allreqdusa.com Open in urlscan Pro
2606:4700:3031::ac43:ce87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1698313959592.breezyjieduion.org.uk/
Effective URL:
https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&...
Submission: On October 28 via api (October 28th 2023, 5:04:54 am UTC) from US — Scanned from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 14 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3031::ac43:ce87, located in United States and belongs to CLOUDFLARENET, US. The main domain is allreqdusa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.

This is the only time allreqdusa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	172.104.190.11 172.104.190.11	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 3	51.68.85.158 51.68.85.158	16276 (OVH) (OVH)
1 1	34.91.27.112 34.91.27.112	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2606:4700:303... 2606:4700:3037::ac43:cceb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:1362	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.216.219.191 3.216.219.191	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:66d... 2600:1f18:66d3:cb10:c86b:e99:85e9:7476	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2606:4700:303... 2606:4700:3035::ac43:99ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:ce87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.157.216 172.67.157.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:6e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	9

3 172.104.190.11 (Singapore, Singapore) 3 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-190-11.ip.linodeusercontent.com

1698313959592.breezyjieduion.org.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1698469485529.aherdinate.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1698469486093.hurriedkibag.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.85.158 (France) 2 redirects

ASN16276 (OVH, FR)

www.rulecontreih.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.27.112 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.27.91.34.bc.googleusercontent.com

admoustache.media-412.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:cceb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.cogliatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.219.191 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-219-191.compute-1.amazonaws.com

sherouscolvered.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:66d3:cb10:c86b:e99:85e9:7476 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

nt-npltfpro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:99ee (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

adspredictiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:ce87 (United States)

ASN13335 (CLOUDFLARENET, US)

allreqdusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.157.216 (United States)

ASN13335 (CLOUDFLARENET, US)

feed.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.cn-rtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.ocmhood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:513 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ocmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cogliatu.com 1 redirects www.cogliatu.com	6 KB
3	ocmhood.com sdk.ocmhood.com — Cisco Umbrella Rank: 46381 t.ocmhood.com — Cisco Umbrella Rank: 11204	13 KB
3	adspredictiv.com 2 redirects adspredictiv.com	5 KB
3	rulecontreih.club 2 redirects www.rulecontreih.club	5 KB
2	cn-rtb.com feed.cn-rtb.com — Cisco Umbrella Rank: 59165 t.cn-rtb.com — Cisco Umbrella Rank: 66477	840 B
2	allreqdusa.com allreqdusa.com	20 KB
1	ocmtag.com cdn.ocmtag.com — Cisco Umbrella Rank: 48810	674 B
1	nt-npltfpro.com 1 redirects nt-npltfpro.com	3 KB
1	sherouscolvered.com 1 redirects sherouscolvered.com	600 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 377313	1 KB
1	media-412.com 1 redirects admoustache.media-412.com	270 B
1	hurriedkibag.top 1 redirects 1698469486093.hurriedkibag.top	294 B
1	aherdinate.info 1 redirects 1698469485529.aherdinate.info	448 B
1	breezyjieduion.org.uk 1 redirects 1698313959592.breezyjieduion.org.uk	447 B
14	14

	Domain	Requested by
4	www.cogliatu.com	1 redirects www.rulecontreih.club www.cogliatu.com
3	adspredictiv.com	2 redirects www.cogliatu.com
3	www.rulecontreih.club	2 redirects
2	t.ocmhood.com	sdk.ocmhood.com
2	allreqdusa.com	adspredictiv.com allreqdusa.com
1	t.cn-rtb.com	allreqdusa.com
1	cdn.ocmtag.com	sdk.ocmhood.com
1	sdk.ocmhood.com	allreqdusa.com
1	feed.cn-rtb.com	allreqdusa.com
1	nt-npltfpro.com	1 redirects
1	sherouscolvered.com	1 redirects
1	cdn.addlnk.com	www.cogliatu.com
1	admoustache.media-412.com	1 redirects
1	1698469486093.hurriedkibag.top	1 redirects
1	1698469485529.aherdinate.info	1 redirects
1	1698313959592.breezyjieduion.org.uk	1 redirects
14	16

This site contains no links.

Subject Issuer	Validity	Valid
www.rulecontreih.club R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-10`	a year	crt.sh
addlnk.com GTS CA 1P5	`2023-10-09` - `2024-01-07`	3 months	crt.sh
adspredictiv.com GTS CA 1P5	`2023-09-04` - `2023-12-03`	3 months	crt.sh
cn-rtb.com GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
ocmhood.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
Frame ID: B62213EDA8C13ED4AA2BA14481CABCDD
Requests: 13 HTTP requests in this frame

Frame: https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 048B394143BE5CE4996C38BCF1E47246
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Click Here to edit your LP title

Page URL History Show full URLs

http://1698313959592.breezyjieduion.org.uk/ HTTP 302
http://1698469485529.aherdinate.info/ca9b5c38-403b-4e15-8efa-5d51544ee9bf?n=1&t=1698469485529&l_next=aHR0cHM6Ly93... HTTP 302
http://1698469486093.hurriedkibag.top/fcb418dc-6f39-417b-aa9e-1a80ac565d89?n=2&t=1698469485529&l_next=aHR0cHM6Ly93... HTTP 302
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag= Page URL
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=42902e61d08ed2ac08e70f... HTTP 302
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.2742875623890... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330006acb4bf61fbcb48be02efd7b53e... HTTP 302
https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503 Page URL
https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=f31e77b4_503&c1=pub48f7c2ae9d2b4d988... HTTP 302
https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31... HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&su... Page URL
https://adspredictiv.com/jump/next.php?stamat=m%257CZ793PuIiaQdH8BH0dEdHP3xP.daf%252Csck4O5sI4-aQtp_1... HTTP 302
https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252CwjYTIjNWoGU3Bf-GH0dEdHP3xP.cd5%252CB... HTTP 302
https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R5... Page URL

Page Statistics

14
Requests

93 %
HTTPS

58 %
IPv6

14
Domains

16
Subdomains

9
IPs

4
Countries

49 kB
Transfer

86 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1698313959592.breezyjieduion.org.uk/ HTTP 302
http://1698469485529.aherdinate.info/ca9b5c38-403b-4e15-8efa-5d51544ee9bf?n=1&t=1698469485529&l_next=aHR0cHM6Ly93d3cucnVsZWNvbnRyZWloLmNsdWIvP3NsPTU2OTgzNTktYmZhY2YmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
http://1698469486093.hurriedkibag.top/fcb418dc-6f39-417b-aa9e-1a80ac565d89?n=2&t=1698469485529&l_next=aHR0cHM6Ly93d3cucnVsZWNvbnRyZWloLmNsdWIvP3NsPTU2OTgzNTktYmZhY2YmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag= Page URL
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=42902e61d08ed2ac08e70ffe7107e0e6&eyer=0.2742875623890655&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.2742875623890655&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330006acb4bf61fbcb48be02efd7b53e809021028-202310-flb*5698359-bfacf**sl_5698359-bfacf*64b6eb7e87c2e2138a8841217bf0e12d6213f829** HTTP 302
https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503 Page URL
https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=f31e77b4_503&c1=pub48f7c2ae9d2b4d988d3ab9e7094e8997 HTTP 302
https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503&s2=w1ed1levfif7g5ksi7avl9fq HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503 Page URL
https://adspredictiv.com/jump/next.php?stamat=m%257CZ793PuIiaQdH8BH0dEdHP3xP.daf%252Csck4O5sI4-aQtp_1PtdtNSzfkVcAHeA_q-IQmKH_J_5ELY4u9SRt3NjuazfBQFNbJr2p1rnJZpO-MZ76TV_sEv3UpE6DzEVz0BOZk669YZ9_9PpZxtiJAvCRyfurjBBCZ5EeKjrsfPNCbZL4r__FyWW-nU_Kjf5cIsiDA7ksA2J3UsvSDx2qzrFDVZ34eRdq&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503&cbur=0.6498661244045936&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252CwjYTIjNWoGU3Bf-GH0dEdHP3xP.cd5%252CBEF9eBV1GmIvskvf9Fe59Z4q2OEuZHOtfrZLjrlipU81iq2-rGEpnYnjvxpjN6JQRn26yNOd4ZcW_w9kZtnPYGZCVRiFM0hK1aR22EooO5dnlf3kHhE-yUUwVEmuMhB942KqyCWNr1HXb0NVBtftY879e6BGaj7op7jVA-D4Mw-ntiHN8t6ms8s_57llhNDcayn-FdxricUJ7e5swGO9K3KiTFlQzv2t2XZnQTGeoZAUUMs1yEW5uefgYK65BvR0VQeennvDm2WOmm9P0UNa0mRRR9ZZYBbDwdUtxm9TWBUzNfMM4EHMVeJoimsZ1rZywePP373h7et0Jg2WuLEYphqK0NoYv7iiJ6FZM4b8Ax5WPe_QFCRQElOnEZ3j2Gpuj6eLRtJjMFnycOTKpgeGzaaW5sSWCw8UynNnzKaRGCehYEKuZhn2Qf8VF9jsOba0YDEYX4C-dLKEQKUVYdZlJiNhGH-vl0AacococO2T3CMG5gpkdLsdGRtlD_4WX4pln0GQCzOKPrqlAjVgf5FtWCdsgaqIHR8cnYlPuBhwDImPHk9yIKKpbJXVqjZp1Q6aYcpSKS-B-i63SYUZyzsyfV4xfMrghQS77tckzhaNP6v0VhY5jkRDmpdzwUQL3ziHGn0EGaa8Zs1PUturRxhgLr17PZt6GMiNCgfdmfht7_1291lrJOk1uWhiiQA_6lsI HTTP 302
https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://1698313959592.breezyjieduion.org.uk/ HTTP 302
http://1698469485529.aherdinate.info/ca9b5c38-403b-4e15-8efa-5d51544ee9bf?n=1&t=1698469485529&l_next=aHR0cHM6Ly93d3cucnVsZWNvbnRyZWloLmNsdWIvP3NsPTU2OTgzNTktYmZhY2YmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
http://1698469486093.hurriedkibag.top/fcb418dc-6f39-417b-aa9e-1a80ac565d89?n=2&t=1698469485529&l_next=aHR0cHM6Ly93d3cucnVsZWNvbnRyZWloLmNsdWIvP3NsPTU2OTgzNTktYmZhY2YmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNrMiZ0YWc9&type_v=global&key_v=error HTTP 302
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=

Request Chain 1

https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=42902e61d08ed2ac08e70ffe7107e0e6&eyer=0.2742875623890655&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.2742875623890655&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330006acb4bf61fbcb48be02efd7b53e809021028-202310-flb*5698359-bfacf**sl_5698359-bfacf*64b6eb7e87c2e2138a8841217bf0e12d6213f829** HTTP 302
https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503

Request Chain 3

https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Request Chain 5

https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=f31e77b4_503&c1=pub48f7c2ae9d2b4d988d3ab9e7094e8997 HTTP 302
https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503&s2=w1ed1levfif7g5ksi7avl9fq HTTP 302
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
www.rulecontreih.club/
Redirect Chain

http://1698313959592.breezyjieduion.org.uk/
http://1698469485529.aherdinate.info/ca9b5c38-403b-4e15-8efa-5d51544ee9bf?n=1&t=1698469485529&l_next=aHR0cHM6Ly93d3cucnVsZWNvbnRyZWloLmNsdWIvP3NsPTU2OTgzNTktYmZhY2YmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWNr...
http://1698469486093.hurriedkibag.top/fcb418dc-6f39-417b-aa9e-1a80ac565d89?n=2&t=1698469485529&l_next=aHR0cHM6Ly93d3cucnVsZWNvbnRyZWloLmNsdWIvP3NsPTU2OTgzNTktYmZhY2YmZGF0YTE9VHJhY2sxJmRhdGEyPVRyYWN...
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=

4 KB
4 KB

444ms
143ms

Document
text/html

51.68.85.158
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Platform-Version
Cache-Control: no-transform
Connection: keep-alive
Content-Type: text/html
Date: Sat, 28 Oct 2023 05:04:47 GMT
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 224
Content-Type: text/html; charset=utf-8
Date: Sat, 28 Oct 2023 05:04:46 GMT
Keep-Alive: timeout=5
Location: https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=
Vary: Accept
X-Powered-By: Express

GET
H2

200

a91581ead4 Show response
www.cogliatu.com/rc/
Redirect Chain

https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=42902e61d08ed2ac08e70ffe7107e0e6&eyer=0.2742875623890655&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.2742875623890655&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330006acb4bf61fbcb48be02efd7b53e809021028-202310-flb*5698359-bfacf**sl_5698359-bfacf*64b6eb7e87c2e2138a8841217bf0e12d62...
https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503

2 KB
2 KB

224ms
163ms

Document
text/html

2606:4700:3037::ac43:cceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503
Requested by: Host: www.rulecontreih.club
URL: https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91bea7c14d3d439606f603b1e48e0c40eb0ce19b3225a92cd59c47be9dee5864

Request headers

Referer: https://www.rulecontreih.club/?sl=5698359-bfacf&data1=Track1&data2=Track2&tag=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d0a3ddfcb18da3-MIA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 28 Oct 2023 05:04:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV9oEvC7MpOdfzbasVuaTvFy57j9Lq%2BecrQDYlX7rIhMNBo9O1JucT43TajYcpGxEMVq2YErJnDzaM5i6jY0L%2FR1HE5CptzimAw0xS%2BpETvIrU%2Fq9ADF3zGAKJqbfDEk2QeEv4LuBedhkiwNnReM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Sat, 28 Oct 2023 05:04:48 GMT
location: https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503
referer
referrer-policy: no-referrer
server: nginx
x-adjust-use-original-forwarded-for: 1

GET
H2 200 redirect.css
cdn.addlnk.com/ 1 KB
1 KB 243ms
35ms Stylesheet
text/css 2606:4700:3034::6815:1362
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.addlnk.com/redirect.css
Requested by: Host: www.cogliatu.com
URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KKCGJJ38ZHHDDRHK
age: 2226
cf-polished: origSize=1680
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NGZr4Kxl9LlvUUCl6Bm0VhP+PPz7uZ/35EyyPUumhmJ+KKiZ6m1npl+dX8n5Lngilp/SN5iD7WsdhwpYnPv26g==
cf-bgj: minify
last-modified: Wed, 13 Mar 2019 00:03:12 GMT
server: cloudflare
etag: W/"3ae56d32551602b41f9046c14d1cfde2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXNgYlpANnyPZYKKG8pVm%2Fo8vlSa9K%2FpJa8APZl6a40%2B0%2FvMODOoNdtBg%2Bq1ReC7PDqkUWgZ7vu2YUCBCldHyLC72NYHUwGbuKM%2BCo6KTYEkCGi%2F3ISqztdJ2jZXhUwCHFcR2UoeP%2BRKPQxH7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 81d0a3e05b2621f4-MIA

GET
H3

200

main.js Show response
www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 048B
Redirect Chain

https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

7 KB
4 KB

34ms
33ms

Script
application/javascript

2606:4700:3037::ac43:cceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js

Protocol

Server

2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6077b0c0dffbdb9a91d293d4bddc3eb232485453bf13c432242607e2fae53bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:48 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fvu7JT9e5AYk0KU4OJIt%2FuZGzfcNJnH%2Fir%2FlfuqGC13UdQvJkvyuWGaGOyXD%2FF8lHuS%2B848Qx6%2FqdDCR0Khbcised6XxRgTky%2F6wVmFtAJab70PIRlOchfJJn1qC2xydU8UP2JxnJIIMJmuH67H2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81d0a3e0d8f9da1f-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 28 Oct 2023 05:04:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k6Gdr%2Bfop0xJ%2B0gHbw3dCUutMMwjYbgMF2cfTlEmw8PLKur0mNEqUZxkDcxhjLO6bwFDsKhcnpAJx8wjfZwCA5TlnAK25ULGNvE%2BjcMgaFM%2B%2BT2%2BDGvaFFnEUG19ZisPyNG6fzylSGNDQZJ2FbL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
cache-control: max-age=300, public
cf-ray: 81d0a3e09ef58da3-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 200 81d0a3ddfcb18da3
www.cogliatu.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 048B 0
554 B 45ms
45ms XHR
text/plain 2606:4700:3037::ac43:cceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/jsd/r/81d0a3ddfcb18da3
Requested by: Host: www.cogliatu.com
URL: https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 28 Oct 2023 05:04:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBMBcfHqZDfA6OCIweDygKIPOufydWrFAqZ6GM%2Bpvph1Cfle9p0RF6CnF0qy5sucA2RR3LBU3ktqHfOsz4G%2FJqDJKTqAjmHHMxDisZJwfElJPhzn3iKybVVUxLV6Pwuuww2rIwI9fhtk7giqMSSC"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 81d0a3e26ab5da1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

next.php
adspredictiv.com/jump/
Redirect Chain

https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=f31e77b4_503&c1=pub48f7c2ae9d2b4d988d3ab9e7094e8997
https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503&s2=w1ed1levfif7g5ksi7avl9fq
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503

7 KB
3 KB

322ms
91ms

Document
text/html

2606:4700:3035::ac43:99ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503
Requested by: Host: www.cogliatu.com
URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:99ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.cogliatu.com/rc/a91581ead4?affclick=653c967053cc3e00010a73ed&pubid=503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d0a3e9899b21eb-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 28 Oct 2023 05:04:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FABQy7xDoO0uoDRnMKqfmLICxonrkU2G1hQSJX7GlNjVDYAmqhFS0JL0vJhWCk7GSBC2ij%2BH8mhQXFo%2BUffKKRb3SXYfUz94O7RzYLTlvLMgJHKB8lgWVmaAPZN4N5cQsB7N0RQcCSLgTmEdttV%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
content-language: en-US
content-type: text/html;charset=ISO-8859-1
date: Sat, 28 Oct 2023 05:04:49 GMT
location: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503
server: nginx

GET
H2

200

Primary Request / Show response
allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/
Redirect Chain

https://adspredictiv.com/jump/next.php?stamat=m%257CZ793PuIiaQdH8BH0dEdHP3xP.daf%252Csck4O5sI4-aQtp_1PtdtNSzfkVcAHeA_q-IQmKH_J_5ELY4u9SRt3NjuazfBQFNbJr2p1rnJZpO-MZ76TV_sEv3UpE6DzEVz0BOZk669YZ9_9PpZ...
https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252CwjYTIjNWoGU3Bf-GH0dEdHP3xP.cd5%252CBEF9eBV1GmIvskvf9Fe59Z4q2OEuZHOtfrZLjrlipU81iq2-rGEpnYnjvxpjN6JQRn26yNOd4ZcW_w9kZtnPYGZCVRiFM0hK1...
https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960

31 KB
19 KB

170ms
96ms

Document
text/html

2606:4700:3031::ac43:ce87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
Requested by: Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ce87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8cf220b4a43975cf19de28dcdbc671a5b2cea5d100934db29f627974be9dca

Request headers

Referer: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=1b343004d9c94a93ab71159a8eb761882099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_f31e77b4_503
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d0a3ec3e1e2588-MIA
content-encoding: br
content-type: text/html
date: Sat, 28 Oct 2023 05:04:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1Ihe08qKty1tQbxLqBowTZAWlI3MvoH5nPf6Sru2BVxzIqRBqA75%2FHa5E%2FPrqjFUmGl69mqGl%2BEwsZuQZaFXlvvY4DGh0X1CSFoGa5s8J8UGvCS24AlQ%2F1mPtEvw5PBko7ZaDNduqbSCqXXug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81d0a3eb1dce6db3-MIA
content-type: text/html; charset=utf-8
date: Sat, 28 Oct 2023 05:04:50 GMT
location: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm2ToYL2boJlvLbpAVx74An4p2E0sZb0O2wc5JvYCN4sTj5s0bA5fodvt2gUxSUevF752NTyUz4zLxAzXy1d61QSo6RF%2BI7Dw88SAWuSg8KF1Vu%2BTjQ%2B9lInvWF4Sbry6sSnhq2dEqooolKUOWR2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AFU1kAAPatM Show response
feed.cn-rtb.com/v1/native/ 656 B
840 B 331ms
268ms Fetch
application/json 172.67.157.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=59995&uid=2521354b-5305-4049-9bc4-d304180da912&kw=download%20install
Requested by: Host: allreqdusa.com
URL: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.157.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b3b6aa021f107f7e28920892268a622872f879552fb6f4453ddcf2cc0cb1a3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
model
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpry1Hg%2Bj6ikHSO9CaIXcDSdmI%2Br2p6VwRjB3S2QA80EY1ZfQTNRxnxP9iLlNuyf%2FOn%2BcnLVORPnHrVQPkG2YX9XH7HjgJ8Ofi5ib%2FsP2sFk8MdJm0ZJRQRNFiEEfB4Kix4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 81d0a3ed4f5e228a-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 conf.json Show response
allreqdusa.com/hood/YWxscmVxZHVzYS5jb20=/ 49 B
409 B 64ms
63ms Fetch
application/json 2606:4700:3031::ac43:ce87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allreqdusa.com/hood/YWxscmVxZHVzYS5jb20=/conf.json
Requested by: Host: allreqdusa.com
URL: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ce87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd8c88faedeb4d7b6cd9f7b0e4d0bdb3cd1b7b478488adaf960e89e6e678c537

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Nov 2022 16:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6380e754-31"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFKPcfh0maoGznd2DfNRPAQyvXmipdCAZxqcSMEiNSyLCOkBxzRgtZaxtiO36CZ4XUoaCe6Il%2B202HBkqhXZ4z9eJvIDTGRU3sUVaB9YsL8dudna%2BQSK8zaHqmkRikxARFnv%2BltcZ4e%2FV8fbsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 81d0a3eceed22588-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ht.js Show response
sdk.ocmhood.com/sdk/ 29 KB
12 KB 95ms
35ms Script
application/javascript 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NigxNDY4MjE0Nj1p
Requested by: Host: allreqdusa.com
URL: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8

Request headers

Referer
Origin: https://allreqdusa.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2391
alt-svc: h3=":443"; ma=86400
service-worker-allowed: /
last-modified: Fri, 21 Jul 2023 09:35:24 GMT
server: cloudflare
etag: W/"64ba515c-2e63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6y%2FPZpAAGEWTpmyd9pPSVZbnX8ISw%2FtGsHamgbn9QuY9IIXNQOvR0ylQ5eALjSXxlhPpehpVw3RVKgaI%2BXjZoXTDuzIM3pbSQAyHVjDnvkJe9%2FApuaKJFu%2Fc%2Bz2IK3kqkU728wehvRceiTjqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 81d0a3edab5567d2-MIA

GET
H2 200 NjY4ZwSkNAFfmDQ2NigxNDY4MjE0Nj1p.js Show response
cdn.ocmtag.com/tag/ 191 B
674 B 97ms
34ms Script
application/javascript 2606:4700:3034::6815:513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2NigxNDY4MjE0Nj1p.js
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NigxNDY4MjE0Nj1p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a232242959acd39efd1919dc40d03f4488c2697faa0141f0adf10964a2c0ae

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 14:27:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 668
etag: W/"6380d0e0-bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K80cR5AwGGzzXx8Fntum9F%2B7nOyXbZlcgcNRSjxFmhtGTdYa89qZQJK1sP3djBFRDVVN1LWXEwvWovzXUWzRXYw4bWtRhvlUsESd%2FWXyia9susHabykfD583fCwO%2FnFe2JoblUSNPPD%2Bd56Ctg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 81d0a3ee5bd4259d-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 201 activity
t.ocmhood.com/v2/ 0
269 B 131ms
70ms Ping
application/octet-stream 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NigxNDY4MjE0Nj1p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 28 Oct 2023 05:04:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mURtyk15Whcf%2FE%2BozX8OFVdLXH25Pm9F6xCFDDnDhXkOFW6PiZd6tlPvfnkYYQdCoSIpjUBZiu0Jh7YkFDc5USJ%2F74sSsTbKk%2BUvbQBL5w5QiL3PzxGWaPVKZPQqGCMBLmrlUrB6UdQnDWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 81d0a3eeeb5867ec-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 201 activity
t.ocmhood.com/v2/ 0
432 B 126ms
67ms Ping
application/octet-stream 2606:4700:20::681a:6e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.ocmhood.com/v2/activity
Requested by: Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2NigxNDY4MjE0Nj1p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 28 Oct 2023 05:04:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdhDKh0K1LhIeVqz1yoV%2Bz9m6qN%2BWrZC2yj94jB64rU7gXQhoiawwuXaqHri80KXAjgWp7aZSn1m1kae4FT5Nrz40XgZ5miJoQlLrLe0f0A8i0nU%2BJgiXbaHHB%2Fe7Tg0E4b8TGvbR18MJAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: no-cache
cf-ray: 81d0a3eeeb5967ec-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 204 imp
t.cn-rtb.com/ 0
0 75ms
73ms Fetch 172.67.157.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.cn-rtb.com/imp?l2=HV9h3tDxsKfoDDJ7f56jvwok_jIJcrarEcF-dx0Z-YNNcy-dhepDy5kQlk_UfaFDjL8a4lzQEiWSJr8ODzzJJWyjfhzXU3-j9fCbXIPCtCFXDvXJUWbXPJTNdI_pc_sRXYCXNmFcCshZ3rCirFbZMSZ9CB3-8OTMznHEa_UCgePCKKZyEggfmRZ1Ukb5bxDh
Requested by: Host: allreqdusa.com
URL: https://allreqdusa.com/MphDTAuMtX7bXdv4G0xSft35gKxfYEYb18cdNjs_T-0/?cid=169846949010000TUSTV62001R550R1d05R1RR56Vbb0a4&pubid=3744083-887628016-3684866960
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.157.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 05:04:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jepswAn2KS%2FFd%2FaWS%2B4SWu2n0nAujzEg3cBfkys6wvKnzg0%2ByissSrR8tvdr1rY85WEyGXZnmhbarJd5fPGOk7cmzFOX%2B5KHif%2FRMbVM2Ig5mMToJ7tZ4HJcY8ZsemQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 81d0a3eef875228a-MIA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
admoustache.media-412.com/	1970-01-21 00:33:25	Name: afclick Value: 653c967053cc3e00010a73ed
www.cogliatu.com/	1970-01-20 15:57:54	Name: AWSALB Value: RgEItwaW0vHkva699eerwc1ubVOWzKVquhdOEatKLU4W9iljzvOPVGbX5mWgfkxQztphEsGiX28VlobMe39RLgv9utbB01UsKNH5jKl3KvtfWElYKnD3S0HL/e1c
.cogliatu.com/	1970-01-21 00:33:25	Name: cf_clearance Value: kx_V45ihIp.p0_piN07QuQAPuN.93cmgbBDtDEIR4rE-1698469489-0-1-e5ef4608.1530a87f.3407a175-0.2.1698469489
.sherouscolvered.com/	1970-01-20 15:49:15	Name: 48e1581e-25eb-44e8-8643-630ec6118413-v4 Value: 0brdIuDTGhnSn_30IBTV-L-jYoZ-1_SBast_FteDXUg
.sherouscolvered.com/	1970-01-21 00:33:25	Name: voluum-cid-v4 Value: %7B%22cid%22%3A%22w1ed1levfif7g5ksi7avl9fq%22%2C%22caid%22%3A%2248e1581e-25eb-44e8-8643-630ec6118413%22%7D
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_suid_v2_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_click_freq_v2_1_001 Value: O0bSZ3Md1bo7JW/RvsMNn4qndY+AEuxKlrkjo3FZcJpV1397cEd7dlsMRQCkrizx
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_suid_v1_1_001 Value: HPfHs3OFxkaNOwO68jCjbQ==
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_click_adv_freq_v2_1_001 Value: WGP2hL1mCj4amHrx09xylyIW2wDSjUGUd2EqQOD7Dl9drJJ6HT7TfhkGdpELx722
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_sid_v2_3_001 Value: jOZtKAbaQ/jjeQDjUXv8sza5Qy5I5QVtno+oRnzFN1X7ccNLZX9TauV84N7HnwYDpYh0dkgH6rHoD56F5B6uzdKmaJm1rv6a8AmvodMTYZ8at3y+BVjYw8/sWx+2I3byZNt53yvLZBTXo459x63jw+GDE9+h8C+J32IPvN1yM/vXJyi++p81o7mDiX8KrOulDqrJPFlD+qLaY1HhF6WuD/Bba/AIQhxdeSUo7HO3kmeggzaF1uyowq0VIvzr6xycCmfDoen6B6R28PEy/hbqNJ7nX1sOTb+gumZy557G7ZAT8DEily7EZ4NxiU1Hv2VLIcvbC6zpTC/GotJIWKuZrzHe0ZjAR9G77EeX8CdOqFW/8npGMaLUwC0zrwAezvrb3wf9N+ChTWZfiIrqz+pQ/ZPLkLLozaWhvZf5aIgzZVArrnxVUaoroXqkba4p00MWL2RwQJiFVpH+aCtxbJsl8bYi30guTDDet6zm0/1Cg7s4gbMbWm2gKhj//S2kcxICJjn4o2yNyvE0U5YlQ3ANNUddKgk5tvrEY6GCzoRScsqTFz7AFiQye93spXq/U0V2Vqburyth8EAK82Sz92O61G90uTc00vke0YLZsg7Sapv4CcgWpiqQLEZ1+cGExKiO/UPZDhZWcn6N0c1Eya7xeR3aIXv+C5ewZ7g1uu56m7Kcg8RSoKkgM3itWCr3Eo3qtWYL3I7ohliFhe50/lSfHbOZAwn2eHQjf6OnSxTaYEF8cNlYv6LPeJBBWZ5zvLyx/7uKA7Wd6T1x2/ncbKA/yKb37YEr8OnIqP76THO3AEuiJAL7vJNxpgiB5NLCwKBp3R74JYgP7mjLLu5GXEgKYaSgI14P4Ep+k9FnEfPRfN5htIgyriHpW8THwXkJtvSB5FHMjo2WnnBLaASK/jK4eO8nQBiWs110QR4zpY+sjNfWhyKebYwME870iy5pSYtlf+XSyFAUqT5RG7YuJfQsWsUVSvV8ueZEjK4WxdiX7+IsBw/juMXY6u/UD7q8U2YsCr4vfjkGHFSfBXmFPx2ouzkEpzoludZaYVgTVJabiOWPCCLbs9d3GPEFrSDaLCt+sT250DCS00GCOItwVLXWHTF/eG+PohmOdWBnfQKvWrNZMKB/uK8rvnlmtLBbhVeNm1Dyx52NppLLHNzMtv1WzQ==
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_click_freq_v1_1_001 Value: O0bSZ3Md1bo7JW/RvsMNn4qndY+AEuxKlrkjo3FZcJpV1397cEd7dlsMRQCkrizx
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_sid_v1_3_001 Value: jOZtKAbaQ/jjeQDjUXv8sza5Qy5I5QVtno+oRnzFN1X7ccNLZX9TauV84N7HnwYDpYh0dkgH6rHoD56F5B6uzdKmaJm1rv6a8AmvodMTYZ8at3y+BVjYw8/sWx+2I3byZNt53yvLZBTXo459x63jw+GDE9+h8C+J32IPvN1yM/vXJyi++p81o7mDiX8KrOulDqrJPFlD+qLaY1HhF6WuD/Bba/AIQhxdeSUo7HO3kmeggzaF1uyowq0VIvzr6xycCmfDoen6B6R28PEy/hbqNJ7nX1sOTb+gumZy557G7ZAT8DEily7EZ4NxiU1Hv2VLIcvbC6zpTC/GotJIWKuZrzHe0ZjAR9G77EeX8CdOqFW/8npGMaLUwC0zrwAezvrb3wf9N+ChTWZfiIrqz+pQ/ZPLkLLozaWhvZf5aIgzZVArrnxVUaoroXqkba4p00MWL2RwQJiFVpH+aCtxbJsl8bYi30guTDDet6zm0/1Cg7s4gbMbWm2gKhj//S2kcxICJjn4o2yNyvE0U5YlQ3ANNUddKgk5tvrEY6GCzoRScsqTFz7AFiQye93spXq/U0V2Vqburyth8EAK82Sz92O61G90uTc00vke0YLZsg7Sapv4CcgWpiqQLEZ1+cGExKiO/UPZDhZWcn6N0c1Eya7xeR3aIXv+C5ewZ7g1uu56m7Kcg8RSoKkgM3itWCr3Eo3qtWYL3I7ohliFhe50/lSfHbOZAwn2eHQjf6OnSxTaYEF8cNlYv6LPeJBBWZ5zvLyx/7uKA7Wd6T1x2/ncbKA/yKb37YEr8OnIqP76THO3AEuiJAL7vJNxpgiB5NLCwKBp3R74JYgP7mjLLu5GXEgKYaSgI14P4Ep+k9FnEfPRfN5htIgyriHpW8THwXkJtvSB5FHMjo2WnnBLaASK/jK4eO8nQBiWs110QR4zpY+sjNfWhyKebYwME870iy5pSYtlf+XSyFAUqT5RG7YuJfQsWsUVSvV8ueZEjK4WxdiX7+IsBw/juMXY6u/UD7q8U2YsCr4vfjkGHFSfBXmFPx2ouzkEpzoludZaYVgTVJabiOWPCCLbs9d3GPEFrSDaLCt+sT250DCS00GCOItwVLXWHTF/eG+PohmOdWBnfQKvWrNZMKB/uK8rvnlmtLBbhVeNm1Dyx52NppLLHNzMtv1WzQ==
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_click_adv_freq_v1_1_001 Value: WGP2hL1mCj4amHrx09xylyIW2wDSjUGUd2EqQOD7Dl9drJJ6HT7TfhkGdpELx722
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_uid_v1_1_001 Value: Lnq6oGCo9po8K0RlzmlFW9HWeK2XAe037v2SO8W2GowERmYtgcmlJzfV067cTDTt
.nt-npltfpro.com/	1970-01-20 17:57:25	Name: gdm_uid_v2_1_001 Value: Lnq6oGCo9po8K0RlzmlFW9HWeK2XAe037v2SO8W2GowERmYtgcmlJzfV067cTDTt
allreqdusa.com/	1969-12-31 23:59:59	Name: session Value: H6CEYfnMofd40dSvmVDDX1IJSo8sdYrD
.allreqdusa.com/	1970-01-21 00:33:25	Name: _ht_v Value: 1698469490.1497090784
.allreqdusa.com/	1970-01-20 15:47:51	Name: _ht_s Value: 1698469490.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1698313959592.breezyjieduion.org.uk
1698469485529.aherdinate.info
1698469486093.hurriedkibag.top
admoustache.media-412.com
adspredictiv.com
allreqdusa.com
cdn.addlnk.com
cdn.ocmtag.com
feed.cn-rtb.com
nt-npltfpro.com
sdk.ocmhood.com
sherouscolvered.com
t.cn-rtb.com
t.ocmhood.com
www.cogliatu.com
www.rulecontreih.club
172.104.190.11
172.67.157.216
2600:1f18:66d3:cb10:c86b:e99:85e9:7476
2606:4700:20::681a:6e4
2606:4700:3031::ac43:ce87
2606:4700:3034::6815:1362
2606:4700:3034::6815:513
2606:4700:3035::ac43:99ee
2606:4700:3037::ac43:cceb
3.216.219.191
34.91.27.112
51.68.85.158
17a232242959acd39efd1919dc40d03f4488c2697faa0141f0adf10964a2c0ae
6077b0c0dffbdb9a91d293d4bddc3eb232485453bf13c432242607e2fae53bd2
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
7a8cf220b4a43975cf19de28dcdbc671a5b2cea5d100934db29f627974be9dca
91bea7c14d3d439606f603b1e48e0c40eb0ce19b3225a92cd59c47be9dee5864
bd8c88faedeb4d7b6cd9f7b0e4d0bdb3cd1b7b478488adaf960e89e6e678c537
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b3b6aa021f107f7e28920892268a622872f879552fb6f4453ddcf2cc0cb1a3
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

allreqdusa.com Open in urlscan Pro 2606:4700:3031::ac43:ce87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

93 %HTTPS

58 %IPv6

14 Domains

16 Subdomains

9 IPs

4 Countries

49 kBTransfer

86 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

18 Cookies

Indicators

allreqdusa.com Open in urlscan Pro
2606:4700:3031::ac43:ce87 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

58 %
IPv6

14
Domains

16
Subdomains

9
IPs

4
Countries

49 kB
Transfer

86 kB
Size

18
Cookies

14 HTTP transactions
1 data transactions