affpreland.com Open in urlscan Pro
172.67.206.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7
Effective URL:
https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Submission: On May 06 via api (May 6th 2024, 10:00:30 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 172.67.206.192, located in United States and belongs to CLOUDFLARENET, US. The main domain is affpreland.com.
TLS certificate: Issued by E1 on April 14th 2024. Valid for: 3 months.

This is the only time affpreland.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:3c1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	172.67.206.192 172.67.206.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
18	3

1 2606:4700:3035::6815:3c1e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hhylead123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.206.192 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

affpreland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

deefauph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30080
6	affpreland.com 1 redirects affpreland.com	87 KB
3	deefauph.com deefauph.com — Cisco Umbrella Rank: 404383	16 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11492	543 B
1	hhylead123.com 1 redirects hhylead123.com	676 B
18	5

	Domain	Requested by
9	jouteetu.net	deefauph.com
6	affpreland.com	1 redirects affpreland.com deefauph.com
3	deefauph.com	affpreland.com deefauph.com
1	my.rtmark.net	deefauph.com
1	hhylead123.com	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
hhylead123.com

Subject Issuer	Validity	Valid
affpreland.com E1	`2024-04-14` - `2024-07-13`	3 months	crt.sh
deefauph.com R3	`2024-04-05` - `2024-07-04`	3 months	crt.sh
jouteetu.net R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
rtmark.net R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Frame ID: 5C87E7FC1DE67ADB43453AB6C04932D1
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Félicitation

Page URL History Show full URLs

http://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7 HTTP 307
https://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7 HTTP 307
https://affpreland.com/simple/FR/1/index.html?vid=foENVtFbRHpuVvJkpNgWBu19Gx HTTP 301
https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx Page URL

Page Statistics

18
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

103 kB
Transfer

234 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hhylead123.com/action/1
Title: CONTINUER

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7 HTTP 307
https://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7 HTTP 307
https://affpreland.com/simple/FR/1/index.html?vid=foENVtFbRHpuVvJkpNgWBu19Gx HTTP 301
https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
affpreland.com/simple/fr/1/
Redirect Chain

http://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7
https://hhylead123.com/fts/2euipafpxtou-1sccoptevdy7
https://affpreland.com/simple/FR/1/index.html?vid=foENVtFbRHpuVvJkpNgWBu19Gx
https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx

69 KB
8 KB

162ms
162ms

Document
text/html

172.67.206.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.206.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f30a80bd61bff66f6dd55466205307d808f4f2952fb3d9109503d0f4054e48

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
cf-cache-status: DYNAMIC
cf-ray: 87fc3e37ca34198f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 22:00:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tNKJOh01LqKsvy5fzBPTqBtoe1WywKkb%2Fd1SSzlnMCDdz1Z9j29L1O%2FHnLFzHasOm22saGt9uzIoK5D44ET9XC3vWZpytotSCJ9k4ipNWjhrgL1p1c5uwTXD3w%2BjliqlAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-nf-request-id: 01HX7YR7QFPRH69Z5R09JGKHTH

Redirect headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
cf-cache-status: DYNAMIC
cf-ray: 87fc3e3658b9198f-FRA
content-type: text/html; charset=UTF-8
date: Mon, 06 May 2024 22:00:25 GMT
location: /simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=30h4nlcVYipr8tME9YX7X0ZPzkTnQ%2Ft4tJG330G4uvgPDkh0bJIu%2BIaRL6xXoi7xZrg%2Fr4fydI1%2Fc0CUQGPai4vt%2FgR5tG85d4Ju%2B7kKpj5797tE1vDBXVGkZSBuzjDwkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-nf-request-id: 01HX7YR7G4BMD9ZPZ45S7N80H0

GET
H3 200 style.css
affpreland.com/simple/fr/1/ 59 KB
9 KB 98ms
97ms Stylesheet
text/css 172.67.206.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affpreland.com/simple/fr/1/style.css
Requested by: Host: affpreland.com
URL: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.206.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93c8e8b9a1362f9569a37aab876d0d97de5bc8f21c1ebd929199dac774b3fff5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX4V7SYWC0ZGJGTGFWWQRFK0
date: Mon, 06 May 2024 22:00:25 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=110199
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; fwd=miss
etag: W/"70dbaec04877024286c093338328dc9e-ssl-df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1BXp1k5USPSY%2B6iwNEfN4orWViJHlBbw4klF1c%2BikrR%2Fi8G8GX36lLdGk24EKGU8ZPkkQ2zeBK%2FwOHpcENlo48Y4gFcqIuLzQwOeiu68qkLmHLzHSOp3TSqG17p8tEvsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 87fc3e38db30198f-FRA

GET
H3 200 img.png
affpreland.com/simple/fr/1/ 65 KB
65 KB 59ms
58ms Image
image/png 172.67.206.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://affpreland.com/simple/fr/1/img.png
Requested by: Host: affpreland.com
URL: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.206.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ab1baf19cf94dd053fe4df0394175e7f7b212243e222333bb0f797bd4cc512

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX4V7T05B476SMJPVSA4MG7Z
date: Mon, 06 May 2024 22:00:25 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: "61794200dfc63a9abb605508bd4e33ca-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A1the88rKSPbeFOrLzkh3X9DtfBs00bEpMbArxaM3EIlbHqOvL1MhsM6R81H6JMkoMkzdKJjUHMjYOOeVHDi3XnYthtQxylAWmilaeBEPA4mktcc4gcJY8ODsfRyvZwpaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 87fc3e38db32198f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 66139

GET
H2 200 micro.tag.min.js Show response
deefauph.com/pfe/current/ 36 KB
15 KB 136ms
43ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Requested by: Host: affpreland.com
URL: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 06 May 2024 22:00:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Apr 2024 10:48:51 GMT
server: nginx
etag: W/"662a3513-9116"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

POST
H2 200 custom
jouteetu.net/ 0
0 159ms
46ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sw-check-permissions-34635.js
affpreland.com/ 0
830 B 61ms
59ms Other
application/javascript 172.67.206.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affpreland.com/sw-check-permissions-34635.js?zoneId=5742100
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.206.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX4V849DJ5KDWG62A5Y7FYTW
date: Mon, 06 May 2024 22:00:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=566
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"495e79324118206b0773159fa62154f2-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jaSJSt3euYtQAQd24oXehgUBBju7Z87pXji8Sbr4iYB86%2BxvfaZTc13QdO1eLL%2Bdt0EIKFEUzb4qDZASvsA1ZgLOOnr4TuWSs5iEoBm%2F4HW23yBJlDePW0bprGtt8wAFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400, must-revalidate
cf-ray: 87fc3e3aad50198f-FRA

POST
H2 200 custom
jouteetu.net/ 0
0 200ms
89ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
deefauph.com/ 0
368 B 46ms
44ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://deefauph.com/zone?&pub=0&zone_id=5742100&is_mobile=false&domain=affpreland.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=39dff9c6-0a86-489c-9cf4-43025385a902&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3LjExOCJ9LHsiYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNC4wLjYzNjcuMTE4In0seyJicmFuZCI6Ik5vdC1BLkJyYW5kIiwidmVyc2lvbiI6Ijk5LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 43b7794b6109723bdbb3bb9c237fdc6a
date: Mon, 06 May 2024 22:00:26 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://affpreland.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 200ms
90ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 158ms
48ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 159ms
49ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5742100&checkDuplicate=true&ymid=&var=&source=pusher

Requested by

Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e4e424118188b44a16f7d9b17b5855ffc5d746dc1446345e62c6e82ecbb405b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 22:00:26 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://affpreland.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 202ms
92ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 check.ico
affpreland.com/simple/fr/1/ 4 KB
2 KB 58ms
58ms Other
image/vnd.microsoft.icon 172.67.206.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://affpreland.com/simple/fr/1/check.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.206.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6459f3ec95bfc20777a020c1391c4ed6f41e0b3cde7c7a94d979ae88a1640e9a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HX6XHJ67KSQMQ1D1SA5KXR8W
date: Mon, 06 May 2024 22:00:26 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cache-status: "Netlify Edge"; hit
etag: W/"5bf490574009d39a2e4b719ae18d9a69-ssl"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C2kkdmRZiqwZBg6q8dwjidJENu0U3aWdjAvnUaclZgbqH%2FjuPaP7mB00IsrWJ%2Fxe4bYWMhz%2FR0XXn%2FbCyOcRxytNXiss945s39tKOwg%2F7YbhSZSeu9g2p9fsVzi3xR7yCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=14400, must-revalidate
cf-ray: 87fc3e3abd57198f-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 192ms
90ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 zone Show response
deefauph.com/ 801 B
1 KB 167ms
76ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://deefauph.com/zone?&pub=0&zone_id=5742100&is_mobile=false&domain=affpreland.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=39dff9c6-0a86-489c-9cf4-43025385a902&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjQifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjQuMC42MzY3LjExOCJ9LHsiYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyNC4wLjYzNjcuMTE4In0seyJicmFuZCI6Ik5vdC1BLkJyYW5kIiwidmVyc2lvbiI6Ijk5LjAuMC4wIn1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ3b3c2NCI6ZmFsc2V9

Requested by

Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bd6135145b8e7d1812e87dd7e2b2ed932c4123edbceaeaa6960e22ac2a3d8d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 3b3f798fc308c6ffedc63e3688e184d6
date: Mon, 06 May 2024 22:00:26 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://affpreland.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 801

POST
H2 200 custom
jouteetu.net/ 0
0 50ms
50ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 42ms
42ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 50ms
48ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: deefauph.com
URL: https://deefauph.com/pfe/current/micro.tag.min.js?z=5742100&sw=/sw-check-permissions-34635.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://affpreland.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| s object| zfgformats

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hhylead123.com/	1970-01-21 05:09:28	Name: vid Value: foENVtFbRHpuVvJkpNgWBu19Gx
			my.rtmark.net/	1970-01-21 05:09:28	Name: ID Value: 018054e1fb2f4188e2e3db9a6defdadb

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://affpreland.com/simple/fr/1/?vid=foENVtFbRHpuVvJkpNgWBu19Gx# Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affpreland.com
deefauph.com
hhylead123.com
jouteetu.net
my.rtmark.net
139.45.195.8
139.45.197.251
172.67.206.192
2606:4700:3035::6815:3c1e
12f30a80bd61bff66f6dd55466205307d808f4f2952fb3d9109503d0f4054e48
61ab1baf19cf94dd053fe4df0394175e7f7b212243e222333bb0f797bd4cc512
6459f3ec95bfc20777a020c1391c4ed6f41e0b3cde7c7a94d979ae88a1640e9a
93c8e8b9a1362f9569a37aab876d0d97de5bc8f21c1ebd929199dac774b3fff5
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
bd6135145b8e7d1812e87dd7e2b2ed932c4123edbceaeaa6960e22ac2a3d8d47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e424118188b44a16f7d9b17b5855ffc5d746dc1446345e62c6e82ecbb405b8

affpreland.com Open in urlscan Pro 172.67.206.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

103 kBTransfer

234 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

affpreland.com Open in urlscan Pro
172.67.206.192 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

103 kB
Transfer

234 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions