flirtooy.info Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://discordnltros.xyz/
Effective URL:
https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2bf4-3063-45ca-b7ca-76...
Submission: On October 20 via api (October 20th 2023, 3:22:41 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 10 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in and belongs to . The main domain is flirtooy.info.
TLS certificate: Issued by GTS CA 1P5 on October 11th 2023. Valid for: 3 months.

This is the only time flirtooy.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	64.225.91.73 64.225.91.73	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:1b2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	64.190.63.136 64.190.63.136	47846 (SEDO-AS) (SEDO-AS)
2	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
2 2	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	65.21.84.133 65.21.84.133	24940 (HETZNER-AS) (HETZNER-AS)
1 1	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
1 1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::51:6001	() ()
1 1	172.255.248.125 172.255.248.125	() ()
1	2a06:98c1:312... 2a06:98c1:3121::3	() ()
12	6

1 64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

discordnltros.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b2d (United States)

ASN13335 (CLOUDFLARENET, US)

domaincntrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 64.190.63.136 (Germany) 4 redirects

ASN47846 (SEDO-AS, DE)

ww2.discordnltros.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ww1.starburstgame.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.234.175.175 (Carrollton, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.239.53.32 (United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.84.133 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.133.84.21.65.clients.your-server.de

myadsserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.52.179.174 (Sedona, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

starburstgame.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:3:d0::51:6001 (None, ) 1 redirects

ASN- ()

go.proffering.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.255.248.125 (None, ) 1 redirects

ASN- ()

go.gkrtmc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (None, )

ASN- ()

flirtooy.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	starburstgame.de 3 redirects starburstgame.de ww1.starburstgame.de	4 KB
5	discordnltros.xyz 2 redirects discordnltros.xyz ww2.discordnltros.xyz	4 KB
2	sedodna.com 2 redirects xml.sedodna.com — Cisco Umbrella Rank: 443181	415 B
2	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 72730	9 KB
1	flirtooy.info flirtooy.info
1	gkrtmc.com 1 redirects go.gkrtmc.com	2 KB
1	proffering.xyz 1 redirects go.proffering.xyz	974 B
1	myadsserver.com 1 redirects myadsserver.com — Cisco Umbrella Rank: 217000	506 B
1	domaincntrol.com domaincntrol.com — Cisco Umbrella Rank: 230459	341 B
0	googleapis.com Failed fonts.googleapis.com Failed
12	10

	Domain	Requested by
4	ww1.starburstgame.de	2 redirects ww2.discordnltros.xyz ww1.starburstgame.de
4	ww2.discordnltros.xyz	2 redirects discordnltros.xyz ww2.discordnltros.xyz
2	xml.sedodna.com	2 redirects
2	img.sedoparking.com	ww2.discordnltros.xyz ww1.starburstgame.de
1	flirtooy.info	ww1.starburstgame.de flirtooy.info
1	go.gkrtmc.com	1 redirects
1	go.proffering.xyz	1 redirects
1	starburstgame.de	1 redirects
1	myadsserver.com	1 redirects
1	domaincntrol.com	discordnltros.xyz
1	discordnltros.xyz
0	fonts.googleapis.com Failed	flirtooy.info
12	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-28`	a year	crt.sh
flirtooy.info GTS CA 1P5	`2023-10-11` - `2024-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2bf4-3063-45ca-b7ca-7624a795a79f_13da416c8b50279c9151e97991b19235&source=64923&aff_sub=&aff_sub2=popunder-clickunder
Frame ID: D38E189B7DF1960792D87486E923F201
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://discordnltros.xyz/ Page URL
http://ww2.discordnltros.xyz/ Page URL
http://ww2.discordnltros.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2Aed... HTTP 302
http://ww2.discordnltros.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2Aed... HTTP 302
http://xml.sedodna.com/click?i=kTJTON*eddY_0 HTTP 302
http://myadsserver.com/cemyl5k.php?key=admaven HTTP 302
http://starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a HTTP 302
http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Page URL
http://ww1.starburstgame.de/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjRvLPWiOpnI... HTTP 302
http://ww1.starburstgame.de/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjRvLPWiOpnI... HTTP 302
http://xml.sedodna.com/click?i=jRvLPWiOpnI_0 HTTP 302
https://go.proffering.xyz/15Gu5p?zoneid=44557968&pubfeed=95356/95356.240934_44557968&campaign=671642&c... HTTP 302
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click... HTTP 302
https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2b... Page URL

Page Statistics

12
Requests

17 %
HTTPS

30 %
IPv6

10
Domains

12
Subdomains

6
IPs

3
Countries

15 kB
Transfer

19 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://discordnltros.xyz/ Page URL
http://ww2.discordnltros.xyz/ Page URL
http://ww2.discordnltros.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2AeddY_0&v=ZTk2YTFkYzRiOWEzMzc5NTg0YzMzZjgxOTQyZjEzYzEJMQl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNTcxMi44MjU4NzA0Mgl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNWI5Ny4yMTA4OTQwOQkxNjk3NzcyMTU4CWFkXzYzXzA=&l=OAljZGUyMzYyN2NlNWM1MzlmOTJjOTgwYzc3NmZjOWU4NAkwCTQ4CTAJMDk5YTg5ZTA0NzU3OWM2ZmE2NjVkNjdkMzNjYWU0YzgJNDAyNjYzNjI4CWRpc2NvcmRubHRyb3MJMAk2Mwk3CTUJMTY5Nzc3MjE1OAkwLjAwMDIyNQlOCTAJMQkxOTAwCTEyMDUJMzkwMjYwMDUxCTE5My4zMi4yNDguMjI3CTA%3D HTTP 302
http://ww2.discordnltros.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2AeddY_0&v=ZTk2YTFkYzRiOWEzMzc5NTg0YzMzZjgxOTQyZjEzYzEJMQl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNTcxMi44MjU4NzA0Mgl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNWI5Ny4yMTA4OTQwOQkxNjk3NzcyMTU4CWFkXzYzXzA=&l=OAljZGUyMzYyN2NlNWM1MzlmOTJjOTgwYzc3NmZjOWU4NAkwCTQ4CTAJMDk5YTg5ZTA0NzU3OWM2ZmE2NjVkNjdkMzNjYWU0YzgJNDAyNjYzNjI4CWRpc2NvcmRubHRyb3MJMAk2Mwk3CTUJMTY5Nzc3MjE1OAkwLjAwMDIyNQlOCTAJMQkxOTAwCTEyMDUJMzkwMjYwMDUxCTE5My4zMi4yNDguMjI3CTA%3D HTTP 302
http://xml.sedodna.com/click?i=kTJTON*eddY_0 HTTP 302
http://myadsserver.com/cemyl5k.php?key=admaven HTTP 302
http://starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a HTTP 302
http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Page URL
http://ww1.starburstgame.de/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjRvLPWiOpnI_0&v=MjE3NWMwOGQ4OTZjMDJhYWMxYTdlNTM4ZDYyOTRiYzMJMQl3dzEuc3RhcmJ1cnN0Z2FtZS5kZTY1MzFmMjgwNTJmZDIwLjI0MjQ3NzI1CXd3MS5zdGFyYnVyc3RnYW1lLmRlNjUzMWYyODA1MzAyMDYuNDUyNDU0NDcJMTY5Nzc3MjE2MAlhZF82M18w&l=OAlhZjVmOGI3MDI2NTRhNjMxYmQxZGM2NTgzNWU2M2E5MwkwCTQ4CTAJODRlNjI5OThmNTY1Mjk5NzQzYTg5YWNiODdlODVhZTUJNTQ4OTM0NzYwCXN0YXJidXJzdGdhbWUJMAk2Mwk3CTUJMTY5Nzc3MjE2MAkwLjAwMDI2MwlOCTAJMAkwCTEyMDUJNTM3NzEwMzY1CTE5My4zMi4yNDguMjI3CTA%3D HTTP 302
http://ww1.starburstgame.de/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjRvLPWiOpnI_0&v=MjE3NWMwOGQ4OTZjMDJhYWMxYTdlNTM4ZDYyOTRiYzMJMQl3dzEuc3RhcmJ1cnN0Z2FtZS5kZTY1MzFmMjgwNTJmZDIwLjI0MjQ3NzI1CXd3MS5zdGFyYnVyc3RnYW1lLmRlNjUzMWYyODA1MzAyMDYuNDUyNDU0NDcJMTY5Nzc3MjE2MAlhZF82M18w&l=OAlhZjVmOGI3MDI2NTRhNjMxYmQxZGM2NTgzNWU2M2E5MwkwCTQ4CTAJODRlNjI5OThmNTY1Mjk5NzQzYTg5YWNiODdlODVhZTUJNTQ4OTM0NzYwCXN0YXJidXJzdGdhbWUJMAk2Mwk3CTUJMTY5Nzc3MjE2MAkwLjAwMDI2MwlOCTAJMAkwCTEyMDUJNTM3NzEwMzY1CTE5My4zMi4yNDguMjI3CTA%3D HTTP 302
http://xml.sedodna.com/click?i=jRvLPWiOpnI_0 HTTP 302
https://go.proffering.xyz/15Gu5p?zoneid=44557968&pubfeed=95356/95356.240934_44557968&campaign=671642&cost=0.00042 HTTP 302
https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=fd8e8461f56aee019f02c08f818c7c0f-11246-1020 HTTP 302
https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2bf4-3063-45ca-b7ca-7624a795a79f_13da416c8b50279c9151e97991b19235&source=64923&aff_sub=&aff_sub2=popunder-clickunder Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://ww2.discordnltros.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2AeddY_0&v=ZTk2YTFkYzRiOWEzMzc5NTg0YzMzZjgxOTQyZjEzYzEJMQl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNTcxMi44MjU4NzA0Mgl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNWI5Ny4yMTA4OTQwOQkxNjk3NzcyMTU4CWFkXzYzXzA=&l=OAljZGUyMzYyN2NlNWM1MzlmOTJjOTgwYzc3NmZjOWU4NAkwCTQ4CTAJMDk5YTg5ZTA0NzU3OWM2ZmE2NjVkNjdkMzNjYWU0YzgJNDAyNjYzNjI4CWRpc2NvcmRubHRyb3MJMAk2Mwk3CTUJMTY5Nzc3MjE1OAkwLjAwMDIyNQlOCTAJMQkxOTAwCTEyMDUJMzkwMjYwMDUxCTE5My4zMi4yNDguMjI3CTA%3D HTTP 302
http://ww2.discordnltros.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2AeddY_0&v=ZTk2YTFkYzRiOWEzMzc5NTg0YzMzZjgxOTQyZjEzYzEJMQl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNTcxMi44MjU4NzA0Mgl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3ZTFhNWI5Ny4yMTA4OTQwOQkxNjk3NzcyMTU4CWFkXzYzXzA=&l=OAljZGUyMzYyN2NlNWM1MzlmOTJjOTgwYzc3NmZjOWU4NAkwCTQ4CTAJMDk5YTg5ZTA0NzU3OWM2ZmE2NjVkNjdkMzNjYWU0YzgJNDAyNjYzNjI4CWRpc2NvcmRubHRyb3MJMAk2Mwk3CTUJMTY5Nzc3MjE1OAkwLjAwMDIyNQlOCTAJMQkxOTAwCTEyMDUJMzkwMjYwMDUxCTE5My4zMi4yNDguMjI3CTA%3D HTTP 302
http://xml.sedodna.com/click?i=kTJTON*eddY_0 HTTP 302
http://myadsserver.com/cemyl5k.php?key=admaven HTTP 302
http://starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a HTTP 302
http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response discordnltros.xyz/	593 B 582 B	411ms 181ms	Document text/html	64.225.91.73 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://discordnltros.xyz/ Protocol HTTP/1.1 Server 64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Fri, 20 Oct 2023 03:22:37 GMT etag W/"63f68860-251" last-modified Wed, 22 Feb 2023 21:25:52 GMT server nginx/1.18.0 (Ubuntu) transfer-encoding chunked
GET H2	200	/ domaincntrol.com/	30 B 341 B	624ms 565ms	Fetch text/javascript	2606:4700::6812:1b2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://domaincntrol.com/?orighost=http://discordnltros.xyz/ Requested by Host: discordnltros.xyz URL: http://discordnltros.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1b2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://discordnltros.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers x_details {"destination":"sedo","orighost":"discordnltros.xyz","type":"org","finalurl":"http://ww2.discordnltros.xyz","browser":"chrome","os":"windows","country":"DE","device":"desktop","isbot":false,"botscore":77} date Fri, 20 Oct 2023 03:22:37 GMT server cloudflare vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cf-ray 818e232f59822685-TXL content-length 30
GET H/1.1	200 OK	/ Show response ww2.discordnltros.xyz/	2 KB 2 KB	708ms 543ms	Document text/html	64.190.63.136 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://ww2.discordnltros.xyz/ Requested by Host: discordnltros.xyz URL: http://discordnltros.xyz/ Protocol HTTP/1.1 Server 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash `0efacb67f33b09ce4a7e7d8b2cc339b13c563d83f4aedee9d2052ab91b4f1f22` Request headers Referer http://discordnltros.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 20 Oct 2023 03:22:38 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Fri, 20 Oct 2023 03:22:38 GMT pragma no-cache server NginX transfer-encoding chunked vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_dakS9b6p5riGEd9J+abX1WqTJvPW21HMd48w6P5jmqF9LxcdYl2Rt9Fmkr91i4on9n4h6JBqKK967V6m63oQKQ== x-cache-miss-from parking-697977dd84-ggb24 x-powered-by PHP/8.1.17
GET H/1.1	200 OK	js_preloader.gif img.sedoparking.com/images/	4 KB 5 KB	74ms 32ms	Image image/gif	205.234.175.175 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL http://img.sedoparking.com/images/js_preloader.gif Requested by Host: ww2.discordnltros.xyz URL: http://ww2.discordnltros.xyz/ Protocol HTTP/1.1 Server 205.234.175.175 Carrollton, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash `5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a` Request headers accept-language de-DE,de;q=0.9 Referer http://ww2.discordnltros.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Fri, 20 Oct 2023 03:22:38 GMT x-cf-tsc 1677950277 X-CF3 M CF4ttl 31536000.000 X-CF1 11696:fK.fra2:cf:cacheN.fra2-01:H X-CF-ReqID 0786bbe01eb3e41391606a75a8f02084 Connection keep-alive Content-Length 4254 X-CF2 H Last-Modified Fri, 15 Mar 2019 12:24:07 GMT Server CFS 0215 X-CFF B Content-Type image/gif Access-Control-Allow-Origin * X-CFHash "90c93102a88c2ab94bff1575b7a6e86e" Cache-Control max-age=604800 CF4Age 0 Accept-Ranges bytes Expires Fri, 27 Oct 2023 03:22:38 GMT
GET H/1.1	200 OK	tsc.php ww2.discordnltros.xyz/search/	0 201 B	42ms 41ms	XHR text/html	64.190.63.136 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://ww2.discordnltros.xyz/search/tsc.php?200=NDAyNjYzNjI4&21=MTkzLjMyLjI0OC4yMjc=&681=MTY5Nzc3MjE1ODU5MWI0OGQxZjY4Y2Q3MmMzMTUwZThkNGUxZjgxNDQ5&crc=af453e51a614100a8c3477418cb34528ac07508d&cv=1 Requested by Host: ww2.discordnltros.xyz URL: http://ww2.discordnltros.xyz/ Protocol HTTP/1.1 Server 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://ww2.discordnltros.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 03:22:38 GMT x-cache-miss-from parking-697977dd84-lqf6d server NginX x-powered-by PHP/8.1.17 content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	/ Show response ww1.starburstgame.de/ Redirect Chain http://ww2.discordnltros.xyz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2AeddY_0&v=ZTk2YTFkYzRiOWEzMzc5NTg0YzMzZjgxOTQyZjEzYzEJMQl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3Z... http://ww2.discordnltros.xyz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DkTJTON%2AeddY_0&v=ZTk2YTFkYzRiOWEzMzc5NTg0YzMzZjgxOTQyZjEzYzEJMQl3dzIuZGlzY29yZG5sdHJvcy54eXo2NTMxZjI3Z... http://xml.sedodna.com/click?i=kTJTONeddY_0 http://myadsserver.com/cemyl5k.php?key=admaven http://starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a*	2 KB 2 KB	766ms 453ms	Document text/html	64.190.63.136 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Requested by Host: ww2.discordnltros.xyz URL: http://ww2.discordnltros.xyz/ Protocol HTTP/1.1 Server 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash `0cfebda37a1898691b72fcb793f5b164cbdc5056e7e301d46a08b87e49aea9ce` Request headers Referer http://ww2.discordnltros.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 20 Oct 2023 03:22:40 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Fri, 20 Oct 2023 03:22:40 GMT pragma no-cache server NginX transfer-encoding chunked vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_VxPp9m5BFz9nEwq9XHaofojFQbp9y+bsWCZAn8E7E+bvU6Rr3ehUOTVYVWT1clRcSOZ4NjIrafnqjlnMS3eYDw== x-cache-miss-from parking-697977dd84-lqf6d x-powered-by PHP/8.1.17 Redirect headers Cache-Control no-cache Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Fri, 20 Oct 2023 03:22:39 GMT Location http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Pragma no-cache Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By PHP/5.4.16
GET H/1.1	200 OK	js_preloader.gif img.sedoparking.com/images/	4 KB 5 KB	33ms 32ms	Image image/gif	205.234.175.175 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL http://img.sedoparking.com/images/js_preloader.gif Requested by Host: ww1.starburstgame.de URL: http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Protocol HTTP/1.1 Server 205.234.175.175 Carrollton, United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash `5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a` Request headers accept-language de-DE,de;q=0.9 Referer http://ww1.starburstgame.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Fri, 20 Oct 2023 03:22:40 GMT x-cf-tsc 1677950277 X-CF3 M CF4ttl 31536000.000 X-CF1 11696:fK.fra2:cf:cacheN.fra2-01:H X-CF-ReqID e73ae2f8d5c66d1c12ceb67aeb351085 Connection keep-alive Content-Length 4254 X-CF2 H Last-Modified Fri, 15 Mar 2019 12:24:07 GMT Server CFS 0215 X-CFF B Content-Type image/gif Access-Control-Allow-Origin * X-CFHash "90c93102a88c2ab94bff1575b7a6e86e" Cache-Control max-age=604800 CF4Age 0 Accept-Ranges bytes Expires Fri, 27 Oct 2023 03:22:40 GMT
GET H/1.1	200 OK	tsc.php ww1.starburstgame.de/search/	0 201 B	43ms 43ms	XHR text/html	64.190.63.136 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://ww1.starburstgame.de/search/tsc.php?200=NTQ4OTM0NzYw&21=MTkzLjMyLjI0OC4yMjc=&681=MTY5Nzc3MjE2MGVhOWZjMDcwMDFjNzc2NzBhNGZjZjAzZmU1NzI1YTM5&crc=0d0ec5e94d59bd87c7f114f8d2c90862041ed1df&cv=1 Requested by Host: ww1.starburstgame.de URL: http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Protocol HTTP/1.1 Server 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers date Fri, 20 Oct 2023 03:22:40 GMT x-cache-miss-from parking-697977dd84-vn7t6 server NginX x-powered-by PHP/8.1.17 content-length 0 content-type text/html; charset=UTF-8
GET H2	200	Primary Request / flirtooy.info/ Redirect Chain http://ww1.starburstgame.de/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjRvLPWiOpnI_0&v=MjE3NWMwOGQ4OTZjMDJhYWMxYTdlNTM4ZDYyOTRiYzMJMQl3dzEuc3RhcmJ1cnN0Z2FtZS5kZTY1MzFmMjgwNTJm... http://ww1.starburstgame.de/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DjRvLPWiOpnI_0&v=MjE3NWMwOGQ4OTZjMDJhYWMxYTdlNTM4ZDYyOTRiYzMJMQl3dzEuc3RhcmJ1cnN0Z2FtZS5kZTY1MzFmMjgwNTJm... http://xml.sedodna.com/click?i=jRvLPWiOpnI_0 https://go.proffering.xyz/15Gu5p?zoneid=44557968&pubfeed=95356/95356.240934_44557968&campaign=671642&cost=0.00042 https://go.gkrtmc.com/aff_c?offer_id=8666&aff_id=64923&url_id=0&aff_sub5=popunder-clickunder&click_id=fd8e8461f56aee019f02c08f818c7c0f-11246-1020 https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2bf4-3063-45ca-b7ca-7624a795a79f_13da416c8b50279c9151e97991b19235&source=64923&aff_sub=&aff_sub2=popu...	6 KB 0	150ms 56ms	Document text/html	2a06:98c1:3121::3
General Check archive.org Show headers Download Go to Full URL https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2bf4-3063-45ca-b7ca-7624a795a79f_13da416c8b50279c9151e97991b19235&source=64923&aff_sub=&aff_sub2=popunder-clickunder Requested by Host: ww1.starburstgame.de URL: http://ww1.starburstgame.de/?uclick=y9uo1za8&uclickhash=y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate, no-transform cf-cache-status DYNAMIC cf-ray 818e234aa84f4daf-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 20 Oct 2023 03:22:41 GMT etag W/"6526a7ea-17a9" expires 0 last-modified Wed, 11 Oct 2023 13:49:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIZEbZ0eWs6YbMIEiJtZapZRieKLBpemy6TK5VWv0%2FApIAGoKtRq7F4PiW261W2kCig4Zk7Hrv6lB2ZQ9qcVN6gW1FOyfQG5Jkkjv%2FAHSF2t9CuGvfj4JSrCWgB1DJNvwWO3VsYDR6Jb6GQV"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers Cache-Control no-store, no-cache Connection keep-alive Content-Length 508 Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Content-Type text/html; charset=utf-8 Cross-Origin-Opener-Policy same-origin Cross-Origin-Resource-Policy same-origin Date Fri, 20 Oct 2023 03:22:41 GMT Location https://flirtooy.info/?aff_id=8&click_id=37_64923_8666_9a7c92cbd92f12155596f486a75b7d85&p10=69ce2bf4-3063-45ca-b7ca-7624a795a79f_13da416c8b50279c9151e97991b19235&source=64923&aff_sub=&aff_sub2=popunder-clickunder Origin-Agent-Cluster ?1 Referrer-Policy no-referrer Server nginx Strict-Transport-Security max-age=15552000; includeSubDomains Vary Accept X-Content-Type-Options nosniff X-DNS-Prefetch-Control off X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-XSS-Protection 0
GET		css2 fonts.googleapis.com/	0 0

GET		chunk-vendors.0ff68660.js flirtooy.info/js/	0 0

GET		app.fb43a6ff.js flirtooy.info/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Domain: flirtooy.info
URL: https://flirtooy.info/js/chunk-vendors.0ff68660.js

Domain: flirtooy.info
URL: https://flirtooy.info/js/app.fb43a6ff.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			myadsserver.com/	1970-01-20 15:37:38	Name: uclick Value: y9uo1za8
			myadsserver.com/	1970-01-20 15:37:38	Name: uclickhash Value: y9uo1za8-y9uo1za8-q5-0-fy-fyxibl-ktftdz-25b90a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discordnltros.xyz
domaincntrol.com
flirtooy.info
fonts.googleapis.com
go.gkrtmc.com
go.proffering.xyz
img.sedoparking.com
myadsserver.com
starburstgame.de
ww1.starburstgame.de
ww2.discordnltros.xyz
xml.sedodna.com
flirtooy.info
fonts.googleapis.com
172.255.248.125
173.239.53.32
205.234.175.175
2606:4700::6812:1b2d
2a03:b0c0:3:d0::51:6001
2a06:98c1:3121::3
64.190.63.136
64.225.91.73
65.21.84.133
72.52.179.174
0cfebda37a1898691b72fcb793f5b164cbdc5056e7e301d46a08b87e49aea9ce
0efacb67f33b09ce4a7e7d8b2cc339b13c563d83f4aedee9d2052ab91b4f1f22
5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

flirtooy.info Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

12 Requests

17 %HTTPS

30 %IPv6

10 Domains

12 Subdomains

6 IPs

3 Countries

15 kBTransfer

19 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

flirtooy.info Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

17 %
HTTPS

30 %
IPv6

10
Domains

12
Subdomains

6
IPs

3
Countries

15 kB
Transfer

19 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions