www.mcafee.com Open in urlscan Pro
104.70.95.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hereisaffslink.com/?a=3146&oc=34077&c=66196&m=7&s2=80128dc80ca84065b0c02887f77ae3a6&s1=20
Effective URL:
https://www.mcafee.com/
Submission: On December 29 via api (December 29th 2023, 6:09:29 pm UTC) from LU — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 10 domains to perform 24 HTTP transactions. The main IP is 104.70.95.190, located in and belongs to . The main domain is www.mcafee.com.
TLS certificate: Issued by McAfee OV SSL CA 2 on August 1st 2023. Valid for: a year.

This is the only time www.mcafee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.213.180.200 52.213.180.200	16509 (AMAZON-02) (AMAZON-02)
9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2 3	18.158.88.249 18.158.88.249	16509 (AMAZON-02) (AMAZON-02)
10	139.45.240.92 139.45.240.92	57304 (RUBY-AS) (RUBY-AS)
1 1	154.16.205.60 154.16.205.60	20278 (NEXEON) (NEXEON)
1	104.70.95.190 104.70.95.190	() ()
24	6

1 52.213.180.200 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-180-200.eu-west-1.compute.amazonaws.com

hereisaffslink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

gr01.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apidata.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.aiprocessingonline.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.88.249 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com

app.logictree.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.16.205.60 (Los Angeles, United States) 1 redirects

ASN20278 (NEXEON, US)

fzscg.gobestlinkoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.70.95.190 (None, )

ASN- ()

www.mcafee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	notix.io notix.io — Cisco Umbrella Rank: 17476	44 KB
6	aiprocessingonline.xyz secure.aiprocessingonline.xyz	58 KB
3	logictree.co 2 redirects app.logictree.co	5 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340	118 KB
2	gr01.net gr01.net	3 KB
1	mcafee.com www.mcafee.com
1	gobestlinkoffer.com 1 redirects fzscg.gobestlinkoffer.com	157 B
1	apidata.info apidata.info	855 B
1	hereisaffslink.com 1 redirects hereisaffslink.com	567 B
0	mcafeeassets.com Failed media.mcafeeassets.com Failed
24	10

	Domain	Requested by
10	notix.io	secure.aiprocessingonline.xyz notix.io
6	secure.aiprocessingonline.xyz	gr01.net secure.aiprocessingonline.xyz
3	app.logictree.co	2 redirects secure.aiprocessingonline.xyz
2	ajax.googleapis.com	gr01.net secure.aiprocessingonline.xyz
2	gr01.net	gr01.net
1	www.mcafee.com	secure.aiprocessingonline.xyz
1	fzscg.gobestlinkoffer.com	1 redirects
1	apidata.info	gr01.net
1	hereisaffslink.com	1 redirects
0	media.mcafeeassets.com Failed	www.mcafee.com
24	10

This site contains no links.

Subject Issuer	Validity	Valid
gr01.net GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
apidata.info E1	`2023-11-10` - `2024-02-08`	3 months	crt.sh
aiprocessingonline.xyz GTS CA 1P5	`2023-11-22` - `2024-02-20`	3 months	crt.sh
notix.io R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
app.logictree.co R3	`2023-11-10` - `2024-02-08`	3 months	crt.sh
www.mcafee.com McAfee OV SSL CA 2	`2023-08-01` - `2024-07-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.mcafee.com/
Frame ID: AF5FDBCFC6D4088C8BDF64AA90D7C225
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hereisaffslink.com/?a=3146&oc=34077&c=66196&m=7&s2=80128dc80ca84065b0c02887f77ae3a6&s1=20 HTTP 302
https://gr01.net/t/?s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVw... Page URL
https://app.logictree.co/click?country=DE HTTP 302
https://fzscg.gobestlinkoffer.com/o/KNBHUYKC/?kw=&s2=dookr9ljul2m723uit33gp3i&country=DE HTTP 301
https://www.mcafee.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

29 %
IPv6

10
Domains

10
Subdomains

6
IPs

4
Countries

228 kB
Transfer

412 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hereisaffslink.com/?a=3146&oc=34077&c=66196&m=7&s2=80128dc80ca84065b0c02887f77ae3a6&s1=20 HTTP 302
https://gr01.net/t/?s6=1&s7=LG&s8=CAK Page URL
https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y Page URL
https://app.logictree.co/click?country=DE HTTP 302
https://fzscg.gobestlinkoffer.com/o/KNBHUYKC/?kw=&s2=dookr9ljul2m723uit33gp3i&country=DE HTTP 301
https://www.mcafee.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://hereisaffslink.com/?a=3146&oc=34077&c=66196&m=7&s2=80128dc80ca84065b0c02887f77ae3a6&s1=20 HTTP 302
https://gr01.net/t/?s6=1&s7=LG&s8=CAK

Request Chain 4

https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
gr01.net/t/
Redirect Chain

https://hereisaffslink.com/?a=3146&oc=34077&c=66196&m=7&s2=80128dc80ca84065b0c02887f77ae3a6&s1=20
https://gr01.net/t/?s6=1&s7=LG&s8=CAK

349 B
592 B

114ms
63ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83d3fe60b9cd71b9-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Dec 2023 18:09:22 GMT
last-modified: Mon, 06 Nov 2023 14:49:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SFCLOuYPBqcNrtanoK9IOA8wopdNMh8K6IWB1wcenwUqay%2B70I4CcpWBKylhD0B6yVLkJ0dINnwp8YEMRbUA8MuAjzyrDgZfckk8AyGS7FnDkGkgZG95YgKGzBzLsVSPxNm27buag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 162
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Dec 2023 18:09:21 GMT
Location: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 85ms
49ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: gr01.net
URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gr01.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 17:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 17:46:53 GMT

GET
H2 200 js Show response
apidata.info/ 808 B
855 B 162ms
90ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apidata.info/js
Requested by: Host: gr01.net
URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d6e67da11f377d796b8eb279915f686b3003c7f7f4aa8d54ef2d3d14f1b66fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gr01.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SE53QmVLdZ0Iu3tY0u4dt6Mkd7i57sZH05nOuw1va3%2FsuD5N%2FDw3Fuj9AZest4DOgtToj2AeEKITXY9jwifF1gw6NRBUE7xeK93mj%2FfEmszShJnqhJMxPnjfKPh9jVtY2GcI3PrI72wYnHo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET
access-control-allow-origin: *
content-type: application/javascript;charset=UTF-8
cf-ray: 83d3fe619c321cc1-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logic_tree.js Show response
gr01.net/t/ 9 KB
3 KB 47ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gr01.net/t/logic_tree.js
Requested by: Host: gr01.net
URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1372d0bceeda2b148d6e8a830cce88c6cf90c80809569170b1bf78811307805e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Nov 2023 14:49:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6548fd01-2563"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Byjvb1r2GfiOZTNFHZpnxKsd5BI8g0xtTlfn029I5HvQ2Ygv%2FEUAbuJjJsDMYxqgZXbYpR%2F4TNRLLMnL4lbih4DTSM4FriICyNaTLpXfPL44qE36pf9MuMzSOiUZIcm5bl8x2BkZQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83d3fe612aaa71b9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

200

/ Show response
secure.aiprocessingonline.xyz/lp/load/1b/
Redirect Chain

https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y
https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRK...

2 KB
1 KB

119ms
62ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y
Requested by: Host: gr01.net
URL: https://gr01.net/t/logic_tree.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19a40dd78eead1d31bc9400854687c587c6f622911d3dbb2ac70d19625efae60

Request headers

Referer: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83d3fe645db09a21-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Dec 2023 18:09:22 GMT
last-modified: Mon, 06 Nov 2023 14:38:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oglpfb9zrs0S7NMcae2MnOtV9nveryxQ5jcNUZpCW2nFtokUrLdwfked8Y1v%2BHoLQS7E9CSXJU7t9ZWCcMjrIE7GgWJGiXVMj%2BEdTUVbHU6oHAFdtzzoEkycKVODQWnOzvvUB6ZG4AUKYETGj%2FrsqgoUrZfKad27210Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Fri, 29 Dec 2023 18:09:22 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y
pragma: no-cache
server: nginx

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
84 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 02:38:00 GMT
x-content-type-options: nosniff
age: 315082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86341
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 02:38:00 GMT

GET
H2 200 loader.gif
secure.aiprocessingonline.xyz/lp/load/1b/img/ 51 KB
51 KB 73ms
72ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.aiprocessingonline.xyz/lp/load/1b/img/loader.gif
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 14:38:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6548fa49-cc19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJepJBZ6M57RbflnMG2WBYU71ENgmsqdjnDgLPms%2BEQLpIc%2Fkdxo8etlsCl%2BulMHe%2BXU02kxJWJUt6PTF118aOBsNYL4NJL8k%2FgvGfKgWwW%2BEu8%2FU5xHU%2BOJ7vTgEP2pTkdb6p69aIgsAJqltNrVEQqNJ4qKfxz%2FXZ23yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83d3fe64de3a9a21-FRA
alt-svc: h3=":443"; ma=86400
content-length: 52249

GET
H2 200 url-pixel.png
secure.aiprocessingonline.xyz/lp/load/1b/ 95 B
456 B 56ms
56ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.aiprocessingonline.xyz/lp/load/1b/url-pixel.png
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 14:38:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6548fa49-5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqKdFSh53zpB7oIWc9rqLr%2FR1hsBU9Iz1NhY2e%2BNJ2A%2F7FITYOdZMR6qYQKi7%2FFUfC1OZinT2Ipvu9rNsgnLsIXeZCnxAcEEvTFtE3Z1MHjTzgckPOpYHUKGW3eSuzxHebti3ei4TxI8%2FQz%2B6ps5Ex50PrnPHwbSL9UrXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 83d3fe64de3c9a21-FRA
alt-svc: h3=":443"; ma=86400
content-length: 95

GET
H3 200 gotoURL.js Show response
secure.aiprocessingonline.xyz/script/ 7 KB
3 KB 53ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessingonline.xyz/script/gotoURL.js
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a0643be02779db9902e4db88d29594be31f7a307ca0a873ef371c39728b4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Nov 2023 14:49:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6548fd00-1d1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JECnPeIQWSvgOwMv3QOIFnl%2BuJ7S4rmflp9RgKjY9DXY2ENbiDwgwJ90NQzbTZVUsOX4l3Rd%2F5MDNN3IimOY1MHiwtD%2FRKu7hauaOITsxJebrMcom7%2BKuW839ixqTgFFUTb7MGXL6yitT1QcSrPOS1lf2kLpN3HmAzsP%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83d3fe65285839c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 142 KB
43 KB 95ms
22ms Script
application/javascript 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/script/gotoURL.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4b12aab689167d4ac840e99269fc5281a162e554f66b470217e5ac865404dee0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 18:09:22 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 16:18:39 GMT
server: nginx
etag: W/"657887df-23819"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 .js Show response
app.logictree.co/d/ 3 KB
3 KB 370ms
370ms Script
application/javascript 18.158.88.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.logictree.co/d/.js?lpref=https%3A%2F%2Fgr01.net%2F&lpurl=https%3A%2F%2Fsecure.aiprocessingonline.xyz%2Flp%2Fload%2F1b%2F%3Fvsv%3DUTS%26vl%3D1%26vlink%3Dapp.logictree.co%26country%3DDE%26cep%3Di0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf%26lptoken%3D17be030e8706512c62a3%26s6%3D1%26s7%3DLG%26s8%3DCAK%26spushon%3Dy&lpt=Loader&vtm=1703873362796
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/script/gotoURL.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e66dfe019c0869d186977e6536c989ec5694e91f7383c3148824e9fac0857811

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Dec 2023 18:09:23 GMT
server: nginx
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3094
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 bckbtn.js Show response
secure.aiprocessingonline.xyz/script/ 1012 B
961 B 69ms
69ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessingonline.xyz/script/bckbtn.js
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=i0BuFJ6hoabVwOxAo3R3xB22ZXBIDjdYshD7CTTseLOl7GSjpWNCEQIBWiqiTRkZvMhw7iuWD-4tsZhCyExnAOtvu8mTXuRKxfuNWFP7ndVuExaAEECpXiq7iijwPSgbBObCSwrzWfJ4-YJJiGR0-L7ki_C_S8YE8KFeglgLNCBId2Fz5ikZ-6SNGaNBDUJNCEVAcCvwa7qnUgbcpJ0ROJOojw2g_dkKWl4pmEXSPljieebvFQsPWnsXAeAWpa2EpNmnIO59lv-0PodH1iYmF9zpv9OdqrnMieb0Icpv0ZgAlbUfBKkZFB7jReRRVdLOU2Wvi8Nik-tF3u0gnxhlds7bkflL9wdkFRViiO-PoNq1E19tmgoaqnbC9f1_yNWEYFLr2R2nxjlB75Gojbr4w7FEgMnwIHaGVppxytsIWdYj-Tz6CLWXojrXzesXHlpf&lptoken=17be030e8706512c62a3&s6=1&s7=LG&s8=CAK&spushon=y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Nov 2023 14:49:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6548fd00-3f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wm%2F%2FfN1DpSPHofLAtIZTL2KZtAvURKk%2Fcng3zXn04CDm0wynLxJ3b5kIrtXAjqvqvvIpiPxfDvjWeCOJDKdI%2BZYONrJEyz4Ua0YhKTclui%2FdstvDZ4WvZSUrZC52yq3BPUcjPrjfiISb9VDT41SFKwfapiqt%2FxHRb8GCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83d3fe65990239c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 swgfonts.js Show response
secure.aiprocessingonline.xyz/script/ 965 B
962 B 52ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.aiprocessingonline.xyz/script/swgfonts.js
Requested by: Host: secure.aiprocessingonline.xyz
URL: https://secure.aiprocessingonline.xyz/lp/load/1b/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 06 Nov 2023 14:49:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6548fd00-3c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FHj9lMQVFXov%2FnQBs1Mm%2FKV89ObmqCnTxUVU99xIiAMfObopqOYzlH6bB6Bo9RQLnTsVwqJrUL94n1a4PfQp4PXcHGup0PaqDvl0G1L9TlcL6UpBBHhu1S3NbhqaTI0s6tLgEqgnqJZ%2BBGl0OFq%2BLO6D1%2FICNVaSY4lgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 83d3fe65f99f39c4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 settings Show response
notix.io/ 106 B
369 B 44ms
44ms Fetch
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0&ver=0.16.3

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 18:09:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 106

POST
H2 200 event
notix.io/ 15 B
277 B 18ms
16ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Dec 2023 18:09:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 62ms
17ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.aiprocessingonline.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 29 Dec 2023 18:09:22 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
277 B 19ms
17ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Dec 2023 18:09:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 18ms
17ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.aiprocessingonline.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 29 Dec 2023 18:09:22 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
277 B 19ms
18ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Dec 2023 18:09:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 18ms
17ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.aiprocessingonline.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 29 Dec 2023 18:09:22 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
277 B 24ms
23ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Dec 2023 18:09:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ 0
0 18ms
18ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.aiprocessingonline.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://secure.aiprocessingonline.xyz
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 29 Dec 2023 18:09:22 GMT
server: nginx

GET
H2

200

Primary Request /
www.mcafee.com/
Redirect Chain

https://app.logictree.co/click?country=DE
https://fzscg.gobestlinkoffer.com/o/KNBHUYKC/?kw=&s2=dookr9ljul2m723uit33gp3i&country=DE
https://www.mcafee.com/

16 KB
0

4780ms
123ms

Document
text/html

104.70.95.190

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mcafee.com/

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://pam.mcafee.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY SAMEORIGIN

Request headers

Referer: https://secure.aiprocessingonline.xyz/lp/load/1b/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.19 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache
content-encoding: gzip
content-security-policy: frame-ancestors https://pam.mcafee.com
content-type: text/html;charset=utf-8
date: Fri, 29 Dec 2023 18:09:29 GMT
expires: Fri, 29 Dec 2023 18:09:29 GMT
last-modified: Fri, 29 Dec 2023 02:42:02 GMT
link: <https://media.mcafeeassets.com>;rel="preconnect",<https://www.surveycarrot.com>;rel="preconnect",<https://mcafeeinc.demdex.net>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect",<https://tags.tiqcdn.com>;rel="preconnect"
pragma: no-cache
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1703873369585_3245104775_2038477_51_11483_15_61_255";dur=1
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY SAMEORIGIN
x-served-by: cache-chi-klot8100025-CHI
x-sky-isauth: 0
x-timer: S1703817722.436079,VS0,VS0,VE1391
x-vhost: publish-mcafee

Redirect headers

content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
date: Fri, 29 Dec 2023 18:09:24 GMT
location: https://www.mcafee.com
server: swoole-http-server
strict-transport-security: max-age=15768000
x-redir: true

GET theme-consumer-default.lc-ae88ff243c4f5db82d6558d98bf28134-lc.min.css
media.mcafeeassets.com/etc.clientlibs/ecom-aemcs-frontend/npcld/themes/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media.mcafeeassets.com
URL: https://media.mcafeeassets.com/etc.clientlibs/ecom-aemcs-frontend/npcld/themes/theme-consumer-default.lc-ae88ff243c4f5db82d6558d98bf28134-lc.min.css

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hereisaffslink.com/	1969-12-31 23:59:59	Name: sid Value: LWFZAAtUXoZgYeUZ7tfmh6WAc2fz0tXZ0fhUPF9p+hGIDIc1ohUDSw==
.hereisaffslink.com/	1970-01-21 02:53:53	Name: trk Value: qUmjzL4dmTfHjjBUgVzRdqWAc2fz0tXZ0fhUPF9p+hGIDIc1ohUDSw==
.app.logictree.co/	1970-01-20 17:19:19	Name: cep-v4 Value: RU7lU6gxKtM_ylqVluSgxnHX8j02APPr3GU9DSKj2bZ2aMKn4tNEv_GSAVNe7RCHqd8qnaHjiGPIAgVmWMG1oodHPldYCovPxqf_oDHLpMp6SzHVrJcZ5Xm-CXeULTT-uSswW1dJsSjyc7GRNusd83lo6YXixeWh1GakFeWGLs5vGW9dE30_BSeRnfdnTQolCGIAkJ-mZX8og4nc0TZArAl03h4s9qjXlHRHJ5r7aOGrUYy2W5JsHvKLyi272MuyS6nwvF7qA0ODtjIFKAtMMiFsZHr7xYBFbl4gP4ex5Ie4z9XdsDeYUahJfPDPq68FdyJVs9o8GJ1XDqYRs39X0fteIwcyo1xTI73jvJb_325Kz2aTOdmKudLm2vjF0i5MRgWJ9pb-MdM63sJgQ5BEeITFgcxGTkHMqvXQM8SliUDUlIUCONUi66OtYqbuTVVi
secure.aiprocessingonline.xyz/	1970-01-20 17:19:19	Name: vl-cep Value: cep=0muWgZK_D8G7q1NTImhBor2pLf_634RnTTV5O92Fp1ttVzdYE8hF2INNd6tQm7kMoB9RSH_neHAjQfd3LuVwx4vhZkFlMySr8qRhb-IsUgHZzNQFtj33XXSKD3hHFS1OTmQDIlxjc1lPqVjNn4D6-L17MFCPbtB1rjmtvja26fSCFA_lDlpP84jQZC8qRgXAugT8flhOc1meBRmKN6jjMUE_trnD3nseizpehcrpFqf9Wfpkim3QUd9IMXMM7sLSiL0G8yzSqhlIQ9RptFOTDKA2CflD2nL5nhyQiVTQq2gJ5yJ8RbK6k5I9xJMEEi-coDcZr6vGvTbVjFX2ToAGuoHiPqK_qg_Pw116-gDDY9QbAtwGFYzU_q6TunyOx-M2khVgw7ifu83ZTjRLqJiNbIk7XaMwNlKb_yp3A8yhOxSLy8_dfQ37LliMNFuGGA4h
.app.logictree.co/	1970-01-21 02:03:29	Name: cc-v4 Value: jgJoO%2FNg0Anfcpo9SEjzs2lDHw4fZ9sEYDVq8aiL2y0CvzAExpjZxQJzoTgs9hxtg1g1m20gvc7YLZz8z2Imcic%2FHOeH5bGv6ECJ3F04oNVl10lB5nQ0qX672%2FMBrvpBBiBEbGLXwZBszR7T350Z5w%3D%3D
.app.logictree.co/	1970-01-20 17:19:19	Name: 10678c66-507a-4351-948f-6b66ce631461-clk-v4 Value: 10678c66-507a-4351-948f-6b66ce631461
.app.logictree.co/	1970-01-20 17:19:19	Name: 10678c66-507a-4351-948f-6b66ce631461-v4 Value: pTbKjgRSp-a-nXVtDNcvgY7TC7tmsHXfICqtoSyNiZ0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apidata.info
app.logictree.co
fzscg.gobestlinkoffer.com
gr01.net
hereisaffslink.com
media.mcafeeassets.com
notix.io
secure.aiprocessingonline.xyz
www.mcafee.com
media.mcafeeassets.com
104.70.95.190
139.45.240.92
154.16.205.60
18.158.88.249
2a00:1450:4001:812::200a
2a06:98c1:3120::3
52.213.180.200
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814
1372d0bceeda2b148d6e8a830cce88c6cf90c80809569170b1bf78811307805e
19a40dd78eead1d31bc9400854687c587c6f622911d3dbb2ac70d19625efae60
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2d6e67da11f377d796b8eb279915f686b3003c7f7f4aa8d54ef2d3d14f1b66fa
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
4b12aab689167d4ac840e99269fc5281a162e554f66b470217e5ac865404dee0
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531
e66dfe019c0869d186977e6536c989ec5694e91f7383c3148824e9fac0857811
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
f59a0643be02779db9902e4db88d29594be31f7a307ca0a873ef371c39728b4f

www.mcafee.com Open in urlscan Pro 104.70.95.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

29 %IPv6

10 Domains

10 Subdomains

6 IPs

4 Countries

228 kBTransfer

412 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

7 Cookies

Indicators

www.mcafee.com Open in urlscan Pro
104.70.95.190 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

29 %
IPv6

10
Domains

10
Subdomains

6
IPs

4
Countries

228 kB
Transfer

412 kB
Size

7
Cookies

24 HTTP transactions
0 data transactions