urlscan.io logo urlscan.io
SecurityTrails logo

ww2.workwithtarver.com Open in urlscan Pro
64.190.63.136  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/
Effective URL: https://ww2.workwithtarver.com/
Submission: On February 06 via api from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 12 domains to perform 13 HTTP transactions. The main IP is 64.190.63.136, located in Germany and belongs to SEDO-AS SEDO GmbH, DE. The main domain is ww2.workwithtarver.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on November 16th 2024. Valid for: a year.
This is the only time ww2.workwithtarver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.233.219.123 63949 (AKAMAI-LI...)
1 1 172.233.219.78 63949 (AKAMAI-LI...)
1 1 172.233.219.49 63949 (AKAMAI-LI...)
1 1 104.248.224.96 14061 (DIGITALOC...)
1 1 198.211.113.186 14061 (DIGITALOC...)
1 2 52.71.131.42 14618 (AMAZON-AES)
1 2 5.161.89.212 213230 (HETZNER-C...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 64.225.91.73 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 64.190.63.136 47846 (SEDO-AS S...)
1 205.234.175.175 30081 (CACHENETW...)
13 8
1    172.233.219.123 (Chicago, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: viridian02.parklogic.com
sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com
1    172.233.219.78 (Chicago, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: viridian03.parklogic.com
arbynaturaltraffic.com
1    172.233.219.49 (Chicago, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: viridian01.parklogic.com
ww56.arbynaturaltraffic.com
1    104.248.224.96 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
www.toroexoclk.com
1    198.211.113.186 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
redir.blowingwind.xyz
2    52.71.131.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-131-42.compute-1.amazonaws.com
winfr-wtc.com
ernus-dop.com
2    5.161.89.212 (United States)

ASN213230 (HETZNER-CLOUD2-AS Hetzner Online GmbH, DE)
PTR: us-psh2.1push.io
so-gre8.net
1    2606:4700::6812:b88 (United States)

ASN13335 (CLOUDFLARENET, US)
user-agent.trafficdecisions.com
4    2606:4700::6812:f0e (United States)

ASN13335 (CLOUDFLARENET, US)
go.c0nect.com
2    64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
workwithtarver.com
1    2606:4700::6812:1b2d (United States)

ASN13335 (CLOUDFLARENET, US)
domaincntrol.com
2    64.190.63.136 (Germany)

ASN47846 (SEDO-AS SEDO GmbH, DE)
ww2.workwithtarver.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
img.sedoparking.com
Apex Domain
Subdomains		 Transfer
4 workwithtarver.com
workwithtarver.com
ww2.workwithtarver.com
10 KB
4 c0nect.com
go.c0nect.com — Cisco Umbrella Rank: 294336
1 KB
2 so-gre8.net
so-gre8.net — Cisco Umbrella Rank: 47923
35 KB
2 arbynaturaltraffic.com
arbynaturaltraffic.com
ww56.arbynaturaltraffic.com
3 KB
1 sedoparking.com
img.sedoparking.com — Cisco Umbrella Rank: 76162
15 KB
1 domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 332276
548 B
1 trafficdecisions.com
user-agent.trafficdecisions.com — Cisco Umbrella Rank: 310657
570 B
1 ernus-dop.com
ernus-dop.com — Cisco Umbrella Rank: 251541
663 B
1 winfr-wtc.com
winfr-wtc.com — Cisco Umbrella Rank: 330413
3 KB
1 blowingwind.xyz
redir.blowingwind.xyz — Cisco Umbrella Rank: 750826
481 B
1 toroexoclk.com
www.toroexoclk.com — Cisco Umbrella Rank: 111527
1 KB
1 h4athylivingdirect.com
sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com
329 B
13 12
Domain Requested by
4 go.c0nect.com
2 ww2.workwithtarver.com workwithtarver.com
ww2.workwithtarver.com
2 workwithtarver.com
2 so-gre8.net 1 redirects winfr-wtc.com
1 img.sedoparking.com
1 domaincntrol.com workwithtarver.com
1 user-agent.trafficdecisions.com 1 redirects
1 ernus-dop.com 1 redirects
1 winfr-wtc.com
1 redir.blowingwind.xyz 1 redirects
1 www.toroexoclk.com 1 redirects
1 ww56.arbynaturaltraffic.com 1 redirects
1 arbynaturaltraffic.com 1 redirects
1 sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com 1 redirects
13 14

This site contains links to these domains. Also see Links.

Domain
www.sedo.com
Subject Issuer Validity Valid
zeropark.com
Amazon RSA 2048 M02		 2024-06-11 -
2025-07-09		 a year crt.sh
so-gre8.net
R10		 2024-11-28 -
2025-02-26		 3 months crt.sh
c0nect.com
WE1		 2025-02-03 -
2025-05-04		 3 months crt.sh
workwithtarver.com
E5		 2024-12-24 -
2025-03-24		 3 months crt.sh
domaincntrol.com
WE1		 2025-01-17 -
2025-04-17		 3 months crt.sh
ww2.workwithtarver.com
Encryption Everywhere DV TLS CA - G2		 2024-11-16 -
2025-11-16		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2024-11-12 -
2025-12-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ww2.workwithtarver.com/
Frame ID: 698889DE467EB3D7F3FD51AFFE181C8B
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

workwithtarver.com - workwithtarver Resources and Information.

Page URL History Show full URLs

  1. http://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/ HTTP 307
    https://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/ HTTP 302
    http://arbynaturaltraffic.com/ HTTP 307
    https://arbynaturaltraffic.com/ HTTP 302
    http://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83 HTTP 307
    https://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83 HTTP 302
    https://www.toroexoclk.com/feed/click/?t1=128&tid=760&uid=192&subid=arbynaturaltraffic.com&id=83b31f805... HTTP 302
    https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_arbynaturaltraffic.com&id=d50784e... HTTP 302
    http://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad... HTTP 307
    https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad... Page URL
  2. https://ernus-dop.com/zclkredirect?visitid=53f92382-e439-11ef-acaa-12ab65286ed7&type=js&browserWid... HTTP 302
    https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6v... Page URL
  3. https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6v... HTTP 302
    https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
    https://go.c0nect.com/?t=3 Page URL
  4. https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1738812036995&8s4n53_domain=http://workw... Page URL
  5. http://workwithtarver.com/?utm_source=google HTTP 307
    https://workwithtarver.com/?utm_source=google Page URL
  6. http://ww2.workwithtarver.com/ HTTP 307
    https://ww2.workwithtarver.com/ Page URL

Page Statistics

13
Requests

85 %
HTTPS

23 %
IPv6

12
Domains

14
Subdomains

8
IPs

2
Countries

65 kB
Transfer

162 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/ HTTP 307
    https://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/ HTTP 302
    http://arbynaturaltraffic.com/ HTTP 307
    https://arbynaturaltraffic.com/ HTTP 302
    http://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83 HTTP 307
    https://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83 HTTP 302
    https://www.toroexoclk.com/feed/click/?t1=128&tid=760&uid=192&subid=arbynaturaltraffic.com&id=83b31f805a9299e45c9e3540bae80b08:9d55ddb2387f856aeb46866094b200798f4054213e8681968f4d5dd872d3a613c748580bfd62dbabe5dd7d3a574130fa14208478c306f78c6e40d3e1485a7ffd5fa07b979d76c6bded745867916ec117f28af8a139f463497c486e9b9b632f2bee451c15a32857d295a821bb86a351ae30f383384afacc1e8ab1ed15ef09c7cd2b2dc5d59e867a9b901f0366f7c775e5f3cb652238f13b30575a996e2fae1d88d97129a529f5fcf13fab0123495b3af44ceb2ed2d0800f3b86245be9346dd39e50d0c137fca3ad6027ce3ac12a74ac0ae80a894c8c60fac6ab0e73750cbfaf9c06ed1122d370b6d83476716e3459bca4374f93b480296946e7c639673b73205e0bc98201d6bb0ab781936d1ad01acc7bfe7cc6e320d114eafebc920cc806fe5f5a2606691ef9983d9f9ad912a68a6360443699a66fa495cf49b631c69535be2259a37713a05530cd141514dd4847dc6f20f40a3adaf474aa4e48716301362240ebd2b1f8b0c2f04f889f63c724bc4adcf78ce13b59cf1cfed18f94d7a69716b215652c87be736f629b7766f30811952750aa6d65b4079648b23181390867cf03d78d9feb4303d5e3aeb9d9e4465645504f179b0259d27feeff2941561a1a7e82cd7379a6bb018823a31a8ea06e2754c8346bc4b88fa838eeaf94a318a742e1c324e3da70a952e4fb658fc934d1b45a36779adaaf783a3a59a6b1a62cd648f24400706421ed8e2570833faa5e9ea44f45449e65302b93b43f9ec84068ff9445042471ee67b197fdd89ed8e856f65c12e72e4938f66219bcbb218d3b519f3b86d41f09b8d95cce1d93fa16cb31bd054c7810f9fba4418419c6da187def9cec461a8a9934c141fabce318e658c405468563da804f332e4035d5ca58b2f478747fd42bdb9f540f3ae39679ffd0ba61d73d1ecdd12496ead09dfe4eeb9fd46aeb6e6b2b0a9d0072e0d8a8464c471175d6127e8d62463abd964b18448d218b381bddaf1519427f0d38b3a0ad1fa422c57ddfc5d9436810e0eab85d169a7eb21a7d09453161dcb7c5d3ad60142405b9c796d56253918d7c7e83aad75efcdf13a9e2701af4a8842e43224f7c7bb61874d2e9ed2a6b7bbf1e0cd9c7bfd71b000114180c97716c0238066b6f8680ffb47e7cabe9c839cfcd77d91a631f76e4d4c5ea5c4ccad375563bb1aadecc375f7c1a45c7685c04dc63e17b26a227e572277b3ebd60a1901ec2eeff17816a28111fcae75ad315bcc95d225cdcda9a4ae6012d54654214d960e4a6b5431e20d22d7921e8d6be09c281d006877ea1decf6ffcb5818879e307a11efb1787e519dfc5af29790747c4f2f01863859a1fa49fb46c94bee021495d63cfa6473d0e8c4d718a7e71a9aa509152ebd56ce3fc1f0dbb3ecce126f4779cc2a842d68e47a089f0f80f08c433dd6b9e1a9542f4924d6ff6be69cb3e3a1cd26b662f01a29efe6f69d79d458b317804a52c6439920eaab046af75a247c6bb8f392c5583724bcd6667a3d8f993be08c22a76896ed24485f226b34f157e3f2d813ccead394d92075daefbc5330a418576790db480e5f98f1b9b392f3124e3026933ea25da2ebadfc41ef4f7bd9c0a0ef846b0259c362e69f52f23e13b8ca4d818a1a7d4468ec05e665039d142a6714604c2e23d53a94e9e82984c785078ddec08b2750f30f5dc7b3f8b918de105e385c2bb07dcdb7d667711867ea1295c89e58f1c4333102843549963673dda5ef25024a34bfdfd68e86fc1ef6e654d9771d95bfbc8f4d19ce24e839e2cc213645d47ca423b01bd2a3382aa39043fae2998d3d35f319dd13b19cd55b0fcc62676761382adc22c1de625347085e1a766151f67a1f7bba5dfc4478a09c2d3a8ce02ca533413b2e20085f79435b462857604cdf9d90480afc6a929da01648812c8c94acf8ab06dcb4b7b50c8767d1bf777fc1a87 HTTP 302
    https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_arbynaturaltraffic.com&id=d50784efe258a95e104f7b58171bcf05:9c897b0bf673f47d72a27bc4199fb05a4ac59966c0aa98351ab4b43346be0d2d289c49b78c63f862d18438eb00e066ef43e7df024ab2c84dc696e88804dc9ba38f98826450a437092d5406cee72031a83177461ff6f7c3d737269d6526f3ba6f84addb161cde870d1b3ecd7bd5a11c767f474d20cfcc6a90870816a3d2d04cdc326fc0fcbc0842080b4d5bc1e891b5b2579fd602f56b5ac066a6aa56b440368235db2248a72bf4665c4555e604329ff46068eb3e376e64d7cda6837d163700633a50d1b486d7e04896e0ae39eecd30e31db2fb01c3dc6b48b1cda96ece30fee8c14379c35445b8a998cf00c1bded6a72f8f9bde2704d84ec9444f288d9c8a55433cb187ff8f8d8e1d1dd870b5e0b51ba4d6b9fbef1ee5e7f3c703d3bd028eb06565ecfcf7fc39086dd4788d17f5b25a904e5c97735cf2b3ac993e291c1d081c09d6519ac1cabc56bae2e05f10f9e734a42e3d11c90a26624923027d17acb3972b58c01538b0e1d3bd04ac3e371b319262df9f306546607793b58c617e701fd2a695801f9380a542e4c50a514522e1bd593b6ececdcf5224c79b72432278701c7f5c3ee6cc22edc362820352a6fd4391146b532d602cb883942b560157717aaf50d257e09526d3f771f32bfc55e17dda6 HTTP 302
    http://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7 HTTP 307
    https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7 Page URL
  2. https://ernus-dop.com/zclkredirect?visitid=53f92382-e439-11ef-acaa-12ab65286ed7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw Page URL
  3. https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw?&fid=465644810 HTTP 302
    https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
    https://go.c0nect.com/?t=3 Page URL
  4. https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1738812036995&8s4n53_domain=http://workwithtarver.com?utm_source=google Page URL
  5. http://workwithtarver.com/?utm_source=google HTTP 307
    https://workwithtarver.com/?utm_source=google Page URL
  6. http://ww2.workwithtarver.com/ HTTP 307
    https://ww2.workwithtarver.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/ HTTP 307
  • https://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/ HTTP 302
  • http://arbynaturaltraffic.com/ HTTP 307
  • https://arbynaturaltraffic.com/ HTTP 302
  • http://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83 HTTP 307
  • https://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83 HTTP 302
  • https://www.toroexoclk.com/feed/click/?t1=128&tid=760&uid=192&subid=arbynaturaltraffic.com&id=83b31f805a9299e45c9e3540bae80b08:9d55ddb2387f856aeb46866094b200798f4054213e8681968f4d5dd872d3a613c748580bfd62dbabe5dd7d3a574130fa14208478c306f78c6e40d3e1485a7ffd5fa07b979d76c6bded745867916ec117f28af8a139f463497c486e9b9b632f2bee451c15a32857d295a821bb86a351ae30f383384afacc1e8ab1ed15ef09c7cd2b2dc5d59e867a9b901f0366f7c775e5f3cb652238f13b30575a996e2fae1d88d97129a529f5fcf13fab0123495b3af44ceb2ed2d0800f3b86245be9346dd39e50d0c137fca3ad6027ce3ac12a74ac0ae80a894c8c60fac6ab0e73750cbfaf9c06ed1122d370b6d83476716e3459bca4374f93b480296946e7c639673b73205e0bc98201d6bb0ab781936d1ad01acc7bfe7cc6e320d114eafebc920cc806fe5f5a2606691ef9983d9f9ad912a68a6360443699a66fa495cf49b631c69535be2259a37713a05530cd141514dd4847dc6f20f40a3adaf474aa4e48716301362240ebd2b1f8b0c2f04f889f63c724bc4adcf78ce13b59cf1cfed18f94d7a69716b215652c87be736f629b7766f30811952750aa6d65b4079648b23181390867cf03d78d9feb4303d5e3aeb9d9e4465645504f179b0259d27feeff2941561a1a7e82cd7379a6bb018823a31a8ea06e2754c8346bc4b88fa838eeaf94a318a742e1c324e3da70a952e4fb658fc934d1b45a36779adaaf783a3a59a6b1a62cd648f24400706421ed8e2570833faa5e9ea44f45449e65302b93b43f9ec84068ff9445042471ee67b197fdd89ed8e856f65c12e72e4938f66219bcbb218d3b519f3b86d41f09b8d95cce1d93fa16cb31bd054c7810f9fba4418419c6da187def9cec461a8a9934c141fabce318e658c405468563da804f332e4035d5ca58b2f478747fd42bdb9f540f3ae39679ffd0ba61d73d1ecdd12496ead09dfe4eeb9fd46aeb6e6b2b0a9d0072e0d8a8464c471175d6127e8d62463abd964b18448d218b381bddaf1519427f0d38b3a0ad1fa422c57ddfc5d9436810e0eab85d169a7eb21a7d09453161dcb7c5d3ad60142405b9c796d56253918d7c7e83aad75efcdf13a9e2701af4a8842e43224f7c7bb61874d2e9ed2a6b7bbf1e0cd9c7bfd71b000114180c97716c0238066b6f8680ffb47e7cabe9c839cfcd77d91a631f76e4d4c5ea5c4ccad375563bb1aadecc375f7c1a45c7685c04dc63e17b26a227e572277b3ebd60a1901ec2eeff17816a28111fcae75ad315bcc95d225cdcda9a4ae6012d54654214d960e4a6b5431e20d22d7921e8d6be09c281d006877ea1decf6ffcb5818879e307a11efb1787e519dfc5af29790747c4f2f01863859a1fa49fb46c94bee021495d63cfa6473d0e8c4d718a7e71a9aa509152ebd56ce3fc1f0dbb3ecce126f4779cc2a842d68e47a089f0f80f08c433dd6b9e1a9542f4924d6ff6be69cb3e3a1cd26b662f01a29efe6f69d79d458b317804a52c6439920eaab046af75a247c6bb8f392c5583724bcd6667a3d8f993be08c22a76896ed24485f226b34f157e3f2d813ccead394d92075daefbc5330a418576790db480e5f98f1b9b392f3124e3026933ea25da2ebadfc41ef4f7bd9c0a0ef846b0259c362e69f52f23e13b8ca4d818a1a7d4468ec05e665039d142a6714604c2e23d53a94e9e82984c785078ddec08b2750f30f5dc7b3f8b918de105e385c2bb07dcdb7d667711867ea1295c89e58f1c4333102843549963673dda5ef25024a34bfdfd68e86fc1ef6e654d9771d95bfbc8f4d19ce24e839e2cc213645d47ca423b01bd2a3382aa39043fae2998d3d35f319dd13b19cd55b0fcc62676761382adc22c1de625347085e1a766151f67a1f7bba5dfc4478a09c2d3a8ce02ca533413b2e20085f79435b462857604cdf9d90480afc6a929da01648812c8c94acf8ab06dcb4b7b50c8767d1bf777fc1a87 HTTP 302
  • https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_arbynaturaltraffic.com&id=d50784efe258a95e104f7b58171bcf05:9c897b0bf673f47d72a27bc4199fb05a4ac59966c0aa98351ab4b43346be0d2d289c49b78c63f862d18438eb00e066ef43e7df024ab2c84dc696e88804dc9ba38f98826450a437092d5406cee72031a83177461ff6f7c3d737269d6526f3ba6f84addb161cde870d1b3ecd7bd5a11c767f474d20cfcc6a90870816a3d2d04cdc326fc0fcbc0842080b4d5bc1e891b5b2579fd602f56b5ac066a6aa56b440368235db2248a72bf4665c4555e604329ff46068eb3e376e64d7cda6837d163700633a50d1b486d7e04896e0ae39eecd30e31db2fb01c3dc6b48b1cda96ece30fee8c14379c35445b8a998cf00c1bded6a72f8f9bde2704d84ec9444f288d9c8a55433cb187ff8f8d8e1d1dd870b5e0b51ba4d6b9fbef1ee5e7f3c703d3bd028eb06565ecfcf7fc39086dd4788d17f5b25a904e5c97735cf2b3ac993e291c1d081c09d6519ac1cabc56bae2e05f10f9e734a42e3d11c90a26624923027d17acb3972b58c01538b0e1d3bd04ac3e371b319262df9f306546607793b58c617e701fd2a695801f9380a542e4c50a514522e1bd593b6ececdcf5224c79b72432278701c7f5c3ee6cc22edc362820352a6fd4391146b532d602cb883942b560157717aaf50d257e09526d3f771f32bfc55e17dda6 HTTP 302
  • http://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7 HTTP 307
  • https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
Request Chain 1
  • https://ernus-dop.com/zclkredirect?visitid=53f92382-e439-11ef-acaa-12ab65286ed7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw
Request Chain 3
  • https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw?&fid=465644810 HTTP 302
  • https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
  • https://go.c0nect.com/?t=3
Request Chain 6
  • http://workwithtarver.com/?utm_source=google HTTP 307
  • https://workwithtarver.com/?utm_source=google

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cfcdab84-dabd-11ed-962d-0ad412f815c1
winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/
Redirect Chain
  • http://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/
  • https://sbermarket.sberbank.ozon-api.avito.avito.blablacar.blablacar.3hkd3tpilg85n5lr4jiod8z26ckz4y9v.h4athylivingdirect.com/
  • http://arbynaturaltraffic.com/
  • https://arbynaturaltraffic.com/
  • http://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83
  • https://ww56.arbynaturaltraffic.com/?usid=101&utid=6b4764b8f57794cb44b3eb1045671b83
  • https://www.toroexoclk.com/feed/click/?t1=128&tid=760&uid=192&subid=arbynaturaltraffic.com&id=83b31f805a9299e45c9e3540bae80b08:9d55ddb2387f856aeb46866094b200798f4054213e8681968f4d5dd872d3a613c74858...
  • https://redir.blowingwind.xyz/feed/click/?t1=128&tid=88&uid=59&subid=760_arbynaturaltraffic.com&id=d50784efe258a95e104f7b58171bcf05:9c897b0bf673f47d72a27bc4199fb05a4ac59966c0aa98351ab4b43346be0d2d2...
  • http://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
  • https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.131.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-131-42.compute-1.amazonaws.com
Software
/
Resource Hash
5b5b60bd4390565765c3c70f109d45b485414fee834da79728d2cd11a0f14f74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 06 Feb 2025 03:20:35 GMT

Redirect headers

Location
https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
Non-Authoritative-Reason
HttpsUpgrades
dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8...
so-gre8.net/r/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=53f92382-e439-11ef-acaa-12ab65286ed7&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWpr...
85 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw
Requested by
Host: winfr-wtc.com
URL: https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.89.212 , United States, ASN213230 (HETZNER-CLOUD2-AS Hetzner Online GmbH, DE),
Reverse DNS
us-psh2.1push.io
Software
Angie /
Resource Hash
e2e7256118318b6b0500be28ef76d8632482c863269ac1f26269d645fb78b47c

Request headers

Referer
https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 06 Feb 2025 03:20:36 GMT
link
<https://user-agent.trafficdecisions.com>; rel="dns-prefetch preconnect"
server
Angie

Redirect headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
date
Thu, 06 Feb 2025 03:20:35 GMT
location
https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw
favicon.ico
so-gre8.net/ 		0
0
/
go.c0nect.com/
Redirect Chain
  • https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWpr...
  • https://user-agent.trafficdecisions.com/okay/?d=okay&t=2
  • https://go.c0nect.com/?t=3
798 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/?t=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d6820bd31f6219e72d7d47ff9b8619ca3678e53e2b3b56ea48f03866b6d86b3

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
90d8015f2ac74321-EWR
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 06 Feb 2025 03:20:37 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
90d8015d6ffd7c82-EWR
content-length
143
content-type
text/html
date
Thu, 06 Feb 2025 03:20:36 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://go.c0nect.com/?t=3
server
cloudflare
vary
Accept-Encoding
favicon.ico
go.c0nect.com/ 		5 B
159 B 		Other
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
90d801601c344321-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
5
date
Thu, 06 Feb 2025 03:20:37 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
/
go.c0nect.com/ 		395 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1738812036995&8s4n53_domain=http://workwithtarver.com?utm_source=google
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
90d80160dd554321-EWR
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 06 Feb 2025 03:20:37 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
/
workwithtarver.com/
Redirect Chain
  • http://workwithtarver.com/?utm_source=google
  • https://workwithtarver.com/?utm_source=google
593 B
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://workwithtarver.com/?utm_source=google
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Referer
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1738812036995&8s4n53_domain=http://workwithtarver.com?utm_source=google
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 06 Feb 2025 03:20:37 GMT
ETag
W/"63f68860-251"
Last-Modified
Wed, 22 Feb 2023 21:25:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://workwithtarver.com/?utm_source=google
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
go.c0nect.com/ 		5 B
159 B 		Other
General
Check archive.org
Download Go to
Full URL
https://go.c0nect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:f0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
90d801616e304321-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
5
date
Thu, 06 Feb 2025 03:20:37 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
/
domaincntrol.com/ 		31 B
548 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://domaincntrol.com/?orighost=https://workwithtarver.com/?utm_source=google
Requested by
Host: workwithtarver.com
URL: https://workwithtarver.com/?utm_source=google
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://workwithtarver.com/

Response headers

x_details
{"destination":"sedo","orighost":"workwithtarver.com","type":"arb","finalurl":"http://ww2.workwithtarver.com","browser":"chrome","os":"linux","country":"US","device":"desktop","isbot":false,"botscore":46}
cf-ray
90d80165ed8d4393-EWR
access-control-allow-origin
*
content-length
31
date
Thu, 06 Feb 2025 03:20:38 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
favicon.ico
workwithtarver.com/ 		593 B
606 B 		Other
General
Check archive.org
Download Go to
Full URL
https://workwithtarver.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://workwithtarver.com/?utm_source=google

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"63f68860-251"
Connection
keep-alive
Date
Thu, 06 Feb 2025 03:20:37 GMT
Content-Type
text/html
Last-Modified
Wed, 22 Feb 2023 21:25:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Primary Request /
ww2.workwithtarver.com/
Redirect Chain
  • http://ww2.workwithtarver.com/
  • https://ww2.workwithtarver.com/
58 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww2.workwithtarver.com/
Requested by
Host: workwithtarver.com
URL: https://workwithtarver.com/?utm_source=google
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash
2a1e0791ed54b3ec8b5077788099d1e837bd0d1904edddfe8f07a8bde722beb3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 06 Feb 2025 03:20:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 06 Feb 2025 03:20:38 GMT
pragma
no-cache
server
Parking/1.0
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_0Kv5Q9hRe+uDpn+bBJD+vwQ3rHpmv4YEnnBs62uMCgeC4yyLWyKu6aDGB3EZDAQcF6GPYLptJclnqOXQfV/Oig==
x-cache-miss-from
parking-759f8f6b6-rj978

Redirect headers

Location
https://ww2.workwithtarver.com/
Non-Authoritative-Reason
HttpsUpgrades
tsc.php
ww2.workwithtarver.com/search/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww2.workwithtarver.com/search/tsc.php?ses=ogcYPYyRTBIVseBLyDv-V3uEsexw1wRgy5uvecyePZI7eKLut7lPa8Ayt4HP3eSo10l1sZUnb_RbRw86j0Hsq37m0iEkfVYiJdE9EeXtjcSMFc7qxRAhMoHV2ONt1Bk6nKWAlpBI_0aapK53tIhTHaRxk8HchPV1QIe56ELPtOxPa7qL_qqbWa9uQkkNVbTeWhpoDhiH8lzzkZkmD5tO-X8o1fYjDGSFbCNjMCEjtsNjpfQWhwYo6LN0U-Hb0eiM8Ei6EqK2W46FH6Ij2iAwfAkvH1ydfhJBkyFsN3qlxy1lfiavejOZjndpeuD2Or6DpwSPyeTndtKZe2ZrKtKL6qNyF4YlXCFgUaRwvOJTMW7wOk32xSjZHrdeoQLkzY1&cv=2
Requested by
Host: ww2.workwithtarver.com
URL: https://ww2.workwithtarver.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://ww2.workwithtarver.com/

Response headers

x-cache-miss-from
parking-759f8f6b6-jwq5r
content-length
0
date
Thu, 06 Feb 2025 03:20:41 GMT
content-type
text/html; charset=UTF-8
server
Parking/1.0
sedo_logo.png
img.sedoparking.com/templates/logos/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://img.sedoparking.com/templates/logos/sedo_logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer
https://ww2.workwithtarver.com/

Response headers

x-cf-rand
7.161
x-cf2
H
expires
Thu, 13 Feb 2025 03:20:41 GMT
x-cf1
11696:fB.ewr1:cf:nom:cacheN.ewr1-01:H
date
Thu, 06 Feb 2025 03:20:41 GMT
cf4ttl
31536000.000
content-type
image/png
x-cff
B
last-modified
Mon, 11 Jan 2021 07:44:34 GMT
x-cf-reqid
85ba6a15a02abcb90f328fa5e21ba5a2
cf4age
2354427
cache-control
max-age=604800
x-cf3
H
accept-ranges
bytes
access-control-allow-origin
*
content-length
15086
x-cfhash
"def00c11b1596db4efee6a9fbe64fc27"
x-cf-tsc
1684184564
server
CFS 0215

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
so-gre8.net
URL
https://so-gre8.net/favicon.ico

Verdicts & Comments Add Verdict or Comment

3 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| dto function| tscCall function| isFacebookCookieSet

2 Cookies

Domain/Path Name / Value
.trafficdecisions.com/ Name: __cf_bm
Value: HtvWSbVdOxd30dgLa_bR2aYac0wNXM6J33Sk.H8QY2s-1738812036-1.0.1.1-Wt7rqVbQQG8pa0.luw6yr06ownzu_dc_tcXHtlI46L_KwfWADAg_QpV52BSyay1WKcaV0Pne72ZP4dfvG9BQow
.c0nect.com/ Name: __cf_bm
Value: lXjCqmXsKNfna8bnp2hwQejJkmcHXBbA6.yRK4ZtXog-1738812037-1.0.1.1-mg.SgVfMSsLPml5JmKpG3UTnIvuFpBZdBtOFUAwSn9AYVjJFUtrO604Uk9TiJg_LDZ58y7aoY4MfzYR7BJYCVQ

2 Console Messages

Source Level URL
Text
rendering warning URL: https://winfr-wtc.com/zclkvisitor/53f92382-e439-11ef-acaa-12ab65286ed7/cfcdab84-dabd-11ed-962d-0ad412f815c1?campaignid=54090205-e439-11ef-acaa-12ab65286ed7
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A090B806AC090000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://so-gre8.net/r/dQQ4jp3Sz8zeyImdI0t-RXKB16hoWmTf-tG4FG3-ZW4IvLJd1DeKKYWY-I9lKD9RykT6s3Ib6vQKpMbIh5A3vMsTX-ltyKCVb_FOimeYN169xZZ2rX3IGaOR-XjFvcL3iBaYQEP2dyiupq26i5OU8WR4hLXVQ9CQQSa1H2PZz_YwWprGaNXv01ldSvbraa9Rwx0K8lGNJlrEuXeXNMjZD5LLXYR766MzFsbnkn2G73zW6CM6eqNrN9TdCbz5UPEbyHlD-HDy4ZODb5BtDebb8_70NmsUyKYZXmTA7858bklwP0oFgD0AVYRr6UKPM9oV29r0PwCakCFmIkxCAQXvCOUz6ceuwSkHEhdv__kWiWJq1eySzlRN-T30GalNgu4in50d1MAJsB0CbARUAGMlcsTWB3foMFMksiPC9HHDLz3pi3y9AJsbGs-VS6tiG7c7IjNclsTF54kP3dP8H9tQXXUk7UNP7ckxaf8Vfw(Line 31)
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A030B806AC090000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'