urlscan.io logo urlscan.io
SecurityTrails logo

122208dat.giveawy.click Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR...
Effective URL: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrB...
Submission Tags: falconsandbox
Submission: On March 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 7 countries across 25 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 122208dat.giveawy.click.
TLS certificate: Issued by GTS CA 1P5 on February 6th 2023. Valid for: 3 months.
This is the only time 122208dat.giveawy.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.66.201.8 201702 (SKHOSTING-EU)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.66.200.225 201702 (SKHOSTING-EU)
1 185.66.200.222 201702 (SKHOSTING-EU)
1 185.66.201.7 201702 (SKHOSTING-EU)
2 18.158.88.249 16509 (AMAZON-02)
3 69.175.50.35 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.147.1.177 396982 (GOOGLE-CL...)
1 9 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 174.138.122.163 14061 (DIGITALOC...)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 34.141.179.97 396982 (GOOGLE-CL...)
3 67.212.184.149 32475 (SINGLEHOP...)
1 2 18.195.23.231 16509 (AMAZON-02)
1 146.75.120.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 149.56.240.27 16276 (OVH)
39 18
1    185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu
ebaaa.xyz
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    185.66.200.225 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.225.skhosting.eu
1680130223.m-wlmw.com
1    185.66.200.222 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.222.skhosting.eu
cdn-server.info
1    185.66.201.7 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.7.skhosting.eu
ucaba.live
2    18.158.88.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
perserymanked.com
reletinglablets.com
3    69.175.50.35 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
pro.nettrafficeasy.co
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.turbotrck.art
1    34.147.1.177 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
admoustache.media-412.com
9    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
yeah.achelous.mobi
irugu.cogliatu.com
122208dat.giveawy.click
4    2606:4700:3035::ac43:9efb (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
2    174.138.122.163 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
c.adups.app
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
792a9db8.linkbooster.click
b191f85c.myofferplus.com
1    34.141.179.97 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com
track.gositego.live
3    67.212.184.149 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
ozil.glumiville.com
2    18.195.23.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
cpa.a03seftrk.click
1    146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    149.56.240.27 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net
s4.histats.com
Apex Domain
Subdomains		 Transfer
4 giveawy.click
122208dat.giveawy.click
7 KB
4 cogliatu.com
irugu.cogliatu.com — Cisco Umbrella Rank: 96608
18 KB
4 linkbooster.click
792a9db8.linkbooster.click
18 KB
4 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 767498
4 KB
3 glumiville.com
ozil.glumiville.com
7 KB
3 turbotrck.art
www.turbotrck.art
6 KB
3 nettrafficeasy.co
pro.nettrafficeasy.co
7 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 16830
s4.histats.com — Cisco Umbrella Rank: 13900
5 KB
2 a03seftrk.click
cpa.a03seftrk.click
2 KB
2 adups.app
c.adups.app
826 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
30 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6141
14 KB
1 myofferplus.com
b191f85c.myofferplus.com
1 KB
1 gositego.live
track.gositego.live — Cisco Umbrella Rank: 90460
252 B
1 achelous.mobi
yeah.achelous.mobi
2 KB
1 media-412.com
admoustache.media-412.com
270 B
1 reletinglablets.com
reletinglablets.com
816 B
1 perserymanked.com
perserymanked.com
2 KB
1 ucaba.live
ucaba.live — Cisco Umbrella Rank: 949428
283 B
1 cdn-server.info
cdn-server.info
292 B
1 m-wlmw.com
1680130223.m-wlmw.com
729 B
1 ebaaa.xyz
ebaaa.xyz — Cisco Umbrella Rank: 164048
1 KB
0 cloudflareinsights.com Failed
static.cloudflareinsights.com Failed
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
39 25
Domain Requested by
4 122208dat.giveawy.click 1 redirects ozil.glumiville.com
122208dat.giveawy.click
4 irugu.cogliatu.com 792a9db8.linkbooster.click
ebaaa.xyz
irugu.cogliatu.com
4 792a9db8.linkbooster.click yeah.achelous.mobi
ebaaa.xyz
792a9db8.linkbooster.click
4 cdn.addlnk.com yeah.achelous.mobi
792a9db8.linkbooster.click
irugu.cogliatu.com
b191f85c.myofferplus.com
3 ozil.glumiville.com b191f85c.myofferplus.com
ozil.glumiville.com
3 www.turbotrck.art 2 redirects pro.nettrafficeasy.co
3 pro.nettrafficeasy.co reletinglablets.com
pro.nettrafficeasy.co
2 cpa.a03seftrk.click 1 redirects 122208dat.giveawy.click
2 c.adups.app 2 redirects
2 www.google-analytics.com ebaaa.xyz
www.google-analytics.com
1 s4.histats.com s10.histats.com
1 s10.histats.com 122208dat.giveawy.click
1 ajax.googleapis.com 122208dat.giveawy.click
1 i.imgur.com 122208dat.giveawy.click
1 b191f85c.myofferplus.com irugu.cogliatu.com
1 track.gositego.live 1 redirects
1 yeah.achelous.mobi www.turbotrck.art
1 admoustache.media-412.com 1 redirects
1 reletinglablets.com perserymanked.com
1 perserymanked.com ucaba.live
1 ucaba.live 1680130223.m-wlmw.com
1 cdn-server.info 1680130223.m-wlmw.com
1 1680130223.m-wlmw.com ebaaa.xyz
1 ebaaa.xyz
0 static.cloudflareinsights.com Failed yeah.achelous.mobi
0 stats.g.doubleclick.net Failed www.google-analytics.com
39 26

This site contains links to these domains. Also see Links.

Domain
cpa.a03seftrk.click
Subject Issuer Validity Valid
ebaaa.xyz
R3		 2023-03-21 -
2023-06-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.m-wlmw.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-11 -
2024-02-08		 a year crt.sh
cdn-server.info
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh
ucaba.live
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
perserymanked.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-20 -
2023-10-20		 a year crt.sh
reletinglablets.com
R3		 2023-03-07 -
2023-06-05		 3 months crt.sh
pro.nettrafficeasy.co
R3		 2023-02-01 -
2023-05-02		 3 months crt.sh
www.turbotrck.art
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
ozil.glumiville.com
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.giveawy.click
GTS CA 1P5		 2023-02-06 -
2023-05-07		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
cpa.a03seftrk.click
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Frame ID: 465EBA769D002144017253462AC28556
Requests: 33 HTTP requests in this frame

Frame: https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680120000
Frame ID: 7AFF2A7F782716E5CAE9F2395DA9F715
Requests: 3 HTTP requests in this frame

Frame: https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680120000
Frame ID: 696C25C47DF8D3495BFF6EEA34C5D211
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2 neue Nachrichten!

Page URL History Show full URLs

  1. https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&p... Page URL
  2. https://1680130223.m-wlmw.com/af.php?hash=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprp... Page URL
  3. https://ucaba.live/go.php?go=https%3A%2F%2Fperserymanked.com%2Fe2d4ccdf-0d92-4ce3-8c89-fc20d643... Page URL
  4. https://perserymanked.com/e2d4ccdf-0d92-4ce3-8c89-fc20d6431215?c2=29467313&c1=30affC1680130223affbf1f7... Page URL
  5. https://reletinglablets.com/redirect?target=BASE64aHR0cHM6Ly9wcm8ubmV0dHJhZmZpY2Vhc3kuY28vP3V0bV9tZWRpdW... Page URL
  6. https://pro.nettrafficeasy.co/?utm_medium=e07a1d1b71ae3ab7420499997765f79c0a28d317&utm_campaign=Sep182022V... Page URL
  7. https://pro.nettrafficeasy.co/?utm_term=7216104365117931570&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  8. https://pro.nettrafficeasy.co/proc.php?542c40b93be77623e2a2df5caef292f9e7df7a4b Page URL
  9. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website... Page URL
  10. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b215d422f56e5b4a370df447b67... HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503 Page URL
  11. https://c.adups.app/36399?click=pub0d9669453d4b4ee1be037d54da0d5864&pubid=f31e77b4 HTTP 302
    https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c Page URL
  12. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubab564c0531324aae9ed6cd535e279... HTTP 302
    https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c Page URL
  13. https://c.adups.app/36399?click=pub2fdc70548bfa49ae8f12e9fecd9342e2&pubid=08c366c2 HTTP 302
    https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399 Page URL
  14. https://ozil.glumiville.com/?utm_medium=a09181e190fba099cba1f1c0fabd61747f66d1cf&utm_campaign=sexy_redir... Page URL
  15. https://ozil.glumiville.com/?utm_term=7216104382297800728&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  16. https://ozil.glumiville.com/proc.php?3130c8af68c5b745e49fbad8fc90349148f291ff Page URL
  17. https://cpa.a03seftrk.click/d81073d5-83e0-40bd-85b2-d15b61f0e14f?pid=20961-845b943f-8f35ebcd&creative_id... HTTP 302
    https://122208dat.giveawy.click/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZ... HTTP 302
    https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIh... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

95 %
HTTPS

25 %
IPv6

25
Domains

26
Subdomains

18
IPs

7
Countries

142 kB
Transfer

293 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR&cv=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&convertedAs=1&refferer=3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%3D&ecpm_choosed=5&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&generic_choosed=4039&redirectInfo=Q1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09 Page URL
  2. https://1680130223.m-wlmw.com/af.php?hash=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&refferer=aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&user_agent=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzY=&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&url78456=aHR0cHM6Ly91Y2FiYS5saXZlL2dvLnBocD9nbz1odHRwcyUzQSUyRiUyRnBlcnNlcnltYW5rZWQuY29tJTJGZTJkNGNjZGYtMGQ5Mi00Y2UzLThjODktZmMyMGQ2NDMxMjE1JTNGYzIlM0QyOTQ2NzMxMyUyNmMxJTNEMzBhZmZDMTY4MDEzMDIyM2FmZmJmMWY3MzU2NDkzMDlhNDE0YTU0MSZkbz01OGZjZTBkZWE0YjViM2YwNWE5YTg0YTEyMzc2YmFjOQ== Page URL
  3. https://ucaba.live/go.php?go=https%3A%2F%2Fperserymanked.com%2Fe2d4ccdf-0d92-4ce3-8c89-fc20d6431215%3Fc2%3D29467313%26c1%3D30affC1680130223affbf1f735649309a414a541&do=58fce0dea4b5b3f05a9a84a12376bac9 Page URL
  4. https://perserymanked.com/e2d4ccdf-0d92-4ce3-8c89-fc20d6431215?c2=29467313&c1=30affC1680130223affbf1f735649309a414a541 Page URL
  5. https://reletinglablets.com/redirect?target=BASE64aHR0cHM6Ly9wcm8ubmV0dHJhZmZpY2Vhc3kuY28vP3V0bV9tZWRpdW09ZTA3YTFkMWI3MWFlM2FiNzQyMDQ5OTk5Nzc2NWY3OWMwYTI4ZDMxNyZ1dG1fY2FtcGFpZ249U2VwMTgyMDIyVmF0b01udHplTGluayYxPTI5NDY3MzEzJmNpZD13c2thaWo2dGpxcTBkdWtuaW1kODJqODY&ts=1680130224124&hash=0MRTj9QFg1cuq0Blur8mChLRUJvgIfpW03d0IWw5Mo8&rm=DJ Page URL
  6. https://pro.nettrafficeasy.co/?utm_medium=e07a1d1b71ae3ab7420499997765f79c0a28d317&utm_campaign=Sep182022VatoMntzeLink&1=29467313&cid=wskaij6tjqq0duknimd82j86 Page URL
  7. https://pro.nettrafficeasy.co/?utm_term=7216104365117931570&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  8. https://pro.nettrafficeasy.co/proc.php?542c40b93be77623e2a2df5caef292f9e7df7a4b Page URL
  9. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  10. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=57ed8cfa7a9a417c080f1c43552e556c&eyer=0.4535104199337665&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pro.nettrafficeasy.co HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.4535104199337665&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pro.nettrafficeasy.co HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b215d422f56e5b4a370df447b67806060329-202303-flb*5564921-b2be6*M7216104365117931570*sl_5564921-b2be6*49ccbf4ffedd17d305f1d1bdfd7b79fa53ace77a*909-c6671053*909 HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503 Page URL
  11. https://c.adups.app/36399?click=pub0d9669453d4b4ee1be037d54da0d5864&pubid=f31e77b4 HTTP 302
    https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c Page URL
  12. https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubab564c0531324aae9ed6cd535e279682&sub2=29d0f8e7_4515c HTTP 302
    https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c Page URL
  13. https://c.adups.app/36399?click=pub2fdc70548bfa49ae8f12e9fecd9342e2&pubid=08c366c2 HTTP 302
    https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399 Page URL
  14. https://ozil.glumiville.com/?utm_medium=a09181e190fba099cba1f1c0fabd61747f66d1cf&utm_campaign=sexy_redirect&1=5ff05558&cid=pub15025822bc9a4dada7e9fc4fcac5f4a5&2=36399 Page URL
  15. https://ozil.glumiville.com/?utm_term=7216104382297800728&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075 Page URL
  16. https://ozil.glumiville.com/proc.php?3130c8af68c5b745e49fbad8fc90349148f291ff Page URL
  17. https://cpa.a03seftrk.click/d81073d5-83e0-40bd-85b2-d15b61f0e14f?pid=20961-845b943f-8f35ebcd&creative_id=[[creative_id]]&cid=M7216104382297800728&partner_ID=20961&pushid=[[pushid]]&subscription_freshness=[[subscription_freshness]]&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 HTTP 302
    https://122208dat.giveawy.click/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 HTTP 302
    https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=57ed8cfa7a9a417c080f1c43552e556c&eyer=0.4535104199337665&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pro.nettrafficeasy.co HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.4535104199337665&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=pro.nettrafficeasy.co HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b215d422f56e5b4a370df447b67806060329-202303-flb*5564921-b2be6*M7216104365117931570*sl_5564921-b2be6*49ccbf4ffedd17d305f1d1bdfd7b79fa53ace77a*909-c6671053*909 HTTP 302
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
Request Chain 16
  • https://c.adups.app/36399?click=pub0d9669453d4b4ee1be037d54da0d5864&pubid=f31e77b4 HTTP 302
  • https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
Request Chain 20
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubab564c0531324aae9ed6cd535e279682&sub2=29d0f8e7_4515c HTTP 302
  • https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
Request Chain 25
  • https://c.adups.app/36399?click=pub2fdc70548bfa49ae8f12e9fecd9342e2&pubid=08c366c2 HTTP 302
  • https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ebaaa.xyz/148bcf03fc/bb6bac9292/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR&cv=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&convertedAs=1&refferer=3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%3D&ecpm_choosed=5&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&generic_choosed=4039&redirectInfo=Q1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:23 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
x-robots-tag
noindex,nofollow
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ebaaa.xyz
URL: https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR&cv=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&convertedAs=1&refferer=3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%3D&ecpm_choosed=5&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&generic_choosed=4039&redirectInfo=Q1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ebaaa.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Mar 2023 22:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2712
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 30 Mar 2023 00:05:11 GMT
af.php
1680130223.m-wlmw.com/ 		659 B
729 B 		Document
General
Check archive.org
Download Go to
Full URL
https://1680130223.m-wlmw.com/af.php?hash=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&refferer=aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&user_agent=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzY=&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&url78456=aHR0cHM6Ly91Y2FiYS5saXZlL2dvLnBocD9nbz1odHRwcyUzQSUyRiUyRnBlcnNlcnltYW5rZWQuY29tJTJGZTJkNGNjZGYtMGQ5Mi00Y2UzLThjODktZmMyMGQ2NDMxMjE1JTNGYzIlM0QyOTQ2NzMxMyUyNmMxJTNEMzBhZmZDMTY4MDEzMDIyM2FmZmJmMWY3MzU2NDkzMDlhNDE0YTU0MSZkbz01OGZjZTBkZWE0YjViM2YwNWE5YTg0YTEyMzc2YmFjOQ==
Requested by
Host: ebaaa.xyz
URL: https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR&cv=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&convertedAs=1&refferer=3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%3D&ecpm_choosed=5&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&generic_choosed=4039&redirectInfo=Q1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.225 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.225.skhosting.eu
Software
nginx /
Resource Hash
04818041cdc24c94144b0a64f4a4e1d68bcc3cce102deaf7d1f0979d31808916

Request headers

Referer
https://ebaaa.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:23 GMT
server
nginx
collect
www.google-analytics.com/j/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=814794362&t=pageview&_s=1&dl=https%3A%2F%2Febaaa.xyz%2F148bcf03fc%2Fbb6bac9292%2F%3Fcampaign%3DOUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09%26clicked%3D1%26placementName%3DROTATOR%26cv%3DXAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736%26yxDom%3DY2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2%26convertedAs%3D1%26refferer%3D3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv%26realRef%3DRkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%253D%26ecpm_choosed%3D5%26capSettings%3DY2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw%26generic_choosed%3D4039%26redirectInfo%3DQ1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1790458001&gjid=1152648253&cid=488824680.1680130224&tid=UA-68398243-1&_gid=279886732.1680130224&_r=1&_slc=1&z=1011290013
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ebaaa.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Mar 2023 22:50:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ebaaa.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		0
0
afCap.php
cdn-server.info/ 		43 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-server.info/afCap.php?limit=50000&hours=24&ad=61380
Requested by
Host: 1680130223.m-wlmw.com
URL: https://1680130223.m-wlmw.com/af.php?hash=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&refferer=aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&user_agent=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzY=&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&url78456=aHR0cHM6Ly91Y2FiYS5saXZlL2dvLnBocD9nbz1odHRwcyUzQSUyRiUyRnBlcnNlcnltYW5rZWQuY29tJTJGZTJkNGNjZGYtMGQ5Mi00Y2UzLThjODktZmMyMGQ2NDMxMjE1JTNGYzIlM0QyOTQ2NzMxMyUyNmMxJTNEMzBhZmZDMTY4MDEzMDIyM2FmZmJmMWY3MzU2NDkzMDlhNDE0YTU0MSZkbz01OGZjZTBkZWE0YjViM2YwNWE5YTg0YTEyMzc2YmFjOQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.200.222 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.200.222.skhosting.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1680130223.m-wlmw.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Mar 2023 22:50:23 GMT
server
nginx
cache-directive
no-cache
content-type
image/gif
cache-control
public, no-cache
pragma-directive
no-cache
content-length
43
expires
0
go.php
ucaba.live/ 		567 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ucaba.live/go.php?go=https%3A%2F%2Fperserymanked.com%2Fe2d4ccdf-0d92-4ce3-8c89-fc20d6431215%3Fc2%3D29467313%26c1%3D30affC1680130223affbf1f735649309a414a541&do=58fce0dea4b5b3f05a9a84a12376bac9
Requested by
Host: 1680130223.m-wlmw.com
URL: https://1680130223.m-wlmw.com/af.php?hash=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&refferer=aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&user_agent=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjU1NjMuMTQ2IFNhZmFyaS81MzcuMzY=&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&url78456=aHR0cHM6Ly91Y2FiYS5saXZlL2dvLnBocD9nbz1odHRwcyUzQSUyRiUyRnBlcnNlcnltYW5rZWQuY29tJTJGZTJkNGNjZGYtMGQ5Mi00Y2UzLThjODktZmMyMGQ2NDMxMjE1JTNGYzIlM0QyOTQ2NzMxMyUyNmMxJTNEMzBhZmZDMTY4MDEzMDIyM2FmZmJmMWY3MzU2NDkzMDlhNDE0YTU0MSZkbz01OGZjZTBkZWE0YjViM2YwNWE5YTg0YTEyMzc2YmFjOQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.7 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.7.skhosting.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://1680130223.m-wlmw.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:24 GMT
server
nginx
e2d4ccdf-0d92-4ce3-8c89-fc20d6431215
perserymanked.com/ 		1012 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://perserymanked.com/e2d4ccdf-0d92-4ce3-8c89-fc20d6431215?c2=29467313&c1=30affC1680130223affbf1f735649309a414a541
Requested by
Host: ucaba.live
URL: https://ucaba.live/go.php?go=https%3A%2F%2Fperserymanked.com%2Fe2d4ccdf-0d92-4ce3-8c89-fc20d6431215%3Fc2%3D29467313%26c1%3D30affC1680130223affbf1f735649309a414a541&do=58fce0dea4b5b3f05a9a84a12376bac9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ucaba.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 29 Mar 2023 22:50:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
redirect
reletinglablets.com/ 		654 B
816 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reletinglablets.com/redirect?target=BASE64aHR0cHM6Ly9wcm8ubmV0dHJhZmZpY2Vhc3kuY28vP3V0bV9tZWRpdW09ZTA3YTFkMWI3MWFlM2FiNzQyMDQ5OTk5Nzc2NWY3OWMwYTI4ZDMxNyZ1dG1fY2FtcGFpZ249U2VwMTgyMDIyVmF0b01udHplTGluayYxPTI5NDY3MzEzJmNpZD13c2thaWo2dGpxcTBkdWtuaW1kODJqODY&ts=1680130224124&hash=0MRTj9QFg1cuq0Blur8mChLRUJvgIfpW03d0IWw5Mo8&rm=DJ
Requested by
Host: perserymanked.com
URL: https://perserymanked.com/e2d4ccdf-0d92-4ce3-8c89-fc20d6431215?c2=29467313&c1=30affC1680130223affbf1f735649309a414a541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
654
content-type
text/html;charset=UTF-8
date
Wed, 29 Mar 2023 22:50:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
/
pro.nettrafficeasy.co/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pro.nettrafficeasy.co/?utm_medium=e07a1d1b71ae3ab7420499997765f79c0a28d317&utm_campaign=Sep182022VatoMntzeLink&1=29467313&cid=wskaij6tjqq0duknimd82j86
Requested by
Host: reletinglablets.com
URL: https://reletinglablets.com/redirect?target=BASE64aHR0cHM6Ly9wcm8ubmV0dHJhZmZpY2Vhc3kuY28vP3V0bV9tZWRpdW09ZTA3YTFkMWI3MWFlM2FiNzQyMDQ5OTk5Nzc2NWY3OWMwYTI4ZDMxNyZ1dG1fY2FtcGFpZ249U2VwMTgyMDIyVmF0b01udHplTGluayYxPTI5NDY3MzEzJmNpZD13c2thaWo2dGpxcTBkdWtuaW1kODJqODY&ts=1680130224124&hash=0MRTj9QFg1cuq0Blur8mChLRUJvgIfpW03d0IWw5Mo8&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.175.50.35 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://pro.nettrafficeasy.co/?utm_term=7216104365117931570&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
pro.nettrafficeasy.co/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pro.nettrafficeasy.co/?utm_term=7216104365117931570&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: pro.nettrafficeasy.co
URL: https://pro.nettrafficeasy.co/?utm_medium=e07a1d1b71ae3ab7420499997765f79c0a28d317&utm_campaign=Sep182022VatoMntzeLink&1=29467313&cid=wskaij6tjqq0duknimd82j86
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.175.50.35 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
68efeddff06a914480b0662c49c8268a522758b6b65dc1d164a78041a52cd00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://pro.nettrafficeasy.co/?utm_medium=e07a1d1b71ae3ab7420499997765f79c0a28d317&utm_campaign=Sep182022VatoMntzeLink&1=29467313&cid=wskaij6tjqq0duknimd82j86
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
pro.nettrafficeasy.co/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pro.nettrafficeasy.co/proc.php?542c40b93be77623e2a2df5caef292f9e7df7a4b
Requested by
Host: pro.nettrafficeasy.co
URL: https://pro.nettrafficeasy.co/?utm_term=7216104365117931570&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.175.50.35 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://pro.nettrafficeasy.co/?utm_term=7216104365117931570&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:25 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: pro.nettrafficeasy.co
URL: https://pro.nettrafficeasy.co/proc.php?542c40b93be77623e2a2df5caef292f9e7df7a4b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pro.nettrafficeasy.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Wed, 29 Mar 2023 22:50:25 GMT
Transfer-Encoding
chunked
a91581ead4
yeah.achelous.mobi/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd8385808...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd8385808...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000b215d422f56e5b4a370df447b67806060329-202303-flb*5564921-b2be6*M7216104365117931570*sl_5564921-b2be6*49ccbf4ffedd17...
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5071e51454fd90398a90441be2ed87c24e60b1872b2f5ef16d3205ecef05c9

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7216104365117931570&website=909-c6671053&placement=909&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7afbabf4fd299b7a-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eB%2BytNExDOu2Sma1XuLtJQaSYWzgLp9er4EPYIsLvvPEHJDa2ULNApaQPJRKOeMPCp%2FRGYeAGrKUAjB5o30ouxssVL2IOcLUGnYpprlV5FDQG898R8VNVz0tmHaSGbGLgctYMrL%2FKeUSwcT%2Fj3VUb1Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 29 Mar 2023 22:50:25 GMT
location
https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
6640
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk15l5Vil%2B12gZAQzd%2FboKac3%2Bvx7tXwGSBrS3vtgZyCwiAqkSr3rRrfaR8xufyzxLLTpYJgaGuOGYWIWfQqAjZ2WnDi%2FHTiPqXQNW0%2FmPS1kF4OOwObZI0R3WEelTexHTzld%2Fhx0ppU0sNi%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7afbabf6197a6910-FRA
vb26e4fa9e5134444860be286fd8771851679335129114
static.cloudflareinsights.com/beacon.min.js/ 		0
0
736006a179
792a9db8.linkbooster.click/rc/
Redirect Chain
  • https://c.adups.app/36399?click=pub0d9669453d4b4ee1be037d54da0d5864&pubid=f31e77b4
  • https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f541d74b2b7d78580fe4abd4ab7d086e0584a9858c42606fc64a8406cbdf7a52

Request headers

Referer
https://yeah.achelous.mobi/rc/a91581ead4?affclick=6424c0b146e5e60001c864f2&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7afbabfc5f9d2bb0-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL1BOHjfJA9AhLsbgSBccTkDcILHji16PSTsTmZ8C5mIGA2t%2BuxjF6NZeW8HgQAdjQg9ukwn6Yc%2B9wK6jrhOWxZzv8ECD2XJ9n2BO%2FuJak1RnAmbwEe07XqAbnK7MpJJWVmMDd6eX3EkIi%2B9eE272Uom9%2BleudAjoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
250
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:26 GMT
expires
0
location
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
pragma
no-cache
surrogate-control
no-store
vary
Accept, Accept-Encoding
x-powered-by
Express
redirect.css
cdn.addlnk.com/ 		1 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
6641
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HNvXMxnuJf%2F6N2stcMa3eFWBL4bKhoMqp89ipBCBFVIyzW5JO5BDjB%2B8XjjUpL%2F%2FzxmjckikjcGC018ahhPlooKYCvinfPUgtvad014lkGcHphlyD%2FjE1eKalMT%2BRQDVmfXudjqJXlBoio7Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7afbabfd09f96910-FRA
invisible.js
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 7AFF 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680120000
Requested by
Host: ebaaa.xyz
URL: https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR&cv=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&convertedAs=1&refferer=3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%3D&ecpm_choosed=5&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&generic_choosed=4039&redirectInfo=Q1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f090e3cf61112bd785fd81ae8cf5c530a444242373e10a57262acc397ee96396

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:26 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmiywDEkD2w2vwC1Z%2BO83YsJ%2BANRX3xkSSHYT7VIvQs382NtC%2F0O5wcbOI1SPwmQui7iMJFjEN1ptCTjaqAYMm8bWCF4NqXEs91Ur8sMT1dfc%2Bv14Jre3YBTtJ%2Bijf%2Foi75vSBu9G3petIeawZy7jRN697rGkfOfzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7afbabfd48b52bb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/ Frame 7AFF 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc93210a180cb5bebd2c6da2e9e138fcca7408b8cd27c8b6eac7793a4dc10d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:26 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fubb0V1AuyFlRCbK1cBJjJOzcacn9T0UolEGZyN34MAAS80OItTnSciLgJkNuMUYoPCp3FdrxXuQMMzXtQcQ23Dsow0rFeLtkjomvcFuVfavj9ULRXUKF5OTGPaTHxLiJ5rUhxDkbgSW%2FX4NSuIDThxvhRqc1%2FrRzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7afbabfd8b0f2be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
19aff8b744
irugu.cogliatu.com/rc/
Redirect Chain
  • https://track.gositego.live/sl?id=6372315a14cb732daa6b203e&pid=930&sub1=pubab564c0531324aae9ed6cd535e279682&sub2=29d0f8e7_4515c
  • https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8db9b3ef29f637df50accd542219114ee8beffc05c9576244bc8a0dff3d2566e

Request headers

Referer
https://792a9db8.linkbooster.click/rc/736006a179?affclick=23C30042026A036399028631eIKbZ&pubid=4515c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7afbabff982d0394-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwbrIHYQtd6laFKWz7mGJ8UWUlIZYgkV2Ix15%2BNtkkOZW%2FyAPE4RZwk4Ah4hwP9MAKUbYXQNsupi9yAm5foE14NIAn8J8itficrBzupn8pqx0qryJmruo4AZaPilr5wlYeLC5IwhyzlV6WrcezkPQO8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Wed, 29 Mar 2023 22:50:27 GMT
location
https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
server
nginx
x-adjust-use-original-forwarded-for
1
7afbabfc5f9d2bb0
792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 7AFF 		2 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/cv/result/7afbabfc5f9d2bb0
Requested by
Host: 792a9db8.linkbooster.click
URL: https://792a9db8.linkbooster.click/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680120000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Mar 2023 22:50:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYj8d3UQ6VkJdX5wZDrFz16s0RlREEb382y63P7aZ79d0Gm0jvTSIhFkKC3i1j8d4SqHyVQ7gtFJwwwEDURHkUhDXIR%2FZhrIxboZeZ3bhLks%2BYvdeiEexWCBmMNI67YsVpY2nXP%2BZKRjYKklAwuDdumF%2FTVEu2SMfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7afbabff3cb02be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: irugu.cogliatu.com
URL: https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
2122
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwItlZY5n3Qj%2BnPsFXYr5Pjqm2u9GAU9WNntp8G%2FFRGLB3td6LWAGmleZ750bwSy4W3LAkPCuA0sXldmxJ7FTYa5OydD3KGMVIVUN61nBqenpg7XryEJYJqckBS1CsHWyRM9Sd2pF11O83G%2BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7afbac005cdf920b-FRA
invisible.js
irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 696C 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680120000
Requested by
Host: ebaaa.xyz
URL: https://ebaaa.xyz/148bcf03fc/bb6bac9292/?campaign=OUh6b0x6T2oxR1RZRGpPWnlaVUd1dz09&clicked=1&placementName=ROTATOR&cv=XAdCpriAAjpGjCikAAGjCxCjpNrkNrGANrdACrCZZZCCrixCrrrCrCrGCxCZGprpjZjrCCrxi_59736&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&convertedAs=1&refferer=3723688202_aHR0cHM6Ly9tb2FobW1lZGJpbnJhc2hpaWRyYW1hZGFuLWVuei5wYWdlcy5kZXYv&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0%3D&ecpm_choosed=5&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDYxMzgw&generic_choosed=4039&redirectInfo=Q1R4cTZBa3dkUkhhdkFQTU9ua3NOQT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a812a964a0c9bb877bef84a50c970084c6942f41150e4381a5ff08536f421eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMaqfTuAGsSeDN04ULY4bJwv4qJUr2bJ6PQk%2FA%2FyFsxYeT9OQc%2Fo8dfZBaTj4Y5VUTFpX47%2Fqm6r0pByXBmZXbYhGTGYAS1B0X56N0PdRnPrQWUetiyXXT%2FQsGHAsKunt2JxQ0TCFc0i8I8rYfCJO9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7afbac00991d0394-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 696C 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd6e9854575bc848c2f710ad91467f789c5aa24d9e6a92388f181aee0f04ff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zN0b0raTu0fcctglxAxHV4lsVHK9AGsj5XgQN5w3ASdv1aRU%2Br0KguX53uIC3ZrJQgYiXpc4WtVIzmLBvUjxFubqFGhtgiZdUAiRX04Nf6hSJS9IwEEjTjYXNDpInDBKPuG6GDI9nkTvBfiJ1NHfSDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7afbac00fb71904f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bcc83aad32
b191f85c.myofferplus.com/rc/
Redirect Chain
  • https://c.adups.app/36399?click=pub2fdc70548bfa49ae8f12e9fecd9342e2&pubid=08c366c2
  • https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399
Requested by
Host: irugu.cogliatu.com
URL: https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77ece214075324c5d52dfd61e441fd129813b500f8fdcdc638c91f4632d2db8c

Request headers

Referer
https://irugu.cogliatu.com/rc/19aff8b744?affclick=6424c0b37c23bd0001137b1f&pubid=930_29d0f8e7_4515c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7afbac02ee542bd6-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSgmJG994JZbspsiKKIpaHytvp25JNEam3NN2t%2FSByZpsAys4Zzj87%2FO6HRUmvpd3RvAQvPHoLJZRKDcFwf47CUCvGbixPSnVwxy78ER7vs3JxjxfXgsPrLWMRkA7ctmJt%2FciU1H%2F8EREx2dk60yw%2BrfY1jaiVs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
246
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:27 GMT
expires
0
location
https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399
pragma
no-cache
surrogate-control
no-store
vary
Accept, Accept-Encoding
x-powered-by
Express
7afbabff982d0394
irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 696C 		2 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/cv/result/7afbabff982d0394
Requested by
Host: irugu.cogliatu.com
URL: https://irugu.cogliatu.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1680120000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Mar 2023 22:50:27 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnMQpc%2BD8x8dcR5Pne2v%2BNVbGar4dkuoPuZ%2F1dX3Egk%2FCDRx3Z8QprviM4%2F21r6WK6PZTM147X513cmhlyJaHHvCJUfOx22kCmfApthLwco%2FiPmbs3XU52NTI7IuEKeQiNgTEQGEUX9qsPwk0bv%2BhtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7afbac026c66904f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
redirect.css
cdn.addlnk.com/ 		1 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: b191f85c.myofferplus.com
URL: https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NG3WEQ5NJ4PQVZ4F
age
2122
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QxX22n6jD9gBrjBZ6ohlWbPu+une0ezSYrlZ/gpY7cQk926tnR/U/t0VdL75pShx4aODRqNqN5k=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdLydeWuzQx95d7sbyKtxUk9hnEIMz0Tyx8Gzwbg8g1B8iMIEr%2BpynWLYGrpKEklvyRCQFDdH27V7nKrsH5I1hFl%2FEWoUE6lb4XT2JGjQ2b1t4qJAg3nf%2FfJuffuBfYQwFnWwjW502vJn%2B%2BI1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7afbac03cf24920b-FRA
/
ozil.glumiville.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/?utm_medium=a09181e190fba099cba1f1c0fabd61747f66d1cf&utm_campaign=sexy_redirect&1=5ff05558&cid=pub15025822bc9a4dada7e9fc4fcac5f4a5&2=36399
Requested by
Host: b191f85c.myofferplus.com
URL: https://b191f85c.myofferplus.com/rc/bcc83aad32?affclick=23C30042027A036399028050Z3MTd&pubid=36399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ozil.glumiville.com/?utm_term=7216104382297800728&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
ozil.glumiville.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/?utm_term=7216104382297800728&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/?utm_medium=a09181e190fba099cba1f1c0fabd61747f66d1cf&utm_campaign=sexy_redirect&1=5ff05558&cid=pub15025822bc9a4dada7e9fc4fcac5f4a5&2=36399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
7174aef79948dcddd21ace6b4e7aa38664250b04d6073a2015b09954d2275472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://ozil.glumiville.com/?utm_medium=a09181e190fba099cba1f1c0fabd61747f66d1cf&utm_campaign=sexy_redirect&1=5ff05558&cid=pub15025822bc9a4dada7e9fc4fcac5f4a5&2=36399
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 29 Mar 2023 22:50:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
ozil.glumiville.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/proc.php?3130c8af68c5b745e49fbad8fc90349148f291ff
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/?utm_term=7216104382297800728&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://ozil.glumiville.com/?utm_term=7216104382297800728&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://cpa.a03seftrk.click/d81073d5-83e0-40bd-85b2-d15b61f0e14f?pid=20961-845b943f-8f35ebcd&creative_id=[[creative_id]]&cid=M7216104382297800728&partner_ID=20961&pushid=[[pushid]]&subscription_freshness=[[subscription_freshness]]&subid=M7216104382297800728
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
Primary Request /
122208dat.giveawy.click/de-de/
Redirect Chain
  • https://cpa.a03seftrk.click/d81073d5-83e0-40bd-85b2-d15b61f0e14f?pid=20961-845b943f-8f35ebcd&creative_id=[[creative_id]]&cid=M7216104382297800728&partner_ID=20961&pushid=[[pushid]]&subscription_fre...
  • https://122208dat.giveawy.click/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNl...
  • https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9ql...
2 KB
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/proc.php?3130c8af68c5b745e49fbad8fc90349148f291ff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
9e5343a55e150e13fbf5651e5ffa976b6a8029be6ce9ad50ef533a05d2163245

Request headers

Referer
https://ozil.glumiville.com/proc.php?3130c8af68c5b745e49fbad8fc90349148f291ff
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7afbac0cda809b33-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPOfvlTjZe1H4QC9IBUDyqeu2spUEdDgDuFNEA69l6u1r2aFX7JdVOnxU4WCvAsY0Hv3WY8oX5DRUq60zORnKylNiRgwtUixdA77X1kuVoJOeAw0PRY8XuIh%2BAanln5JCeCg6NvzGcdw5AxAMWpOB075yvXWJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7afbac0c19d69b33-FRA
content-type
text/html; charset=UTF-8
date
Wed, 29 Mar 2023 22:50:29 GMT
location
https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uZlZJX4WqnbmfO77RqM5be%2FPZKDZsdaWjaSz8m%2FbLtxosAkYOKB2%2FUS3HSVcKy%2FhZLRcYxss8A09hufL9mNI9zo3lwAqHkiSLphZFdXUxFDlbla23xopT%2BNCVg7Q2t5eb2Huo%2FfqaWczG4APHSIVOaF3XKZuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.33
main.css
122208dat.giveawy.click/de-de/assets/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://122208dat.giveawy.click/de-de/assets/css/main.css
Requested by
Host: 122208dat.giveawy.click
URL: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6e256b4e129680faf26775d652ad04b23d7ac2ab11aa0c981c0474ed99d23b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6011
cf-polished
origSize=17440
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 21 Feb 2023 10:58:53 GMT
server
cloudflare
etag
W/"4420-5f533aa543225"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuPfvwlLn5qLksS3v0jc3iFfpqsqyp7MJ4UZsaU0RwUKYzD0SPCSUb5c656SyBbFQcZgghRg9dunE%2FM3DMnldSQkvBqGQED5CQbycwsyIPcWAvZQFH2GAXIy1iq60PPH1wZi8nwh63bpeDvbzENnwO9NhtA%2FDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7afbac0d6f1d9b5d-FRA
BseswvS.jpg
i.imgur.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/BseswvS.jpg
Requested by
Host: 122208dat.giveawy.click
URL: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c27c37caaba03b76378147ebf7e84a59b98ab7f15548fa9c129d69da68c4532f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:29 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2477210
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
14430
x-served-by
cache-iad-kiad7000054-IAD, cache-hhn-etou8220022-HHN
last-modified
Tue, 21 Feb 2023 10:48:31 GMT
server
cat factory 1.0
x-timer
S1680130229.406356,VS0,VE2
etag
"1ae89c9c13608acbfdeaa4aa0c5dc426"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
739, 1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: 122208dat.giveawy.click
URL: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 10:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Mar 2024 10:28:36 GMT
custom.min.js
122208dat.giveawy.click/de-de/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://122208dat.giveawy.click/de-de/assets/js/custom.min.js
Requested by
Host: 122208dat.giveawy.click
URL: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
a6649beec8794e22ec38db4321474bdbe4383b5e372d2a3a5f06a32cdf76fdce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:50:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 21:10:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6011
x-powered-by
PHP/7.3.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAg0yKdn8VE%2BN8QtGiGa5%2FEW54hTpnSwTBR1UEx58xR%2F%2FZMVJqBKDqGnyBGq1bYsvKSvnjlwAKIWkcyhTmAmPqXcC%2BXdIRZtsnO4VFGaP5bSwqChOW0lN9tKR9CKIqr9%2BLTTj4bSSeEwbjWaZ%2FQ7QS4ElfMbOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
7afbac0d7f289b5d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hp
cpa.a03seftrk.click/ 		382 B
519 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpa.a03seftrk.click/hp
Requested by
Host: 122208dat.giveawy.click
URL: https://122208dat.giveawy.click/de-de/assets/js/custom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.23.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Mar 2023 22:50:29 GMT
cache-control
no-store, no-cache, pre-check=0, post-check=0
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 122208dat.giveawy.click
URL: https://122208dat.giveawy.click/de-de/?domain=cpa.a03seftrk.click&cep=0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1KrHGz-FPieHtXSxCo2g39jiE3Ay7FjIDu0cKrnJS4BeD293hZIBjo56a1k_327UAyqUEUmadqLm04Orb9gUBwhl6PZ3OKqIwpjdBHQIPo8fBYrbYjUJDxQW7vR3DuulOO8EldX64HebYjHE3TBhnmU3PN8n4Gte-L18BlrFZgS_SpGfvFKgwF6K0rHQzJk&lptoken=16138087139f20272828&pid=20961-845b943f-8f35ebcd&creative_id=%5B%5Bcreative_id%5D%5D&cid=M7216104382297800728&partner_ID=20961&pushid=%5B%5Bpushid%5D%5D&subscription_freshness=%5B%5Bsubscription_freshness%5D%5D&subid=M7216104382297800728&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 22:47:36 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
389972370
0.php
s4.histats.com/stats/ 		50 B
184 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4735387&@f16&@g1&@h1&@i1&@j1680130229570&@k0&@l1&@m2%20neue%20Nachrichten!&@n0&@ohttps%3A%2F%2Fozil.glumiville.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:33829902&@b3:1680130230&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F122208dat.giveawy.click%2Fde-de%2F%3Fdomain%3Dcpa.a03seftrk.click%26cep%3D0rP_NNTKL1aXk59FxMHpUoFKYuyGQPZ0JWofIhFnKVlZI_POR-67an6WrBIVfNjHqsHZMwtemkb0Jh1unHiSwCQiEOO5xgYJIafff8zTrjXzUVWE2EBfGj9ga4cT9qlLKuSNlet03n2T9gwbf-aBgpBbMwlLBuX3LiH15zhYinGu49pPMttqvRnUHw48GEqKwC8Ff4P7xz_RxIQOWH5C60vIAM9X-VsZYJ2ZwdfthwKNmME-aX9mXE5NXfr6M-XUqaZmwUS9p3IQkZkZjj8jXgMu2mf9-Pf-PHcLT0seD9d1Nt142Dr0UUVKW9i123d7gtMAeLwibH6wmOwTiy4J3GvhgAO-s4RpYbUi6YPtAQqVWKjp4wjocgmcqNKZ4ni71ZvS-46UOQMM6OGdqoo0joQh00bdCREoMdtRGoiQDBRm1K&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
5771ab0e0fcd9ebe6b950b94c1e02571e16d0190ac546357deabe96f4881baee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 22:50:29 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-68398243-1&cid=488824680.1680130224&jid=1790458001&gjid=1152648253&_gid=279886732.1680130224&_u=IEBAAEAAAAAAACAAI~&z=1216249804
Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| getURLParameter function| go string| AFKClickUrl object| _Hasync object| container object| link function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

27 Cookies

Domain/Path Name / Value
ebaaa.xyz/ Name: used_c_61380
Value: 1
.ebaaa.xyz/ Name: _ga
Value: GA1.2.488824680.1680130224
.ebaaa.xyz/ Name: _gid
Value: GA1.2.279886732.1680130224
.ebaaa.xyz/ Name: _gat
Value: 1
.cdn-server.info/ Name: cap_61380
Value: 1
.perserymanked.com/ Name: e2d4ccdf-0d92-4ce3-8c89-fc20d6431215-v4
Value: i6dRVlEoUe7kO0Jn_uVMsG3v96mMwv5EJO0kL-L3hVg
.perserymanked.com/ Name: cc-v4
Value: B7jiLPtAM5QmzxASxzO99vLiTNENKrHNj313Pa6OfB8JtJVyDvQmj9k7bpsCYjF6bNxVwLmCg9meLvDUUrOMYEjlXUtstjvY01C6%2BWGG0dR8T6s2OCV14ch4uF8uyh%2FelIMXvrheA5KkzcEqPuXzaQ%3D%3D
pro.nettrafficeasy.co/ Name: u
Value: 014f84fa280d0f191c3642d288af602f
admoustache.media-412.com/ Name: afclick
Value: 6424c0b146e5e60001c864f2
yeah.achelous.mobi/ Name: AWSALB
Value: wIpRk81vkb+LI+PvU1XwY6GA1U+JCd8v2zAkElLq9BV0Vf+yqsmH8NuToZRaVOcI64rW5RkLV65XJ+1iR6SVl2XyCH5tFnOSB/vXRK67TsjdRMHkoTg89nf+YLsJ
792a9db8.linkbooster.click/ Name: AWSALB
Value: H4amNh3gakHKNeTXhyVWYQTC9/iTQvRxbf+WxvkR1VBBDPHWkyHIzz/9g2i665uVuQETGEFmgishLxxHVd5/oTjfIl6dA3OFJR/gS6qDcETPTPzU8z5gnQKOicqh
track.gositego.live/ Name: afclick
Value: 6424c0b37c23bd0001137b1f
.linkbooster.click/ Name: __cf_bm
Value: pursn4EotwvzMCf6chDAvcgWXI9bDRtlGhY7voCpN5c-1680130227-0-AU2MYzfoqzn7Z+hJeHn2KriWXG0jrHtXXPd0vzrdHOVuS4vqW7Dd3eczZSjPLgofLfv280VpHPciWWuM16vzXcc3QUW39fG/rRboSUnjhQHGoILmvhpJI5CtQYcTNtR24g==
irugu.cogliatu.com/ Name: AWSALB
Value: adZiKn1gzbY0HMircKLPGtloJjHgUTsoyh+yxmolGpYUKV2TxrpxZqjhqHO59LkUH1WVrln2RwBewjWyxY69gS9EomQaOT2KhRuMw8Te6U3M84oFJhN3+RE3L4tx
.cogliatu.com/ Name: __cf_bm
Value: YEF.kGVG2tepcfG3BdT5VtHuDHmFZPtMbJNRA.Dws_M-1680130227-0-AT+h1gI7m/g1/yBBmw50VVWxOcRNN87UvhsIevz6t76C1tXjUe4Dcl1/DMEH3BWsgbKlnF42fQnuy81mBcKrbzkMU6ngAJWGIrf/Y4iQityBrhU7Uy3Hi1MpTzTdrsF1uw==
b191f85c.myofferplus.com/ Name: AWSALB
Value: 4460T4uwu7oEwMLNcf7D/aGs99/9wNNRjs+SdDWRl45JbFt8Nwra9Qobv2ju3bivsZye90GXYcwAhBggimOFWt4IVf3165+UHX4GgPV3DOxErPnPysFO90UfmUjB
ozil.glumiville.com/ Name: u
Value: fdb9e503bb1181ebba63a9a330ca9267
.cpa.a03seftrk.click/ Name: d81073d5-83e0-40bd-85b2-d15b61f0e14f-v4
Value: WsCmDT773rU3OTHtu6kjpXxvRDOcDjW-BTWpQcqAfsA
.cpa.a03seftrk.click/ Name: cep-v4
Value: l787lKkQUQphuQ2vygsu_ZI4X6rs9IslfZvBapzuNVz9Rb4sRcmpcslAng01aagIklM4e7pZB-sgrl8LUNM-lXUxz2HnZv_33uIgfAAxTmeOdQivXfTgCasbmN2IDoyQsZlPcAkkbcyQbEGdxmqXKQelm30qLpjaKDl8nMsLO8sVdDkgdjmNAfE7B94JxTWNhrJNwaIF5MqgCCCEvUc_6QiLp0rrYfEQaj8ujL1rGzGvRdhWFYBGzFQyR23-DLq3BlnF39ia6qtKaMSsnzb0fp9UCpKc6nEVrZFbqP7iOk8Nj8ziDzm7AL2oyphCMW7REstbt8XHD_H4Vo_XfQ4QI4lDgCZkHmHheawZZo0FAax_F0AZJwG4r1FyOnIZqqJbO0DQTMWeCp6PENeo2RjLfYQHuLImfjeOJenB9KUe0LChEDJ0TnpIA9R3RMZ6b31anBm_O-9q3ibXXif5-5mTLBXa1OXCDGK8R0A2WqWD8Gww3Qr4e-UsVjdWofRN0mFC507T_r_wz1HbThYvq1plt1SUyEFhUTzgRtq6I5LiaqUkj8VeQgRuwpamzBBY0QgJnRZ2JTReF8TqxPTsy0TvfRXQzCDKjMQfEMF7A24sIb4
122208dat.giveawy.click/ Name: HstCfa4735387
Value: 1680130229570
122208dat.giveawy.click/ Name: HstCla4735387
Value: 1680130229570
122208dat.giveawy.click/ Name: HstCmu4735387
Value: 1680130229570
122208dat.giveawy.click/ Name: HstPn4735387
Value: 1
122208dat.giveawy.click/ Name: HstPt4735387
Value: 1
122208dat.giveawy.click/ Name: HstCnv4735387
Value: 1
122208dat.giveawy.click/ Name: HstCns4735387
Value: 1
122208dat.giveawy.click/ Name: c_ref_4735387
Value: https%3A%2F%2Fozil.glumiville.com%2F

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

122208dat.giveawy.click
1680130223.m-wlmw.com
792a9db8.linkbooster.click
admoustache.media-412.com
ajax.googleapis.com
b191f85c.myofferplus.com
c.adups.app
cdn-server.info
cdn.addlnk.com
cpa.a03seftrk.click
ebaaa.xyz
i.imgur.com
irugu.cogliatu.com
ozil.glumiville.com
perserymanked.com
pro.nettrafficeasy.co
reletinglablets.com
s10.histats.com
s4.histats.com
static.cloudflareinsights.com
stats.g.doubleclick.net
track.gositego.live
ucaba.live
www.google-analytics.com
www.turbotrck.art
yeah.achelous.mobi
static.cloudflareinsights.com
stats.g.doubleclick.net
146.75.120.193
149.56.240.27
174.138.122.163
18.158.88.249
18.195.23.231
185.66.200.222
185.66.200.225
185.66.201.7
185.66.201.8
2606:4700:3035::ac43:9efb
2a00:1450:4001:810::200e
2a00:1450:4001:82b::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
34.141.179.97
34.147.1.177
46.105.201.240
51.68.81.31
67.212.184.149
69.175.50.35
04818041cdc24c94144b0a64f4a4e1d68bcc3cce102deaf7d1f0979d31808916
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3fd6e9854575bc848c2f710ad91467f789c5aa24d9e6a92388f181aee0f04ff6
4f6e256b4e129680faf26775d652ad04b23d7ac2ab11aa0c981c0474ed99d23b
5771ab0e0fcd9ebe6b950b94c1e02571e16d0190ac546357deabe96f4881baee
5e5071e51454fd90398a90441be2ed87c24e60b1872b2f5ef16d3205ecef05c9
68efeddff06a914480b0662c49c8268a522758b6b65dc1d164a78041a52cd00b
7174aef79948dcddd21ace6b4e7aa38664250b04d6073a2015b09954d2275472
77ece214075324c5d52dfd61e441fd129813b500f8fdcdc638c91f4632d2db8c
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8db9b3ef29f637df50accd542219114ee8beffc05c9576244bc8a0dff3d2566e
9e5343a55e150e13fbf5651e5ffa976b6a8029be6ce9ad50ef533a05d2163245
9fc93210a180cb5bebd2c6da2e9e138fcca7408b8cd27c8b6eac7793a4dc10d3
a6649beec8794e22ec38db4321474bdbe4383b5e372d2a3a5f06a32cdf76fdce
a812a964a0c9bb877bef84a50c970084c6942f41150e4381a5ff08536f421eb1
c27c37caaba03b76378147ebf7e84a59b98ab7f15548fa9c129d69da68c4532f
f090e3cf61112bd785fd81ae8cf5c530a444242373e10a57262acc397ee96396
f541d74b2b7d78580fe4abd4ab7d086e0584a9858c42606fc64a8406cbdf7a52