urlscan.io logo urlscan.io
SecurityTrails logo

theninds.com Open in urlscan Pro
2606:4700:3031::6815:1dab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1698368114993.noisilyjiperve.co.uk/
Effective URL: https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&...
Submission: On October 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 13 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3031::6815:1dab, located in United States and belongs to CLOUDFLARENET, US. The main domain is theninds.com. The Cisco Umbrella rank of the primary domain is 604884.
TLS certificate: Issued by GTS CA 1P5 on October 3rd 2023. Valid for: 3 months.
This is the only time theninds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 172.104.190.11 63949 (AKAMAI-LI...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.91.27.112 396982 (GOOGLE-CL...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 3.216.219.191 14618 (AMAZON-AES)
1 1 2600:1f18:66d... 14618 (AMAZON-AES)
2 3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.67.157.216 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
14 10
3    172.104.190.11 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-190-11.ip.linodeusercontent.com
1698368114993.noisilyjiperve.co.uk
1698447273612.noisilyjiperve.co.uk
1698447274246.monthlyjisit.co.uk
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.lifeyourseflt.info
1    34.91.27.112 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.27.91.34.bc.googleusercontent.com
admoustache.media-412.com
3    2606:4700:3037::ac43:cceb (United States)

ASN13335 (CLOUDFLARENET, US)
www.cogliatu.com
1    2606:4700:3034::6815:1362 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    3.216.219.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-219-191.compute-1.amazonaws.com
sherouscolvered.com
1    2600:1f18:66d3:cb20:2fc8:3500:476f:5243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nt-npltfpro.com
3    2606:4700:3035::ac43:99ee (United States)

ASN13335 (CLOUDFLARENET, US)
adspredictiv.com
2    2606:4700:3031::6815:1dab (United States)

ASN13335 (CLOUDFLARENET, US)
theninds.com
2    172.67.157.216 (United States)

ASN13335 (CLOUDFLARENET, US)
feed.cn-rtb.com
t.cn-rtb.com
1    2606:4700:20::681a:6e4 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.ocmhood.com
1    2606:4700:3037::ac43:84bf (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ocmtag.com
2    2606:4700:20::ac43:4809 (United States)

ASN13335 (CLOUDFLARENET, US)
t.ocmhood.com
Apex Domain
Subdomains		 Transfer
3 ocmhood.com
sdk.ocmhood.com — Cisco Umbrella Rank: 46381
t.ocmhood.com — Cisco Umbrella Rank: 11204
13 KB
3 adspredictiv.com
adspredictiv.com
5 KB
3 cogliatu.com
www.cogliatu.com
6 KB
3 lifeyourseflt.info
www.lifeyourseflt.info
5 KB
2 cn-rtb.com
feed.cn-rtb.com — Cisco Umbrella Rank: 59165
t.cn-rtb.com — Cisco Umbrella Rank: 66477
860 B
2 theninds.com
theninds.com — Cisco Umbrella Rank: 604884
187 KB
2 noisilyjiperve.co.uk
1698368114993.noisilyjiperve.co.uk
1698447273612.noisilyjiperve.co.uk
910 B
1 ocmtag.com
cdn.ocmtag.com — Cisco Umbrella Rank: 48810
757 B
1 nt-npltfpro.com
nt-npltfpro.com
3 KB
1 sherouscolvered.com
sherouscolvered.com
600 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 377313
1 KB
1 media-412.com
admoustache.media-412.com
269 B
1 monthlyjisit.co.uk
1698447274246.monthlyjisit.co.uk
295 B
14 13
Domain Requested by
3 adspredictiv.com 2 redirects www.cogliatu.com
3 www.cogliatu.com 1 redirects www.lifeyourseflt.info
www.cogliatu.com
3 www.lifeyourseflt.info 2 redirects
2 t.ocmhood.com sdk.ocmhood.com
2 theninds.com adspredictiv.com
theninds.com
1 t.cn-rtb.com theninds.com
1 cdn.ocmtag.com sdk.ocmhood.com
1 sdk.ocmhood.com theninds.com
1 feed.cn-rtb.com theninds.com
1 nt-npltfpro.com 1 redirects
1 sherouscolvered.com 1 redirects
1 cdn.addlnk.com www.cogliatu.com
1 admoustache.media-412.com 1 redirects
1 1698447274246.monthlyjisit.co.uk 1 redirects
1 1698447273612.noisilyjiperve.co.uk 1 redirects
1 1698368114993.noisilyjiperve.co.uk 1 redirects
14 16

This site contains no links.

Subject Issuer Validity Valid
www.lifeyourseflt.info
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-10 -
2024-02-10		 a year crt.sh
addlnk.com
GTS CA 1P5		 2023-10-09 -
2024-01-07		 3 months crt.sh
adspredictiv.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
theninds.com
GTS CA 1P5		 2023-10-03 -
2024-01-01		 3 months crt.sh
cn-rtb.com
GTS CA 1P5		 2023-10-16 -
2024-01-14		 3 months crt.sh
ocmhood.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
Frame ID: 6F5A622B155F01EEAE870F4C2143B714
Requests: 15 HTTP requests in this frame

Frame: https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Frame ID: 0FE4642BF366A0011303DF2A63DF3DFD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Click Here to edit your LP title

Page URL History Show full URLs

  1. http://1698368114993.noisilyjiperve.co.uk/ HTTP 302
    http://1698447273612.noisilyjiperve.co.uk/4777ea63-4632-4eac-b397-aeac18b2e4ed?n=1&t=1698447273612&l_next=aHR0cHM6Ly93... HTTP 302
    http://1698447274246.monthlyjisit.co.uk/aa54ed53-c5df-4713-96a5-6e7119f09b0a?n=2&t=1698447273612&l_next=aHR0cHM6Ly93... HTTP 302
    https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=7261b2a736e56bcbb92987... HTTP 302
    https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6807079153863... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007607449c998d1a8e8035a338c9d... HTTP 302
    https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503 Page URL
  3. https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=560f07ef_503&c1=pubc514e937075b46c88... HTTP 302
    https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560... HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&su... Page URL
  4. https://adspredictiv.com/jump/next.php?stamat=m%257CYno2P6t3aQdH8BH0dEdHP3xP.733%252CwXm3GsSYWDJrDUi7... HTTP 302
    https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252CAhMyY3E6tGU3Bf-GH0dEdHP3xP.514%252Cl... HTTP 302
    https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R5... Page URL

Page Statistics

14
Requests

86 %
HTTPS

62 %
IPv6

13
Domains

16
Subdomains

10
IPs

4
Countries

215 kB
Transfer

491 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1698368114993.noisilyjiperve.co.uk/ HTTP 302
    http://1698447273612.noisilyjiperve.co.uk/4777ea63-4632-4eac-b397-aeac18b2e4ed?n=1&t=1698447273612&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzUwLWEzZWYzJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
    http://1698447274246.monthlyjisit.co.uk/aa54ed53-c5df-4713-96a5-6e7119f09b0a?n=2&t=1698447273612&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzUwLWEzZWYzJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
    https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag= Page URL
  2. https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=7261b2a736e56bcbb929874849c107c3&eyer=0.6807079153863038&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6807079153863038&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007607449c998d1a8e8035a338c9d4e1511027-202310-flb*5698350-a3ef3**sl_5698350-a3ef3*baaa386a011529886b27731dbef8445bf4a2c5ed** HTTP 302
    https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503 Page URL
  3. https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=560f07ef_503&c1=pubc514e937075b46c8857bdde9e631130e HTTP 302
    https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503&s2=we8m3niki8m5mujs2mv6dkbe HTTP 302
    https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503 Page URL
  4. https://adspredictiv.com/jump/next.php?stamat=m%257CYno2P6t3aQdH8BH0dEdHP3xP.733%252CwXm3GsSYWDJrDUi7S9w5As5TQ3jAH3fT695Ep5xVKcOtqge_S3aVNCaMuauoxVCPg8HF3STi0XRECX-xpgO1NEepa4jQ5Se4r2P9ZClDouKQ116jDKsLh5TrhBfIGZxjMwOzbrAcwNJWLJa3rDedd3FT2LTwvb3XAQTqJ42kV0ZUDe4cs-mCFyAah5qLkhqO&cbpage=https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503&cbur=0.0347463519863529&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
    https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252CAhMyY3E6tGU3Bf-GH0dEdHP3xP.514%252Cl12e-PjDsMRdy8vVr8fDUt-XyHXkzJqSRYMcSAMiisvnSZ02pvM_pHRCiM2NTze04rbW_okhxc9mckjgV-Oq6feh3k0qKLYanR3HR88D09Ru0zitrOmLAKtFuoWSesyq9BrzIkDBCeXGi9mKIcOS34A4DQixNvHU_42JW-T8AlXBkuZOkC0n-sk9-cBu_UPUu8GZdtSrBCh1GO-ttA-8SLimXJdhIVkIasz6KmOnkucB7YmLG6NdSPe89chxt_QUrmE3lUjEbBgX3HisCDpyaZZLdbaWQBMoX3Hr4yLup7k6yAT62FL858J3QztReXYuCrzD5ye-BxmvJc5mxsJk5uuqo283ON3EL6cGF-AdqefTvHganVuYzGZQh0vzDEUVKgA7qax_v4bAHFUwNvZ-Xj92st6tkTJOTNuVqdd9qH0tNqieTReAhaSg178bJMYvBHU08pQQb8kEiTdvU-jf5eBgemIbHNiy-39bMix_QC_zxTj_vTJQN3LlAz_ZLdpUaor0vanLLxL_Pjj48q1vEVsJMUYI4RPILv7c6gLLTR9uf2YDJaFCHkybWl6AL3FJuG6NtaCRAwcnu6bhHZz6_uFkMC8FhUzPX9YJNeY7mmo06oDEyR778MvQ_ZnInU4CUb7AYA4dOJTgoUoHtQXw45wKb9vHuQCfhJaqSAHDHA5ZqjRb32sl0m0y-5aHkQp5 HTTP 302
    https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1698368114993.noisilyjiperve.co.uk/ HTTP 302
  • http://1698447273612.noisilyjiperve.co.uk/4777ea63-4632-4eac-b397-aeac18b2e4ed?n=1&t=1698447273612&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzUwLWEzZWYzJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
  • http://1698447274246.monthlyjisit.co.uk/aa54ed53-c5df-4713-96a5-6e7119f09b0a?n=2&t=1698447273612&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzUwLWEzZWYzJmRhdGExPVRyYWNrMSZkYXRhMj1UcmFjazImdGFnPQ==&type_v=global&key_v=error HTTP 302
  • https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=
Request Chain 1
  • https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=7261b2a736e56bcbb929874849c107c3&eyer=0.6807079153863038&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6807079153863038&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007607449c998d1a8e8035a338c9d4e1511027-202310-flb*5698350-a3ef3**sl_5698350-a3ef3*baaa386a011529886b27731dbef8445bf4a2c5ed** HTTP 302
  • https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
Request Chain 3
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Request Chain 4
  • https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=560f07ef_503&c1=pubc514e937075b46c8857bdde9e631130e HTTP 302
  • https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503&s2=we8m3niki8m5mujs2mv6dkbe HTTP 302
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.lifeyourseflt.info/
Redirect Chain
  • http://1698368114993.noisilyjiperve.co.uk/
  • http://1698447273612.noisilyjiperve.co.uk/4777ea63-4632-4eac-b397-aeac18b2e4ed?n=1&t=1698447273612&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzUwLWEzZWYzJmRhdGExPVRyYWNrMSZkYXRhMj1...
  • http://1698447274246.monthlyjisit.co.uk/aa54ed53-c5df-4713-96a5-6e7119f09b0a?n=2&t=1698447273612&l_next=aHR0cHM6Ly93d3cubGlmZXlvdXJzZWZsdC5pbmZvLz9zbD01Njk4MzUwLWEzZWYzJmRhdGExPVRyYWNrMSZkYXRhMj1Uc...
  • https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Fri, 27 Oct 2023 22:54:35 GMT
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
226
Content-Type
text/html; charset=utf-8
Date
Fri, 27 Oct 2023 22:54:34 GMT
Keep-Alive
timeout=5
Location
https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=
Vary
Accept
X-Powered-By
Express
a91581ead4
www.cogliatu.com/rc/
Redirect Chain
  • https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=7261b2a736e56bcbb929874849c107c3&eyer=0.6807079153863038&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=&eyeg=3&eyer=0.6807079153863038&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330007607449c998d1a8e8035a338c9d4e1511027-202310-flb*5698350-a3ef3**sl_5698350-a3ef3*baaa386a011529886b27731dbef8445bf4...
  • https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
Requested by
Host: www.lifeyourseflt.info
URL: https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1b228c7bb1421c4c3dd6feb90c2a824bd797d7b65beaa6fa8744b12b198579

Request headers

Referer
https://www.lifeyourseflt.info/?sl=5698350-a3ef3&data1=Track1&data2=Track2&tag=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81ce8597c99d2257-MIA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:54:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6%2BQfLtdg9Wq741G%2BS5GZNpK0YIY40dn%2BZzkTBxIZ9XpB9hhZzrHE5D8d%2FL%2BRf1xfY15jZS7%2Fsl1iuTHWm2EtLWqU9mEBSFSC8r8BhNvdKazra8%2B8iFeq6wcmfvxIvwc6XGf9gJdf8qLqY8Gyrr%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 27 Oct 2023 22:54:36 GMT
location
https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: www.cogliatu.com
URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NCAVQNRMYYWBJ1MA
age
6342
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
LAvQPkbkRVsKV1OL2gCU9gVQUpumCuW8ar9Ay4DMnzovvgpvEOK/tfwgJzgEAdXHnGxv34AO4xFZ4wQoQQk7mw==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21vTLOzKFcKbEVVq1vSylKO%2BmLDyMLvepLgBo%2BIZvG9ldImPGmCyN9ukvqEX4Lvs3mnJ1UzLE6h%2FG3iu47q2B2IOOTaRpGXkqDM6qNVZs2w25CH%2B49Tklifr7yoKkKMKy795Hvre8DUuTmmMMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
81ce859bc871db01-MIA
main.js
www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/ Frame 0FE4
Redirect Chain
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
Protocol
H3
Server
2606:4700:3037::ac43:cceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:37 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRu6HTs0ignzkXP6vUBOepZ6HgkHQtcj0CoIHv%2BHk6xpSYYzz%2BCzQv%2FGIagqon%2F%2Bwi0c2K06N5mF6W3cB%2Bs3UCxWP9SXgkp5lzt51E4mN22KgaYkhVNfpDh5d3bjuL%2FdDg1q1qSRE3JYQCoqUMr6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
81ce859cc9df67e4-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 27 Oct 2023 22:54:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTErtDkkxlxfTLMgXhomEgUDX4ykzGY70TFGywCnu9DdQdC824GGf%2BcBgeG3BrnaUDsWB%2FaUn2pe1v7tpYFyLcu1ECTia9iyzJsAvjNU%2BVczTDM5yhtipEm%2FPW1yFKFuXPpbuh2iNL0bxUqu64n0"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/c359bc3d/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
81ce859c58322257-MIA
alt-svc
h3=":443"; ma=86400
next.php
adspredictiv.com/jump/
Redirect Chain
  • https://sherouscolvered.com/48e1581e-25eb-44e8-8643-630ec6118413?c2=560f07ef_503&c1=pubc514e937075b46c8857bdde9e631130e
  • https://nt-npltfpro.com/?a=21829&c=345869&co=16559&mt=18&s1=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503&s2=we8m3niki8m5mujs2mv6dkbe
  • https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503
Requested by
Host: www.cogliatu.com
URL: https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:99ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.cogliatu.com/rc/a91581ead4?affclick=653c3facec0d76000192c080&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81ce85a2fed731f8-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:54:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVkS%2FYPqIh%2FXzHK4tT874Roc0f2UfQFy7x5PIbEAGaf9EEofjQcb37tnOEVMno3v1FALGCKP8UJo41NHSNBTz2ZLiaorYHzzs6O8fNOqflGv45bxMc6VYFDChi%2B4Iop1WDadQXBfLWD%2BsLI6f5my"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
content-language
en-US
content-type
text/html;charset=ISO-8859-1
date
Fri, 27 Oct 2023 22:54:38 GMT
location
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503
server
nginx
81ce8597c99d2257
www.cogliatu.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0FE4 		0
0
Primary Request /
theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/
Redirect Chain
  • https://adspredictiv.com/jump/next.php?stamat=m%257CYno2P6t3aQdH8BH0dEdHP3xP.733%252CwXm3GsSYWDJrDUi7S9w5As5TQ3jAH3fT695Ep5xVKcOtqge_S3aVNCaMuauoxVCPg8HF3STi0XRECX-xpgO1NEepa4jQ5Se4r2P9ZClDouKQ116j...
  • https://adspredictiv.com/script/i.php?t=1&stamat=m%257C%252C%252CAhMyY3E6tGU3Bf-GH0dEdHP3xP.514%252Cl12e-PjDsMRdy8vVr8fDUt-XyHXkzJqSRYMcSAMiisvnSZ02pvM_pHRCiM2NTze04rbW_okhxc9mckjgV-Oq6feh3k0qKLYan...
  • https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
257 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
Requested by
Host: adspredictiv.com
URL: https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0ea19846bcb43f3a5c93b3f9e872bba11db425df6a62363a811e54786f81b1

Request headers

Referer
https://adspredictiv.com/jump/next.php?r=6536622&pub_clickid=d04f910effba4422ac4cfa387120d4df2099a&sub1=21829&sub2=6efa2ba6-87c4-4bb2-b973-4ec73420e640_560f07ef_503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81ce85a6c92cb3c5-MIA
content-encoding
br
content-type
text/html
date
Fri, 27 Oct 2023 22:54:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jt0ld%2BimedqIkgkZ82F2JLhg7NlVLJrW0XGJAhAa2cuRFOvyPzNTxOuNAVNCGX40zUl4zYma4XAwBvreziaLoQjfAXsGzwtroIajiv7PhdC6B7D384fwmmCRe2jyTuEs52z1HbhJrCYiT%2BI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81ce85a51cfd09da-MIA
content-type
text/html; charset=utf-8
date
Fri, 27 Oct 2023 22:54:38 GMT
location
https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saH%2Fq%2FdYOsvcAS%2F5b03VxFWX7263Cb1v75NoFoevBCeV%2F2ykUVMISvMYnHDJVgThTnyNAvdN%2FWVJlKW3uxUdTjGlqONZ4XuqCzin81W7i2dwnHTvJizBoPTH%2FXwsOe5wbL7vcgcdWk6a%2FHRklo9O"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
AFU1kAAPatM
feed.cn-rtb.com/v1/native/ 		688 B
860 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feed.cn-rtb.com/v1/native/AFU1kAAPatM?subid=64615&uid=a77fbf92-e278-4aab-ad06-9171ba9511a6&kw=download%20install
Requested by
Host: theninds.com
URL: https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.157.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d31bc99c22dd418fe5b68b621fbfefdc6a4738de36ea079890b42d12aa801d4c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
model
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKrqim8QMv2UPw5DnR6oMXPrWz4ZE2lnnYY8FBgplEVAWu5hC5iXZ%2F0LMTmACSMgctGZ7i9SHMrsUP5T3H2NJh0HZnBhXPm%2Fum%2Bocz%2BxeJEOG%2FdaT7cKXwaug6T5bGM8vr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
81ce85a86b0bd9a1-MIA
alt-svc
h3=":443"; ma=86400
conf.json
theninds.com/hood/dGhlbmluZHMuY29t/ 		49 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://theninds.com/hood/dGhlbmluZHMuY29t/conf.json
Requested by
Host: theninds.com
URL: https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:1dab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 03 Oct 2023 08:58:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651bd7ae-31"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFlAuhgIFX2qPCWSEZRn11Z2AgSYblMI%2Bkhsm2Lm0eXAajSudaziRcEQzBssn6C1kjQyuEYeeVDLTdZFLOKp6Y8IxtLEdNin25c685C5gkrQNfcy5MFNaoEjpwGtwiOIyzH7lndiPfnJ54w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
81ce85a79afdb3c5-MIA
alt-svc
h3=":443"; ma=86400
truncated
/ 		175 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa1b1258b67c05e67b49455aaf35e9681f425c9c58fdff637474f7b3d4ffe53a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e817db2f214ad635efe4cf3168fa07cda19f5821d76aa179a17f644737c7cffb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
ht.js
sdk.ocmhood.com/sdk/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Requested by
Host: theninds.com
URL: https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8

Request headers

Referer
Origin
https://theninds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4988
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Fri, 21 Jul 2023 09:35:24 GMT
server
cloudflare
etag
W/"64ba515c-2e63"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6EE7ZOBFNp6JUG3CDp8iYgSYavN6h55ZffwBc%2F9VZOXZ0FZqUhPdV4Fzpx%2BAdnN7Au7dpc6oju5Il0AwSZUWZpOsHV35m5976hH85Tt75pu5rb6QGGWgBG9yi%2BlXYVL%2Bg0sWXNKyJkTJuR%2FkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
81ce85a98d373717-MIA
NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js
cdn.ocmtag.com/tag/ 		279 B
757 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ocmtag.com/tag/NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT.js
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:84bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1375
alt-svc
h3=":443"; ma=86400
service-worker-allowed
/
last-modified
Tue, 03 Oct 2023 07:27:50 GMT
server
cloudflare
etag
W/"651bc276-117"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVdYiJ3skR8VHwIETC%2BWA8F9iNLoyKA52elFeM28ZohD4Z1i%2BsCYU02OwpsfxrnxpDgOX%2BCVlKZzOMecAuKVRE5hAcs%2BAHXcy6Ruw2pGHh3QOKQh9Rmm7hdrarHk5zWRGtKrp70IqArSci804Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
81ce85aadb47336e-MIA
imp
t.cn-rtb.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.cn-rtb.com/imp?l2=pm1KNUwSJdm02ly8HTfr7J3a6bV_VEv2g3NrP10cTgG4Pc5oF5f4bZ5cLGl3PTQGfEbKt4d3ALv26OVLjYvrRZTkuIlud6fg9RRffErH9JaftwwkroKAlxwaC5vRFBdzJXC6b-ickuL0PiPIUdEgqNecVJsLvqWl3P4UANXqkGGP-6GVgQng3s2OWpboRvqO
Requested by
Host: theninds.com
URL: https://theninds.com/u6y0Fvw2SW42FYhTqYpplpRsYUAwKIVzrjjJfT4o8J0/?cid=169844727810000TUSTV62001R550R1d05R1RR96V051e0&pubid=3744083-887628016-1649167839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.157.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 22:54:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cm9I%2F8ZX%2FEQ0lmI5NiUuB7H%2BA0Ytti0JgzChOm5p3aPtO%2FzIBLCsoqrfk4HHFPj5U%2FZED%2BHHKaTWxhXN7wSJ4MPVYKTBsR3Ucdk4wnZGMB5NbvcahzNWxvnrwt3UGA4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache
cf-ray
81ce85ab1f20d9a1-MIA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
270 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Oct 2023 22:54:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfkB1%2FUYXtmNLXcZuoHm24qARMzeTx%2FPHom2C%2BrWKENy2YE8HkM4BfSwEvRyzFIHRTlsIzka6gnXNDCSwn0kqqdHO4fuuL%2FJ3QguI9KHHE%2F4GKBlbp79nerIizvSD03WZ4liiCcGNnxSk38%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
81ce85ac1d55029b-MIA
alt-svc
h3=":443"; ma=86400
activity
t.ocmhood.com/v2/ 		0
429 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.ocmhood.com/v2/activity
Requested by
Host: sdk.ocmhood.com
URL: https://sdk.ocmhood.com/sdk/ht.js?tag=NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 27 Oct 2023 22:54:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSwigeB5vI48hCrJGur6vUgYcqNflX9PJ7464FxyPkhs1KlEdqNMwJswa9RFyaZgNoCtWqPWQQZOe8Rh9NlGtPyh5UCeipzxyRg3LI79TE9pq3G3mlUkChDwvBQ76JAf1bO7yg2xHGofFnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
no-cache
cf-ray
81ce85ac1d57029b-MIA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.cogliatu.com
URL
https://www.cogliatu.com/cdn-cgi/challenge-platform/h/g/jsd/r/81ce8597c99d2257

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| qs string| lwp function| snippetGetEngineDomain function| snippetGetAllLocations object| campaign_domains function| importOmpServiceWorker function| initOmpServiceWorker function| clearSession function| getLpType function| fetchAd function| getOCP function| popme function| pbcid function| finalRedirect function| goNextStep function| goToRedirectonAllow function| goToRedirectSmart2 function| isPushApiSupported function| uuidv4 function| initLpPush function| startOmpWorker function| getLpIdParamIfSet function| getSourcePrefix object| ad number| cpc number| o_eid string| o_ocid string| source_prefix string| fallback_url function| before_redirect_block function| Hood function| NjY4ZwSkNAFfmDQ2D20xNDY4MjE0NtLT

17 Cookies

Domain/Path Name / Value
admoustache.media-412.com/ Name: afclick
Value: 653c3facec0d76000192c080
www.cogliatu.com/ Name: AWSALB
Value: 8skXpEWGHvRadPnmzM5Hhy/FfIiC/VlhKYxMPTXZVkZESyEdyPsk1mU8fJvFV1+aUGkcrlYtuYPQ64cbLruTnwjtbkYKTaEUbTKSAZ+FovRnpj5UgmX9tSomKUkk
.sherouscolvered.com/ Name: 48e1581e-25eb-44e8-8643-630ec6118413-v4
Value: uk4S74VVQrIT2kVt3aWsDAdHZVBgRg6XeyOsa9dBA3E
.sherouscolvered.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22we8m3niki8m5mujs2mv6dkbe%22%2C%22caid%22%3A%2248e1581e-25eb-44e8-8643-630ec6118413%22%7D
.nt-npltfpro.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.nt-npltfpro.com/ Name: gdm_click_adv_freq_v2_1_001
Value: WGP2hL1mCj4amHrx09xyl3DyEl53Q/eM37TLXIrQlPup+CKzXhq227l6rUA5ofaE
.nt-npltfpro.com/ Name: gdm_click_freq_v1_1_001
Value: O0bSZ3Md1bo7JW/RvsMNn8WHJx9SbjcGMA/sPNs6KDqF6d5qYNmanc+DVm9c9xEC
.nt-npltfpro.com/ Name: gdm_sid_v2_3_001
Value: 4T1siGgc6IFd6QVIKIDM4fdDhjts4FYFyrBl2VyL72N65fYa/AaPBbxxzxYd0xMa3WCrXDzbPgerFO38tXitKrxqlZN+KHX7M8TEt1Silqav9UrgQCKOEqEVBcq2j7FTaCTOfHes9yd0dFbPOlPavG04YxkOQMiZMGjRwND63he+P7EoaYEdRQRkTyfaMYUOulWccEKw6bFT1WDGlLydbv3Q7FQW0Cfz9L6qI8TGHfF7d3s0SxKeUV3esfA0ve8TTh/gjJTyUkDRvw+6YY4n7gY8Yt7t7DPlhzPUD2MK46GsYMeut1WHrd89FB50j6yc5Ruaa4y+xUH/hPmepeZ53rzacIc201tcgyp/Vu7rh7r3bY5znzb/jHqD8SAPPqsO9mJBjOYi4aatJAoVQAb6YxEz1/TKaIvR08KBRsIddcF8gXDVLiCETt+4GZ76fZFVRgGqocQi7nlbSj01+uSuah81xN2EkEeV0lcHe+ud20HUVYuUYp6R/tHeoBTSROKgUuNeGbhfYyi6uErFBvKEYCIpMRkhLfF3ySIMoMFPmf0pOrgSBxGMWMyj8T++Ote++vOhQ7b/FfLiI8nD79b2ni/Ue4Im6PeJg2R6tVEAz5TtT08045bU3Z17MJfc1idcJxKtX/SIt+xhriQgDNTl7k3ei2a+sOv1X83Q2B1yCa6VCYm8Sj4l/reT8nOL3xcokAkepRHCq6IbUichr24htDt6UfZCu34lOo1dCEaV8cPy5mACfY+b9z05ymDY7hOHr4eV4bSR6HjdyGJgwqnei3ftg8+Ybc4Up8xpXdAgrKIGMAfE9wIOPmEb3PRNUPt1mS2XIb8Y7ftPPZugcMY3JqloLzp+EaApnU4J4jWCunJjF/EywbcLMPU/NLS4jE6ZP/PXLcvczWCt1nskr/gOkn7z+fv10jlfsi2vRSK47DMs4hDEn7sUcbBdTHmVGt9iWHjWiTPZQBRqoULzZ8Asgut6hjIsC6BkNoGcMJPFIpcNFtJZHNvBRYFg4uLPas8pM5UltcwvPQ4NEsEkG4Vq/T3U3Prwv1LuFZX+TGNpFqS5Bdox/aIvXlqT5Cgogl+qbfztXiRr172SWDJqVXwJYsqiSbC3PGaQFxUB3xx+g4/O+vc/xRaj2X0mvBw7qDaAMvYPWAr3CkeEgs3EXbXv4A==
.nt-npltfpro.com/ Name: gdm_sid_v1_3_001
Value: 4T1siGgc6IFd6QVIKIDM4fdDhjts4FYFyrBl2VyL72N65fYa/AaPBbxxzxYd0xMa3WCrXDzbPgerFO38tXitKrxqlZN+KHX7M8TEt1Silqav9UrgQCKOEqEVBcq2j7FTaCTOfHes9yd0dFbPOlPavG04YxkOQMiZMGjRwND63he+P7EoaYEdRQRkTyfaMYUOulWccEKw6bFT1WDGlLydbv3Q7FQW0Cfz9L6qI8TGHfF7d3s0SxKeUV3esfA0ve8TTh/gjJTyUkDRvw+6YY4n7gY8Yt7t7DPlhzPUD2MK46GsYMeut1WHrd89FB50j6yc5Ruaa4y+xUH/hPmepeZ53rzacIc201tcgyp/Vu7rh7r3bY5znzb/jHqD8SAPPqsO9mJBjOYi4aatJAoVQAb6YxEz1/TKaIvR08KBRsIddcF8gXDVLiCETt+4GZ76fZFVRgGqocQi7nlbSj01+uSuah81xN2EkEeV0lcHe+ud20HUVYuUYp6R/tHeoBTSROKgUuNeGbhfYyi6uErFBvKEYCIpMRkhLfF3ySIMoMFPmf0pOrgSBxGMWMyj8T++Ote++vOhQ7b/FfLiI8nD79b2ni/Ue4Im6PeJg2R6tVEAz5TtT08045bU3Z17MJfc1idcJxKtX/SIt+xhriQgDNTl7k3ei2a+sOv1X83Q2B1yCa6VCYm8Sj4l/reT8nOL3xcokAkepRHCq6IbUichr24htDt6UfZCu34lOo1dCEaV8cPy5mACfY+b9z05ymDY7hOHr4eV4bSR6HjdyGJgwqnei3ftg8+Ybc4Up8xpXdAgrKIGMAfE9wIOPmEb3PRNUPt1mS2XIb8Y7ftPPZugcMY3JqloLzp+EaApnU4J4jWCunJjF/EywbcLMPU/NLS4jE6ZP/PXLcvczWCt1nskr/gOkn7z+fv10jlfsi2vRSK47DMs4hDEn7sUcbBdTHmVGt9iWHjWiTPZQBRqoULzZ8Asgut6hjIsC6BkNoGcMJPFIpcNFtJZHNvBRYFg4uLPas8pM5UltcwvPQ4NEsEkG4Vq/T3U3Prwv1LuFZX+TGNpFqS5Bdox/aIvXlqT5Cgogl+qbfztXiRr172SWDJqVXwJYsqiSbC3PGaQFxUB3xx+g4/O+vc/xRaj2X0mvBw7qDaAMvYPWAr3CkeEgs3EXbXv4A==
.nt-npltfpro.com/ Name: gdm_uid_v1_1_001
Value: nQUzkcJnnykYk0xIVpWo+1SIoV4tG2TM6nVTFsWwak6xfxzRtYacl0GP0m6eq50M
.nt-npltfpro.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.nt-npltfpro.com/ Name: gdm_uid_v2_1_001
Value: nQUzkcJnnykYk0xIVpWo+1SIoV4tG2TM6nVTFsWwak6xfxzRtYacl0GP0m6eq50M
.nt-npltfpro.com/ Name: gdm_click_adv_freq_v1_1_001
Value: WGP2hL1mCj4amHrx09xyl3DyEl53Q/eM37TLXIrQlPup+CKzXhq227l6rUA5ofaE
.nt-npltfpro.com/ Name: gdm_click_freq_v2_1_001
Value: O0bSZ3Md1bo7JW/RvsMNn8WHJx9SbjcGMA/sPNs6KDqF6d5qYNmanc+DVm9c9xEC
theninds.com/ Name: session
Value: BaCmQhlxh3UtxcHAa_EQAe-oNXsMMg1w
.theninds.com/ Name: _ht_v
Value: 1698447279.4210152060
.theninds.com/ Name: _ht_s
Value: 1698447279.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1698368114993.noisilyjiperve.co.uk
1698447273612.noisilyjiperve.co.uk
1698447274246.monthlyjisit.co.uk
admoustache.media-412.com
adspredictiv.com
cdn.addlnk.com
cdn.ocmtag.com
feed.cn-rtb.com
nt-npltfpro.com
sdk.ocmhood.com
sherouscolvered.com
t.cn-rtb.com
t.ocmhood.com
theninds.com
www.cogliatu.com
www.lifeyourseflt.info
www.cogliatu.com
172.104.190.11
172.67.157.216
2600:1f18:66d3:cb20:2fc8:3500:476f:5243
2606:4700:20::681a:6e4
2606:4700:20::ac43:4809
2606:4700:3031::6815:1dab
2606:4700:3034::6815:1362
2606:4700:3035::ac43:99ee
2606:4700:3037::ac43:84bf
2606:4700:3037::ac43:cceb
3.216.219.191
34.91.27.112
51.68.81.31
63c232511cd1f130faec46a40a0cde0cf7ea83a19b34f01267b793c8695c51b8
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
8c0ea19846bcb43f3a5c93b3f9e872bba11db425df6a62363a811e54786f81b1
aa1b1258b67c05e67b49455aaf35e9681f425c9c58fdff637474f7b3d4ffe53a
ba74a217fca9b1dad624899410e377f0ff297dba200d1e9dce1af17486834133
d31bc99c22dd418fe5b68b621fbfefdc6a4738de36ea079890b42d12aa801d4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e817db2f214ad635efe4cf3168fa07cda19f5821d76aa179a17f644737c7cffb
ec977875910bbae9afa2c2b9462bf1c49ccc38b5ef40658410a8ed7e383757f4
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2
ff1b228c7bb1421c4c3dd6feb90c2a824bd797d7b65beaa6fa8744b12b198579