuVmMkvAkICX-RB4SMplviWq6As0yW1TELPjTZ_0PN8JgTCQf_ViIp34DN2TrJK2BnlcomXADFzqZ0ex59wW20Zya9kPKLeEnHmRJpuGwJS3CW1g7kF4SQlAlD7t8b1DuirZSqH49qWkXWdWxOfu6LYR9cJ1EB-1lJs_GkH4dUc7Ts48PpM-kVQ5HrgJmdOjp2VBcMM17NLnSiYivFcm-iJiVJjseEeA_JFStwB4zRZpidSFNvV9kQU40YI-qF5rVe0tIhwlEomnhEwgheFe5nnQ099L-zDXSYL2CaiqOzTRtVQ1VtB8eU2sWgnE-OvNvE4Tx07zZVa-Aacq HTTP 302
  • https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
next.php
www.trafyield.com/jump/
Redirect Chain
  • https://kirutotukam.com/?ts=1667394322335&id=344
  • http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com
  • https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=394565251869508984&subid2=959637
  • http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Protocol
HTTP/1.1
Server
35.201.127.73 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
73.127.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Nov 2022 13:12:11 GMT
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 13:12:11 GMT
location
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
server
nginx
/
agabreloomr.com/
Redirect Chain
  • http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRojzCFppeyuyNUcXIWTpr4qOisK9egWq4Gte5gsBu4kffU2AzdwAGhiKkUksdmpj4g%2...
  • http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYVKfVxhkRVWw4EfmAV20Y3uLJs25DSlKhGH_TXOQeRgDYUZjnsxzM_lRsEmTgASYS006Y1EBVP3s3uosPSRn4SI58BNtE6O2An6...
  • https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
18 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
Requested by
Host: www.trafyield.com
URL: http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
d98b029d0ff88e0723d8787f451809863c5a9708162d414a62af49a81f9b9e09

Request headers

Referer
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 13:12:12 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.26

Redirect headers

Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Date
Wed, 02 Nov 2022 13:12:12 GMT
Location
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
Referrer-Policy
no-referrer
Server
openresty
Transfer-Encoding
chunked
Via
1.1 google
micro.tag.min.js
yonhelioliskor.com/pfe/current/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Requested by
Host: agabreloomr.com
URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0091781d32fa208d9cb4ad29cd18a8ac200d3a505f2c7df847573eb05c6a47f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 13:12:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 13:02:53 GMT
server
nginx
etag
W/"63626a7d-12fd9"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

Content-Type
image/gif
/
agabreloomr.com/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&mprtr=1
Requested by
Host: agabreloomr.com
URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

date
Wed, 02 Nov 2022 13:12:12 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
zone
yonhelioliskor.com/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470198&is_mobile=true&domain=agabreloomr.com&var=2266485-2658448306-0&ymid=%24166739473209990TDETV424540911184V09&var_3=&dsig=&action=prerequest
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

x-trace-id
84721457f48dc7f8079d2d5ab64c0f23
date
Wed, 02 Nov 2022 13:12:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://agabreloomr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
gid.js
my.rtmark.net/ 		65 B
544 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4470198&checkDuplicate=true&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d421d993139b75ff65f8d96f70675459011aefa15e4f2a87488ba43bde293658
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

date
Wed, 02 Nov 2022 13:12:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://agabreloomr.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yonhelioliskor.com/ 		730 B
1018 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470198&is_mobile=true&domain=agabreloomr.com&var=2266485-2658448306-0&ymid=%24166739473209990TDETV424540911184V09&var_3=&dsig=&action=settings
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
601d33b3e3ab49ff30d2c602d9301c8da06afc5a4ad9b291e1e2128a85215648
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

x-trace-id
fd7687d49b614a5c9a1a06eb815d2c3c
date
Wed, 02 Nov 2022 13:12:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://agabreloomr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
730
Primary Request /
agabreloomr.com/ 		18 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Requested by
Host: agabreloomr.com
URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
ca4589208ce9cb3c52e768d28b70ee3e5e802314831515364368f2ae81086df4

Request headers

Referer
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 02 Nov 2022 13:12:12 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.26
micro.tag.min.js
yonhelioliskor.com/pfe/current/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Requested by
Host: agabreloomr.com
URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0091781d32fa208d9cb4ad29cd18a8ac200d3a505f2c7df847573eb05c6a47f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Nov 2022 13:12:12 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 13:02:53 GMT
server
nginx
etag
W/"63626a7d-12fd9"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

Content-Type
image/gif
/
agabreloomr.com/ 		2 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2&mprtr=1
Requested by
Host: agabreloomr.com
URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.24
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

date
Wed, 02 Nov 2022 13:12:12 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.24
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
zone
yonhelioliskor.com/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470198&is_mobile=true&domain=agabreloomr.com&var=2266485-2658448306-0&ymid=%24166739473209990TDETV424540911184V09&var_3=&dsig=&action=prerequest
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

x-trace-id
a46e7d73a8e6ff685300c78ac3e1f240
date
Wed, 02 Nov 2022 13:12:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://agabreloomr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4470198&checkDuplicate=true&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d421d993139b75ff65f8d96f70675459011aefa15e4f2a87488ba43bde293658
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

date
Wed, 02 Nov 2022 13:12:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://agabreloomr.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
yonhelioliskor.com/ 		730 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yonhelioliskor.com/zone?&pub=0&zone_id=4470198&is_mobile=true&domain=agabreloomr.com&var=2266485-2658448306-0&ymid=%24166739473209990TDETV424540911184V09&var_3=&dsig=&action=settings
Requested by
Host: yonhelioliskor.com
URL: https://yonhelioliskor.com/pfe/current/micro.tag.min.js?z=4470198&ymid=$166739473209990TDETV424540911184V09&var=2266485-2658448306-0&sw=/sw-check-permissions/4470198
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
601d33b3e3ab49ff30d2c602d9301c8da06afc5a4ad9b291e1e2128a85215648
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://agabreloomr.com/
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36

Response headers

x-trace-id
2aa04435890244e22d3c4e0691aa16c6
date
Wed, 02 Nov 2022 13:12:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://agabreloomr.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
730
/
agabreloomr.com/4/4470221/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://agabreloomr.com/4/4470221/?rhd=1&var=2266485-2658448306-0&var3=$166739473209990TDETV424540911184V09
Requested by
Host: agabreloomr.com
URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=60
X-Content-Type-Options nosniff

Request headers

Referer
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 12; Pixel 5a) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
date
Wed, 02 Nov 2022 13:12:13 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=60
timing-allow-origin
*
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| alphabet string| subdomain function| randomInt string| mtPushZone string| mtS string| mtZ string| mtTargetUrl string| mtDebug string| mtRDC string| mtUHD string| srcDomain function| redirect object| mtScript function| updateURLParameter object| ntfcSDK object| zfgformats

4 Cookies

Domain/Path Name / Value
kirutotukam.com/ Name: _ctid
Value: 4010870372
waytogypts.xyz/ Name: csu
Value: 5adf6336-7270-4c44-9756-95122024e9ff
my.rtmark.net/ Name: ID
Value: f6fd5fe313e14ef29aea9eae993fedaf
agabreloomr.com/ Name: reverse
Value: rnZsPs9YwtqVUGDK31a0BGad4MNQFPdWhXWxN-3vITE