urlscan.io logo urlscan.io
SecurityTrails logo

popmyads.com Open in urlscan Pro
2606:4700:e4::ac40:a715  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
Effective URL: https://popmyads.com/404?dsc52264
Submission: On February 21 via manual from PL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 14 domains to perform 29 HTTP transactions. The main IP is 2606:4700:e4::ac40:a715, located in United States and belongs to CLOUDFLARENET, US. The main domain is popmyads.com. The Cisco Umbrella rank of the primary domain is 189250.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.
This is the only time popmyads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
2 3 51.68.82.147 16276 (OVH)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
1 1 51.161.115.163 16276 (OVH)
1 1 51.83.143.92 16276 (OVH)
1 7 2606:4700:e4:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
29 12
3    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
redirecting3.eu
3    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    51.68.82.147 (France)

ASN16276 (OVH, FR)
www.onemortrk.pics
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
t.bl-easycdn.com
8    2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)
zring.jukminung.com
kixa.jukminung.com
2    2606:4700:3030::6815:4a8d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.gositego.live
1    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.hightid.com
1    51.83.143.92 (France)

ASN16276 (OVH, FR)
PTR: ns3155458.ip-51-83-143.eu
ron.trffclb.com
7    2606:4700:e4::ac40:a715 (United States)

ASN13335 (CLOUDFLARENET, US)
popmyads.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 jukminung.com
zring.jukminung.com
kixa.jukminung.com — Cisco Umbrella Rank: 149804
53 KB
7 popmyads.com
popmyads.com — Cisco Umbrella Rank: 189250
42 KB
3 onemortrk.pics
www.onemortrk.pics
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
3 redirecting3.eu
redirecting3.eu — Cisco Umbrella Rank: 379190
48 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 15992 Failed
widgets.amung.us — Cisco Umbrella Rank: 14700
686 B
2 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 402298
2 KB
1 gstatic.com
fonts.gstatic.com
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
780 B
1 trffclb.com
ron.trffclb.com — Cisco Umbrella Rank: 359860
294 B
1 hightid.com
t3.hightid.com — Cisco Umbrella Rank: 148474
292 B
1 gositego.live
track.gositego.live — Cisco Umbrella Rank: 93434
255 B
1 bl-easycdn.com
t.bl-easycdn.com
9 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
346 B
29 14
Domain Requested by
7 popmyads.com 1 redirects kixa.jukminung.com
popmyads.com
4 kixa.jukminung.com zring.jukminung.com
redirecting3.eu
kixa.jukminung.com
4 zring.jukminung.com t.bl-easycdn.com
redirecting3.eu
zring.jukminung.com
3 www.onemortrk.pics 2 redirects redirecting3.eu
3 www.google-analytics.com redirecting3.eu
www.google-analytics.com
3 redirecting3.eu redirecting3.eu
2 cdn.addlnk.com zring.jukminung.com
kixa.jukminung.com
1 fonts.gstatic.com fonts.googleapis.com
1 widgets.amung.us popmyads.com
1 fonts.googleapis.com popmyads.com
1 whos.amung.us popmyads.com
1 ron.trffclb.com 1 redirects
1 t3.hightid.com 1 redirects
1 track.gositego.live 1 redirects
1 t.bl-easycdn.com www.onemortrk.pics
1 stats.g.doubleclick.net www.google-analytics.com
29 16

This site contains no links.

Subject Issuer Validity Valid
*.redirecting3.eu
E1		 2023-01-04 -
2023-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
www.onemortrk.pics
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh
*.bl-easycdn.com
GTS CA 1P5		 2023-02-17 -
2023-05-18		 3 months crt.sh
*.jukminung.com
E1		 2023-01-20 -
2023-04-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://popmyads.com/404?dsc52264
Frame ID: 2C42D33FBD2F51FFF4517A34B3513032
Requests: 24 HTTP requests in this frame

Frame: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Frame ID: F916EC1293FDA60D22A142849BFB8D7D
Requests: 3 HTTP requests in this frame

Frame: https://kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Frame ID: B102A5D367A798D12412D4094BE618EF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error Page - 404

Page URL History Show full URLs

  1. https://redirecting3.eu/p/C2GZ/tJsl/ZRJc Page URL
  2. https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673 Page URL
  3. https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=99ad8135b24fff7a1... HTTP 302
    https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=3&eyer=0.20357163... HTTP 302
    https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid= Page URL
  4. https://zring.jukminung.com/rc/22e841bd3c?affclick=23022123_01_371812_d40cc9c7e6715&pubid=a371812s&affe=... Page URL
  5. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubd1639a379ba944d896ab8130d3a8f... HTTP 302
    https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s Page URL
  6. https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pubf6ebe4947928... HTTP 302
    https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  7. https://popmyads.com/gget HTTP 302
    https://popmyads.com/404?dsc52264 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

93 %
HTTPS

71 %
IPv6

14
Domains

16
Subdomains

12
IPs

6
Countries

190 kB
Transfer

506 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://redirecting3.eu/p/C2GZ/tJsl/ZRJc Page URL
  2. https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673 Page URL
  3. https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=99ad8135b24fff7a12ba5e08e1fbf54f&eyer=0.20357163279633084&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirecting3.eu HTTP 302
    https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=3&eyer=0.20357163279633084&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirecting3.eu HTTP 302
    https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid= Page URL
  4. https://zring.jukminung.com/rc/22e841bd3c?affclick=23022123_01_371812_d40cc9c7e6715&pubid=a371812s&affe=rdmfl Page URL
  5. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubd1639a379ba944d896ab8130d3a8f4f1&sub2=0fb72fee_a371812s HTTP 302
    https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s Page URL
  6. https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pubf6ebe49479284e0585e196b951bbfc9f&s=039ae99a HTTP 302
    https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP 302
    https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
  7. https://popmyads.com/gget HTTP 302
    https://popmyads.com/404?dsc52264 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=99ad8135b24fff7a12ba5e08e1fbf54f&eyer=0.20357163279633084&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirecting3.eu HTTP 302
  • https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=3&eyer=0.20357163279633084&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirecting3.eu HTTP 302
  • https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
Request Chain 14
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubd1639a379ba944d896ab8130d3a8f4f1&sub2=0fb72fee_a371812s HTTP 302
  • https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
Request Chain 19
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pubf6ebe49479284e0585e196b951bbfc9f&s=039ae99a HTTP 302
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a HTTP 302
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Request Chain 26
  • https://whos.amung.us/swidget/popmyads404.png HTTP 307
  • https://widgets.amung.us/small/73/7307.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ZRJc
redirecting3.eu/p/C2GZ/tJsl/ 		49 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb06c12926160fb2be62840362ffa54be46629d361665582c4b389e84134014

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
79d2f8c72b2b365d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 21 Feb 2023 22:38:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fez%2BaCWjTqJzkgYM9HFFhOSFliAbWSjOBC9r8DdeJr5gyCw4gpzxEbbSFvCph%2FYJE%2BbeqYhVee%2B8QjhDWCreV%2FXXgaeCCWhWbecseISRuD7vmuTDxnNcQE0Ls529bJzz80cuGv4PjvgrbdHRdlI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
envoirment.js
redirecting3.eu/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172

Request headers

device-memory
8
Referer
https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 May 2022 11:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5638
etag
W/"627a4b7c-8078"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khoBaYBCLgXDFjGdorFYjdRtrttT5VZxWXNtHlH9dTzwnoHTY5FXEhEi%2BUEAsVw%2Fkz5nLhAghWvquzj7XX65U9%2FHrJ0edASMT1D59LR%2BfAXFshMHIkKQEhCo6%2BH7%2BFH7xjbth7%2FCbxgR%2FuZVslY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79d2f8c8bcdf365d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c6de59ac3d3af5a933097175b25928d4540b04d1d233f34f5668ddfd1d8e640

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://redirecting3.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Feb 2023 21:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5175
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 21 Feb 2023 23:12:06 GMT
finger
redirecting3.eu/ 		20 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://redirecting3.eu/finger
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

device-memory
8
Referer
https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Feb 2023 22:38:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0j12tC9R8ztCIi65LRqT4s11RHV8dRQJSgMS0CAcNCJKh%2BO5e89Bwx5nyerJ1IVvjyIGcs%2FhClrEyk%2F25Z08hu350T0bodTVKejKhgCC2qwIsssSaEC8fDeNoqSR0avBQB713LkebkCjpHtj1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
79d2f8c9dabe3a79-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=401917844&t=pageview&_s=1&dl=https%3A%2F%2Fredirecting3.eu%2Fp%2FC2GZ%2FtJsl%2FZRJc&ul=en-us&de=UTF-8&dt=redirecting3.eu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1506695299&gjid=1313755392&cid=1387924821.1677019102&tid=UA-110090096-2&_gid=252249347.1677019102&_r=1&_slc=1&z=2028121651
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 22:38:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
111 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Feb 2023 22:38:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-110090096-2&cid=1387924821.1677019102&jid=1506695299&gjid=1313755392&_gid=252249347.1677019102&_u=IEBAAEAAAAAAACAAI~&z=814371150
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://redirecting3.eu/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 21 Feb 2023 22:38:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://redirecting3.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.onemortrk.pics/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/js/envoirment.js?id=a535a99b3fccb8f0756e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.82.147 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://redirecting3.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Tue, 21 Feb 2023 22:38:22 GMT
Transfer-Encoding
chunked
/
t.bl-easycdn.com/directclick/
Redirect Chain
  • https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=99ad8135b24fff7a12ba5e08e1fbf54f&eyer=0.20357163279633084&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirecting...
  • https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673&eyeg=3&eyer=0.20357163279633084&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=redirecting3.eu
  • https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
25 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
Requested by
Host: www.onemortrk.pics
URL: https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50104cf47a1337995ba070ac9903610c4235d7bef42f9ea9ea10cf66a5fd0def

Request headers

Referer
https://www.onemortrk.pics/?sl=5580325-f91d8&tag=mlClick-EVEaTWiw&website=637673
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
79d2f8cd58ee6946-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 22:38:22 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxE8eiF%2BIKjLaNI4hrREk4mYN9fODbdCk5OtI%2FJz8EakvZJ1HfIpdnLLEN2DCCPHOj2lXHr0DP5AzD9TbBVnztYpGfWy87dJjoqYHD2eZQLcG9CvR8lX8K5gPQqkC0FoWV6HQbNc4LQd%2B8ZrR6rZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
0
Date
Tue, 21 Feb 2023 22:38:22 GMT
Location
https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
22e841bd3c
zring.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/rc/22e841bd3c?affclick=23022123_01_371812_d40cc9c7e6715&pubid=a371812s&affe=rdmfl
Requested by
Host: t.bl-easycdn.com
URL: https://t.bl-easycdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62dc836069adad8bdffbccafbfbe6c05da51bbe671399db7359886ed2f8402c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2f8cf3e6f36df-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 22:38:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUUOTVltvZJ81GaRUxleWAaherdFmt9A57vS7JfWs2m5HCnX9YWKa%2FjyTTWpR3sxnrBxtosV1Q4xnv5gRNMO0yYmqNYeVE3%2B4ovIrXTZNlswGcZ2fVyhlFEsYnIepWoZXazuPyq1oT6kUuTS1hORXV%2BE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=23022123_01_371812_d40cc9c7e6715&pubid=a371812s&affe=rdmfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
3485
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BoFeINQDSEPrC%2FRhAKhg6mQev6BLxtzI6tFvRjT%2BMIE2ANz9H%2Bt0rarl18HtZRDXeKy11fhJGE4tuDIx9Bf7jR7NNpVcY4vwBn1gENCZI2pJiUxsbqKHmcyT7EBL%2FVIi8yg31luPSXA4Jejag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
79d2f8d09fad30ee-FRA
invisible.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame F916 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f3fa8a0929bf15eefdf2a1793edbf1f0298aafd6726de8339c9b90e5a925d8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Blj1tRHVr8LIGm3Npc3DPvXtkCSmtauW6KcBX%2FfpSRPXDyQ0NqWvmMj%2Bc76pF1Yraj%2BBsiBPJPFH1zt%2FQQs6ahIAg80mA6HPRciFd3DhfTpRSHLE%2F%2FStSUII8%2FNMOZerIm44etJLGLX1CLCMgUUaii9p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d2f8d0d83536df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame F916 		21 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a66981a46ce0026c59fe8bc15fb7e881db625766073aaeb15ef9ec011e8e8d2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqZO%2BJCbBlNdQkPgWQuDvwrtCCe8A%2FaDoCVqyt5qiyn4MbQ7FpZ0EMUAlC518R83hWN08tZ0Rnjeeo3CnPR6RQw4xs8lvvxaMFd%2F4ufblKjkLUHeHMTHhIFv17uOWJeweWZJUERlHMJmDJa4bSIpFBUE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d2f8d1187f36df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
19aff8b744
kixa.jukminung.com/rc/
Redirect Chain
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubd1639a379ba944d896ab8130d3a8f4f1&sub2=0fb72fee_a371812s
  • https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
Requested by
Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/22e841bd3c?affclick=23022123_01_371812_d40cc9c7e6715&pubid=a371812s&affe=rdmfl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d776ec936801ad6711073c569b0229bc62997be1999d6c4fee0d0532e86d5b

Request headers

Referer
https://zring.jukminung.com/rc/22e841bd3c?affclick=23022123_01_371812_d40cc9c7e6715&pubid=a371812s&affe=rdmfl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2f8d2fa7a36df-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 21 Feb 2023 22:38:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PyccSUGhoPXNw1IKribbK0%2FxFynbWREYY61Cv2FAMlgwrnfPdan7Beeh6B3TJUagwBbN%2BcbmV0DzAPJBE5yYgNEJZQ1A59epslebz55%2BWhS5ew%2FceflQlN26kQYYcm4f3VPjOcbT0vOHGzCxMsT0Dn0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Tue, 21 Feb 2023 22:38:23 GMT
location
https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
server
nginx
x-adjust-use-original-forwarded-for
1
79d2f8cf3e6f36df
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F916 		2 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/79d2f8cf3e6f36df
Requested by
Host: zring.jukminung.com
URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Feb 2023 22:38:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytJx9%2B6itcGVIPjSETE1KLWkARM1Ye6vOIXEhzfLmvFB6JiRQkuyUzlLjcUtOFfLnCyX6Of0vE8hC9UZX%2BX%2BSBzgAU%2FqovEYVtT9wUDzRFnsI5bdW7jUMKYMg4niLFCm9T0afsZwx2LQYSqTLN9dndon"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79d2f8d2e97139d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect.css
cdn.addlnk.com/ 		1 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: kixa.jukminung.com
URL: https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
3486
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jr95TebZzApMbI1pRGJCOzHDCEnFAKLTxnnPsmJUpOUkkjazZTS%2F%2Bj6mAVpEjTNfkZylS1oPB%2FTQUDxTIlXV%2BlTBkU8K0L%2B%2FcHAb1p2M%2BezW9GvH%2BAp5ptykPgwvEzSMS1imCZnIQm3MTLogYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
79d2f8d3eb7030ee-FRA
invisible.js
kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame B102 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Requested by
Host: redirecting3.eu
URL: https://redirecting3.eu/p/C2GZ/tJsl/ZRJc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e7429b4fe11e93326d6dffae9881be7c32ac442ec539cacafabeff3d4259712

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Syoem6Qg52mFClpN5uJGeZPofv9gsqgzVoefKc%2BBvY2d%2BO2DOp1AZbIRhhGhC3w42XFCquQ0me609adx%2FB61ImSpZF43c%2BP1VPjBh%2Btbm5m0TTjlkkXfpI6O9ig42oL84V8H%2BXBYxbdqzjEaVOASM%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d2f8d41ab839d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame B102 		22 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7614fb47fa445aafb00408a246c7b5ef02fa44ef286970f4c2abe91b43d9c0a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HtY5iSQevqbgItZCWNRw3ccOgPVX9ofsaxbIVbNJuNg%2BU4v7aUZbC%2B4ROSSNd2bQn4g4KKufCRhAZct%2BzPeABGxqbPc8%2BiKpa9s5Cn7vgWuTIDPLg%2BEGhUcIGhxZjXM4VzNATnFLjwX4DCVzpjmlcE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
79d2f8d47b0839d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL3RyYWZmaXgxMy5jb20=
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/
Redirect Chain
  • https://t3.hightid.com/s.php?p=c%3As_8942pggbfij953c&d=631f396258fd6b044f727c62&pid=pubf6ebe49479284e0585e196b951bbfc9f&s=039ae99a
  • https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_039ae99a
  • https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Requested by
Host: kixa.jukminung.com
URL: https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Referer
https://kixa.jukminung.com/rc/19aff8b744?affclick=63f547df96101d000129daa5&pubid=930_0fb72fee_a371812s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2f8d9d8199131-FRA
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Tue, 21 Feb 2023 22:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Izx5cGkJRFbq0vthFP55mcRYSM2EtgWIwDaUMc%2BcAH%2F0OZe9PtspjhaDRk2QPRkSTMNllQJoTpYnEgFMnvnkWwGfNrWkGy9YTDwOcKdWfsimoD%2BH6ezIiaDtkPnaBPfzeZXa6Gtx%2Bu%2BlvkM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
DENY
x-powered-by
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 21 Feb 2023 22:38:24 GMT
Location
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Raund
12uf2w0vxv-300
Round
11kgq037yu
Server
nginx
79d2f8d2fa7a36df
kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame B102 		2 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/79d2f8d2fa7a36df
Requested by
Host: kixa.jukminung.com
URL: https://kixa.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Feb 2023 22:38:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gp0ZFeih9qSE%2FzRnfnJ0H8neSL9ImYeTRAtsxI%2FmCpRI1dZLUm%2B6KpD3%2BStHypJjjZgetfpT%2BiSZo3rYOX%2BED%2FPcsc4VvgY8hN2WS6Vy3i%2B2Kjy25F0NIadCY7ruMoRCqHBKic%2Bg0eAXGIjhyN1WX0A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
79d2f8d72d7f39d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
popmyads.png
whos.amung.us/swidget/ 		0
0
Primary Request 404
popmyads.com/
Redirect Chain
  • https://popmyads.com/gget
  • https://popmyads.com/404?dsc52264
837 B
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/404?dsc52264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
ee753ae9bc8a63c26a8cfad53c2beb154512129a84273a655ebd4c5d3602c6b1

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://popmyads.com
Referer
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2f8daac1f2bb2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 21 Feb 2023 22:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4sHnS2OKopX7tRzouBPAqcQ%2FlwkZjUnY2e6oEvkCW5GtNsolKIcWkC8o8Clfa1cNiBRuLYrabhSDeMo%2BIGfNCfyclpGBH1CuR%2FiyYj6w7K7BrB%2Feq9PG%2Bt8S2eqKT9oqlj6uNAW%2F0FgtCc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79d2f8da489a9131-FRA
content-type
text/html; charset=UTF-8
date
Tue, 21 Feb 2023 22:38:24 GMT
location
https://popmyads.com/404?dsc52264
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMrf7j0z1sl6pxefAwAxmKT6t4RG%2B9D6%2BtSBRNMP6SOUqqtR9vCrArVMljH6cUw4ZS8aaMsH7mWqHBREvj51TR945ECkj0QUfc31Mrz4QevmSld1LA7f3wlLsHX2hJulWTfhuX0hhjK4d4E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
bootstrap.min.css
popmyads.com/dashboard/bootstrap/css/ 		104 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/dashboard/bootstrap/css/bootstrap.min.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc52264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f61350bc40d801c8fa2b14d71dec2b79a720ac264c71b807ddb73d378af9850

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://popmyads.com/404?dsc52264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1860
etag
W/"1a046-5588f3ea32480"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLs8u96kSl5i%2FLyvOTwY5bx%2FbP5oL6KXNy517apj0P6IAbXNR7VCcM0hQ8Z%2FoyTkW7ca6Nz79TmN2%2FhDztHZTqrmIxeYjiEjjvQoB31iMsHUWuyeWUmMYtL0rFgep%2BgRUm9v8t0KefL%2F%2BtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
79d2f8db0c822bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap-responsive.min.css
popmyads.com/dashboard/bootstrap/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/dashboard/bootstrap/css/bootstrap-responsive.min.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc52264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4289c63fd2b0ae5926316028943355967883265d9907d35e3c3effe4c3a09cd4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://popmyads.com/404?dsc52264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1051
etag
W/"41ab-5588f3ea32480"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VO9n7JifBw7kEC0J2pVnnsG7DGCeDBZA621GLn4KE52YhfCLcni0vsm8V5LeBJS5QsQLv6Rrkh9jragMfPXDurWcngzNijtHLs5qvY3awHZi79ZqIb2441T95vmqDtZqGz%2F2Mjkd4f8qJbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
79d2f8db0c842bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
popmyads.com/dashboard/css/ 		55 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popmyads.com/dashboard/css/style.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc52264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc4a8c6d724075c74427caf23af8f977bb340c649a9d64b6613ba4b92e695c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://popmyads.com/404?dsc52264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1860
cf-polished
origSize=64686
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 Oct 2017 12:00:14 GMT
server
cloudflare
etag
W/"fcae-55b300cbfaf80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsrO6Q5wjSSx60UMXVjnvJ%2B6mWVUcocC3XmessJapr5LqSZO5y12XBeunr38sCVHFt9t20U36nfLEst0pb6q5SSQUTbMYTe6h4R3ESvvy1wHG%2BxWIKy9OHBAFceLszfAh4eAkRzJISR%2B94k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
79d2f8db0c862bb2-FRA
css
fonts.googleapis.com/ 		702 B
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jockey+One
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc52264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09088d60c2905c74c47b0285ef80746183d263c11e786ebfe42be96d5d2b35f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Feb 2023 22:38:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 22:38:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Feb 2023 22:38:24 GMT
7307.png
widgets.amung.us/small/73/
Redirect Chain
  • https://whos.amung.us/swidget/popmyads404.png
  • https://widgets.amung.us/small/73/7307.png
342 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/73/7307.png
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc52264
Protocol
H2
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59346e0c6df2c02b08b31f92460e997c49987cdb31ecef91a50c0bdcd498c4d5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:24 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:48:36 GMT
server
cloudflare
age
365151
etag
"4c14a974-156"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
79d2f8dc19d42ba9-FRA
content-length
342
expires
Sat, 18 Feb 2023 17:12:33 GMT

Redirect headers

location
https://widgets.amung.us/small/73/7307.png
date
Tue, 21 Feb 2023 22:38:24 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79d2f8db08a22ba9-FRA
content-type
text/html; charset=UTF-8
error_big.png
popmyads.com/dashboard/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://popmyads.com/dashboard/img/error_big.png
Requested by
Host: popmyads.com
URL: https://popmyads.com/dashboard/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e4::ac40:a715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c7678c897eef56940c85ccfdcc81ef648cd6724bf362f2bd94d613cbb067f50

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://popmyads.com/dashboard/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 22:38:24 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2833
etag
"10b6-5588f3ea32480"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kuo94iuoHjAxorlObmUFGT31Yao7Yz1oMNRjbd0NWnd7LWimXKDK4WzE%2Bnd7uc8j6n0SZsBA3%2Bnog6INQJoTUKWVMTIBfv3bdShrnLjioPG9Zlgy91xKBClVd21LHilx%2FbkXlItZqmC7%2FNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79d2f8dbbd5c2bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4278
HTxpL2g2KjCFj4x8WI6AnIHxHA.woff2
fonts.gstatic.com/s/jockeyone/v15/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jockeyone/v15/HTxpL2g2KjCFj4x8WI6AnIHxHA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jockey+One
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bffb1c46787b8b805539b401c7d557c497dcc6cfc2247ee8effc2a5a540a3714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://popmyads.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:08:31 GMT
x-content-type-options
nosniff
age
480593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9336
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:28:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 09:08:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

14 Cookies

Domain/Path Name / Value
redirecting3.eu/ Name: 41c5992836ce3b548d2ab9f4e4ccb0b4
Value: 41c5992836ce3b548d2ab9f4e4ccb0b4
.redirecting3.eu/ Name: _ga
Value: GA1.2.1387924821.1677019102
.redirecting3.eu/ Name: _gid
Value: GA1.2.252249347.1677019102
.redirecting3.eu/ Name: _gat
Value: 1
.bl-easycdn.com/ Name: checkkeks
Value: 1
.bl-easycdn.com/ Name: eTag
Value: 780aba58cfb98e8a9c2409bc42189025
.bl-easycdn.com/ Name: ck_uniques
Value: 1677105501%3A24589-115227
.bl-easycdn.com/ Name: ck_uniquesPa
Value: 1677105501%3A89322
.bl-easycdn.com/ Name: ck_sys_uniques_3
Value: 1
.bl-easycdn.com/ Name: u_current_ads_view
Value: 89322----
zring.jukminung.com/ Name: AWSALB
Value: A5OOVkvrO6a7s+2dGuQJlrgBBKRuM6zj9QEymy4tWTs3W+WqLpEF/xist2qkZ0ngQK7itkLyBbnt2Lwndt4EY3vLhn1sqe419zt3ibkXq3tFmkXYkFCC3syGtvfr
track.gositego.live/ Name: afclick
Value: 63f547df96101d000129daa5
kixa.jukminung.com/ Name: AWSALB
Value: QOB4AONoQEnTZSy2q3NeLQTxkPWgDoRDOMSXZAQWFoZzNC/hAa/mPgg6oQbBbWjoBY/P2naJ1FebJFx1rZzVkLebHrAd2MyM397LNnSSv35Qen+GDIiCdgZlz1rJ
.jukminung.com/ Name: __cf_bm
Value: lZb1Ep0ISqgBbu3u.38lg.0wGh.9UXvgNZO7iBt7W8k-1677019103-0-ATRDcAINf+SniTDfX1ogquAek+REfHQFSNwWOIlQWAYgrjf7fA4NZNLQJkeMgJaZIJKH+rguKsm82NIbXpLbx9Kizi3x3tuWFTtDqjFcCqaSKhexc6KZheT/0fnXcYROzH63Uy1Wv9dRKhz+GFHTYG8=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.addlnk.com
fonts.googleapis.com
fonts.gstatic.com
kixa.jukminung.com
popmyads.com
redirecting3.eu
ron.trffclb.com
stats.g.doubleclick.net
t.bl-easycdn.com
t3.hightid.com
track.gositego.live
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.onemortrk.pics
zring.jukminung.com
whos.amung.us
2606:4700:10::6816:4aab
2606:4700:3030::6815:4a8d
2606:4700:3031::ac43:92ee
2606:4700:e4::ac40:a715
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2003
2a00:1450:400d:803::200e
2a00:1450:4025:402::9d
2a06:98c1:3120::3
2a06:98c1:3121::c
34.91.234.242
51.161.115.163
51.68.82.147
51.83.143.92
09088d60c2905c74c47b0285ef80746183d263c11e786ebfe42be96d5d2b35f6
0cb06c12926160fb2be62840362ffa54be46629d361665582c4b389e84134014
2e7429b4fe11e93326d6dffae9881be7c32ac442ec539cacafabeff3d4259712
3bc4a8c6d724075c74427caf23af8f977bb340c649a9d64b6613ba4b92e695c0
3c6de59ac3d3af5a933097175b25928d4540b04d1d233f34f5668ddfd1d8e640
3c7678c897eef56940c85ccfdcc81ef648cd6724bf362f2bd94d613cbb067f50
4289c63fd2b0ae5926316028943355967883265d9907d35e3c3effe4c3a09cd4
4f61350bc40d801c8fa2b14d71dec2b79a720ac264c71b807ddb73d378af9850
50104cf47a1337995ba070ac9903610c4235d7bef42f9ea9ea10cf66a5fd0def
59346e0c6df2c02b08b31f92460e997c49987cdb31ecef91a50c0bdcd498c4d5
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6a66981a46ce0026c59fe8bc15fb7e881db625766073aaeb15ef9ec011e8e8d2
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a2360f05aaa5110f0891046d08ab93ee8bfd6249debd8d8c1d173eac2dd5e172
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6d776ec936801ad6711073c569b0229bc62997be1999d6c4fee0d0532e86d5b
bffb1c46787b8b805539b401c7d557c497dcc6cfc2247ee8effc2a5a540a3714
c7614fb47fa445aafb00408a246c7b5ef02fa44ef286970f4c2abe91b43d9c0a
d62dc836069adad8bdffbccafbfbe6c05da51bbe671399db7359886ed2f8402c
ee753ae9bc8a63c26a8cfad53c2beb154512129a84273a655ebd4c5d3602c6b1
f1f3fa8a0929bf15eefdf2a1793edbf1f0298aafd6726de8339c9b90e5a925d8