urlscan.io logo urlscan.io
SecurityTrails logo

1d6cd5dfcf5.winsites.net Open in urlscan Pro
94.237.93.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://youtube.0z52.dev/
Effective URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YW...
Submission: On August 01 via manual from FR — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 12 domains to perform 19 HTTP transactions. The main IP is 94.237.93.242, located in Finland and belongs to UPCLOUD, FI. The main domain is 1d6cd5dfcf5.winsites.net.
TLS certificate: Issued by R3 on June 10th 2022. Valid for: 3 months.
This is the only time 1d6cd5dfcf5.winsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 162.0.217.76 22612 (NAMECHEAP...)
1 1 64.227.23.114 14061 (DIGITALOC...)
3 67.212.173.77 32475 (SINGLEHOP...)
2 3 51.68.81.31 16276 (OVH)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.248.110.148 14061 (DIGITALOC...)
1 94.237.103.119 202053 (UPCLOUD)
8 94.237.93.242 202053 (UPCLOUD)
1 5.9.127.233 24940 (HETZNER-AS)
19 7
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
youtube.0z52.dev
1    162.0.217.76 (Amsterdam, Netherlands)

ASN22612 (NAMECHEAP-NET, US)
PTR: business156-5.web-hosting.com
1ie.ca
1    64.227.23.114 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
polo.thegadgetguru.club
3    67.212.173.77 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
www2.redirectmaster.com
3    51.68.81.31 (France)

ASN16276 (OVH, FR)
www.offermyvist.com
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
admoustache.go2affise.com
4    2606:4700:3032::6815:1cae (United States)

ASN13335 (CLOUDFLARENET, US)
zring.jukminung.com
1    2606:4700:3033::6815:1446 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    104.248.110.148 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
intrap.xyz
1    94.237.103.119 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
125f6fc0faa1.clicks4tc.com
8    94.237.93.242 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-93-242.de-fra1.upcloud.host
1d6cd5dfcf5.winsites.net
1    5.9.127.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.233.127.9.5.clients.your-server.de
register.push.dog
Apex Domain
Subdomains		 Transfer
8 winsites.net
1d6cd5dfcf5.winsites.net
140 KB
4 jukminung.com
zring.jukminung.com
24 KB
3 offermyvist.com
www.offermyvist.com — Cisco Umbrella Rank: 709273
6 KB
3 redirectmaster.com
www2.redirectmaster.com
7 KB
1 push.dog
register.push.dog — Cisco Umbrella Rank: 192547
8 KB
1 clicks4tc.com
125f6fc0faa1.clicks4tc.com
2 KB
1 intrap.xyz
intrap.xyz — Cisco Umbrella Rank: 382415
386 B
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 241028
1 KB
1 go2affise.com
admoustache.go2affise.com — Cisco Umbrella Rank: 193673
214 B
1 thegadgetguru.club
polo.thegadgetguru.club — Cisco Umbrella Rank: 526272
406 B
1 1ie.ca
1ie.ca
688 B
1 0z52.dev
youtube.0z52.dev
589 B
19 12
Domain Requested by
8 1d6cd5dfcf5.winsites.net 1d6cd5dfcf5.winsites.net
4 zring.jukminung.com www.offermyvist.com
www2.redirectmaster.com
zring.jukminung.com
3 www.offermyvist.com 2 redirects www2.redirectmaster.com
3 www2.redirectmaster.com www2.redirectmaster.com
1 register.push.dog 1d6cd5dfcf5.winsites.net
1 125f6fc0faa1.clicks4tc.com zring.jukminung.com
1 intrap.xyz 1 redirects
1 cdn.addlnk.com zring.jukminung.com
1 admoustache.go2affise.com 1 redirects
1 polo.thegadgetguru.club 1 redirects
1 1ie.ca 1 redirects
1 youtube.0z52.dev 1 redirects
19 12

This site contains no links.

Subject Issuer Validity Valid
www2.redirectmaster.com
R3		 2022-05-22 -
2022-08-20		 3 months crt.sh
www.offermyvist.com
R3		 2022-07-03 -
2022-10-01		 3 months crt.sh
*.jukminung.com
E1		 2022-07-20 -
2022-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
*.clicks4tc.com
R3		 2022-06-17 -
2022-09-15		 3 months crt.sh
*.winsites.net
R3		 2022-06-10 -
2022-09-08		 3 months crt.sh
*.push.dog
R3		 2022-06-03 -
2022-09-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Frame ID: 1DE711087E72B96FBA6BF9C13D1E5F67
Requests: 16 HTTP requests in this frame

Frame: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1659355200
Frame ID: CC03106410C5FB61302495EE3CE3AD02
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Win dit Apple iPhone 13 Pro Max!

Page URL History Show full URLs

  1. https://youtube.0z52.dev/ HTTP 302
    https://1ie.ca/d560292bb9279ebbb462 HTTP 302
    https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
    https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream... Page URL
  2. https://www2.redirectmaster.com/?utm_term=7126920357058969691&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  3. https://www2.redirectmaster.com/proc.php?3528a0e3f2837e00799a00e33d7f9e73ae41ba13 Page URL
  4. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website... Page URL
  5. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website... HTTP 302
    https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website... HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330006cd8a1a4da23fda5143a732e1a9... HTTP 302
    https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503 Page URL
  6. https://intrap.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pub22ee42a6386845b8b5888b99f64... HTTP 302
    https://125f6fc0faa1.clicks4tc.com/?p=8005&media_type=mainstream&click_id=1_7c7bea2e524810eb9c060f7df3ea6f14&su... Page URL
  7. https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

12
Domains

12
Subdomains

7
IPs

5
Countries

187 kB
Transfer

462 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://youtube.0z52.dev/ HTTP 302
    https://1ie.ca/d560292bb9279ebbb462 HTTP 302
    https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
    https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9 Page URL
  2. https://www2.redirectmaster.com/?utm_term=7126920357058969691&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
  3. https://www2.redirectmaster.com/proc.php?3528a0e3f2837e00799a00e33d7f9e73ae41ba13 Page URL
  4. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90 Page URL
  5. https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=016285c06a8a9c1566494ec690d756a6&eyer=0.07465788959513131&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www2.redirectmaster.com HTTP 302
    https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=3&eyer=0.07465788959513131&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www2.redirectmaster.com HTTP 302
    https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330006cd8a1a4da23fda5143a732e1a9beef60801-202208-flb*5504646-65846*M7126920357058969691*sl_5504646-65846*6a170ad4ca895dee0b5fb99e6dd9fdc5e7bbb066*4400-34849da0*4400 HTTP 302
    https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503 Page URL
  6. https://intrap.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pub22ee42a6386845b8b5888b99f6451ed9&sub_id=f31e77b4 HTTP 302
    https://125f6fc0faa1.clicks4tc.com/?p=8005&media_type=mainstream&click_id=1_7c7bea2e524810eb9c060f7df3ea6f14&sub_id=f31e77b4 Page URL
  7. https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://youtube.0z52.dev/ HTTP 302
  • https://1ie.ca/d560292bb9279ebbb462 HTTP 302
  • https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global HTTP 302
  • https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9
Request Chain 4
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=016285c06a8a9c1566494ec690d756a6&eyer=0.07465788959513131&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www2.redirectmaster.com HTTP 302
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90&eyeg=3&eyer=0.07465788959513131&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=www2.redirectmaster.com HTTP 302
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330006cd8a1a4da23fda5143a732e1a9beef60801-202208-flb*5504646-65846*M7126920357058969691*sl_5504646-65846*6a170ad4ca895dee0b5fb99e6dd9fdc5e7bbb066*4400-34849da0*4400 HTTP 302
  • https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
Request Chain 8
  • https://intrap.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pub22ee42a6386845b8b5888b99f6451ed9&sub_id=f31e77b4 HTTP 302
  • https://125f6fc0faa1.clicks4tc.com/?p=8005&media_type=mainstream&click_id=1_7c7bea2e524810eb9c060f7df3ea6f14&sub_id=f31e77b4

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www2.redirectmaster.com/
Redirect Chain
  • https://youtube.0z52.dev/
  • https://1ie.ca/d560292bb9279ebbb462
  • https://polo.thegadgetguru.club/?k=6d693537584456d56cecd5b1b43e5eff&type=mainstream&subtype=global
  • https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b6...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.212.173.77 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 Aug 2022 14:50:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www2.redirectmaster.com/?utm_term=7126920357058969691&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Aug 2022 14:50:54 GMT
Location
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9
Server
nginx/1.16.1 (Ubuntu)
/
www2.redirectmaster.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.redirectmaster.com/?utm_term=7126920357058969691&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by
Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.212.173.77 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
f04c6aa6c0da4e0679b2a06fe2b09e13c8811d087672c2c2e4da746f93f5ec66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 01 Aug 2022 14:50:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
proc.php
www2.redirectmaster.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.redirectmaster.com/proc.php?3528a0e3f2837e00799a00e33d7f9e73ae41ba13
Requested by
Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/?utm_term=7126920357058969691&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.212.173.77 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/8.0.11
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Referer
https://www2.redirectmaster.com/?utm_term=7126920357058969691&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 Aug 2022 14:50:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-powered-by
PHP/8.0.11
/
www.offermyvist.com/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Requested by
Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/proc.php?3528a0e3f2837e00799a00e33d7f9e73ae41ba13
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www2.redirectmaster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 01 Aug 2022 14:50:55 GMT
Transfer-Encoding
chunked
a91581ead4
zring.jukminung.com/rc/
Redirect Chain
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd838...
  • https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330006cd8a1a4da23fda5143a732e1a9beef60801-202208-flb*5504646-65846*M7126920357058969691*sl_5504646-65846*6a170ad4ca895d...
  • https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
Requested by
Host: www.offermyvist.com
URL: https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538f6eccdb6727d1cff7648e6caf65db8a718db9b478dab627b3784f456e3766

Request headers

Referer
https://www.offermyvist.com/?sl=5504646-65846&data1=Track1&data2=Track2&tag=M7126920357058969691&website=4400-34849da0&placement=4400&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf0f1f1fff4fde8efe9edecefe5ebea90
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
733f6393b8ca9250-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 01 Aug 2022 14:50:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXuTW9icZHLQqwJQ3enj95PQuly2t7i8Z1uO3NN3aD1wvR20XNEc9BagbbSKSwBbKJtStEu%2FgHgWKDWJmL2OGbOo4ixj2zLUBZ%2FgNqqzcFFgn0dD2JDqTpqPqRl8kyRt7PTor4OM4pCjjnYIWQxpTmgD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Mon, 01 Aug 2022 14:50:55 GMT
location
https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
server
nginx
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:1446 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:50:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3996
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XNY18XA6S3WK5DAJ
x-amz-id-2
NQdTp7hbNGww8RXfn+ou11DJIuBy1qrvnnrt1ldq89UQPFfU5cGU0SUBiY+oT2hHzgDQUuF6VYc=
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBrmxjyLFMHDdQYeIomLplkWvD3xeyJ4CHjTaUpjvaDk99APVEpGJFRxH93bf%2FG1HaUHBDOO8mAji66jdPy%2B%2B84Ni1rTOXq1NcM2c9mz25%2FaORh%2FzzD0WjvHyxGt7SomJMkS2U26NajOskZ3cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
733f63952c60b87f-AMS
cf-bgj
minify
invisible.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame CC03 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1659355200
Requested by
Host: www2.redirectmaster.com
URL: https://www2.redirectmaster.com/?utm_medium=9c35b5222fc2ff0fe1ebd5f2cf75ff10bf245093&utm_campaign=Mainstream_agress&cid=05bbf7b655270dae9873ee5ae03483b9&data4=31.204.153.182&1=1658&clickid=05bbf7b655270dae9873ee5ae03483b9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53cff6b6837c61d7c90da62e4eb29abb3664a58a43c6791269f78c1318af8443

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:50:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLW4b2%2BDzTUgpblxv8oOTmkevo2UBxGKmD29Upa%2BJ31uImuqe%2BB33hjr7Yr3EmByzDpY7DudxhGMhR%2FMMAJK2yWygaECSiJK8mC7JNoMyKTKZTW4XhAQOiz2%2Frj%2FK9rrN13iqFCG2905XqjMc%2B7Zmj9Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
733f63958aed9250-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame CC03 		20 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:50:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgeusSaFVmWCHTT%2FACQYtkS8UOyBvDPfXniDlkEY3AqnzUVYI0LpN9WCzwzQJO20bL6gj%2Bp7Wez8CktCsBKTgTQM%2FvcghRW1QJWRynJ3QATcvQSbkxEQduv1a3xAlVDrnRXWh3AAojDR9N7HldkrcEeK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
733f6395eb649250-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
125f6fc0faa1.clicks4tc.com/
Redirect Chain
  • https://intrap.xyz/redirects?offer_id=13&affiliate_id=9&click_id=pub22ee42a6386845b8b5888b99f6451ed9&sub_id=f31e77b4
  • https://125f6fc0faa1.clicks4tc.com/?p=8005&media_type=mainstream&click_id=1_7c7bea2e524810eb9c060f7df3ea6f14&sub_id=f31e77b4
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://125f6fc0faa1.clicks4tc.com/?p=8005&media_type=mainstream&click_id=1_7c7bea2e524810eb9c060f7df3ea6f14&sub_id=f31e77b4
Requested by
Host: zring.jukminung.com
URL: https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.103.119 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-103-119.de-fra1.upcloud.host
Software
/
Resource Hash
d6226eb53b52bf0029c6f5876934618285e60e6330cb8166dc825cd4f27fd98f

Request headers

Referer
https://zring.jukminung.com/rc/a91581ead4?affclick=62e7e84f2b98f0000197329a&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 Aug 2022 14:50:57 GMT
expires
Mon, 1 Aug 2022 14:50:57 GMT
last-modified
Mon, 1 Aug 2022 14:50:57 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

cache-control
max-age=0, must-revalidate, private
content-type
text/html; charset=UTF-8
date
Mon, 01 Aug 2022 14:50:56 GMT
expires
Mon, 01 Aug 2022 14:50:56 GMT
location
https://125f6fc0faa1.clicks4tc.com/?p=8005&media_type=mainstream&click_id=1_7c7bea2e524810eb9c060f7df3ea6f14&sub_id=f31e77b4
server
nginx/1.18.0 (Ubuntu)
transfer-encoding
chunked
733f6393b8ca9250
zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame CC03 		2 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/733f6393b8ca9250
Requested by
Host: zring.jukminung.com
URL: https://zring.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1659355200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 Aug 2022 14:50:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylNCkcA6C%2Bzl68I%2BJATILYZVmmiicbQDwh%2Bw2DNogrcI%2F1N4hVQB9r9N4YDhBgIvUsTqaeEYqUt%2B4BSIrr2vofJZis8lH5oAzYEFl8k0Z%2BWrOZgm6audodZH8QrzAu09gJHhxJGYeKyaPSC7u6f6UOK9"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
733f6397de5b910c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request push-win
1d6cd5dfcf5.winsites.net/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
d2bcd6e5374c56bf0309a9a5a48012fc5ab6ef679e0689770ba457c5ac85f953

Request headers

Referer
https://125f6fc0faa1.clicks4tc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 01 Aug 2022 14:50:57 GMT
vary
Accept-Encoding
app.css
1d6cd5dfcf5.winsites.net/css/ 		69 B
329 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1d6cd5dfcf5.winsites.net/css/app.css?id=2fbe2d9a9a40ca9b2489
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
94d8599586a5ee9c62dc15b45ca083b69d060d0c12bf2be3673b19a9820216ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 07:30:22 GMT
etag
W/"62df980e-45"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Tue, 01 Aug 2023 14:50:57 GMT
app.css
1d6cd5dfcf5.winsites.net/css/landers/push-win/ 		780 B
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1d6cd5dfcf5.winsites.net/css/landers/push-win/app.css?id=f7b4762fa5748dd37913
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
aef82b1b79183e681d7ec8889c4bd700eb8e4788f78a960cfeaf1e4269cad75c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 07:30:22 GMT
etag
W/"62df980e-30c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Tue, 01 Aug 2023 14:50:57 GMT
default@0.5x.png
1d6cd5dfcf5.winsites.net/img/prizes/iphone-13-pro-max/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1d6cd5dfcf5.winsites.net/img/prizes/iphone-13-pro-max/default@0.5x.png
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
3f353422651766fc84c1be953bead3b92e7c7bfbf794f8277bff2cd12d0d1ebd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
last-modified
Tue, 26 Jul 2022 07:27:17 GMT
etag
"62df9755-18b1"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
6321
expires
Tue, 01 Aug 2023 14:50:57 GMT
pub.min.js
register.push.dog/js/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register.push.dog/js/pub.min.js
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.9.127.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.233.127.9.5.clients.your-server.de
Software
/
Resource Hash
b69db96d7e3f63fd9b26376211009c6bf14b90397d85389488404b004a14f11f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 14:50:57 GMT
cache-control
no-cache, private
content-encoding
gzip
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
app.js
1d6cd5dfcf5.winsites.net/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1d6cd5dfcf5.winsites.net/js/app.js?id=d75b4cfe9b4f0f2f3a56
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
0a9b16afee4ee7fa81b369cfe3d69c3a6d4ff580726b9d9c10f398deb2fc3c22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 07:30:22 GMT
etag
W/"62df980e-4891"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Tue, 01 Aug 2023 14:50:57 GMT
private.js
1d6cd5dfcf5.winsites.net/js/ 		187 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1d6cd5dfcf5.winsites.net/js/private.js?id=283bbb9239a516ffb8f5
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
69993bddaa120d79d2dd15ffe476c21c88f93cf13319a2ea925695e3da73fad7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 07:30:22 GMT
etag
W/"62df980e-2ec57"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Tue, 01 Aug 2023 14:50:57 GMT
app.js
1d6cd5dfcf5.winsites.net/js/landers/push-win/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1d6cd5dfcf5.winsites.net/js/landers/push-win/app.js?id=67bf27b1cad5ae49729a
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
45f1d2720d19fe2bb39c826d7281b9dda2c28be1275b450b16fb1258ce1a9868

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 07:30:22 GMT
etag
W/"62df980e-217cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Tue, 01 Aug 2023 14:50:57 GMT
background.jpg
1d6cd5dfcf5.winsites.net/img/prizes/iphone-13-pro-max/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1d6cd5dfcf5.winsites.net/img/prizes/iphone-13-pro-max/background.jpg
Requested by
Host: 1d6cd5dfcf5.winsites.net
URL: https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-93-242.de-fra1.upcloud.host
Software
/
Resource Hash
a09d3ee1b6d0abdc486199a3c27af0072b49f1997c8fd53719c75902bfce940a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1d6cd5dfcf5.winsites.net/push-win?ctrack=1659365457.2044969238&traffic=eyJpdiI6IkJGdmkwRko4TThuYWJTeWZnVzlcL1dnPT0iLCJ2YWx1ZSI6Im1LUTNINXhhMkE5aTZvRzd1bGhaTHRJbXIwVTNKREZCMWZ2XC8zbUFVQndLUW9Qc0FVVytwWjlxU3NcL3JPZDh3ViIsIm1hYyI6ImE2NWYwM2VhOGFiZWEwNzkzYTFhMDg2NWI4OGRjOWMxNjFiMTY3YWI0NDgwNTE3Njk2MGM5YWFmYTlkYTA5YzAifQ%3D%3D&out=eyJpdiI6IklzVW1uVU1OV3hmZWc0RVBWb1Irb1E9PSIsInZhbHVlIjoiRWR0OUx1c09ab2wxVmhhbUU3YjJSbVNoR3FaT2dVNVJjRXdTZGRpRlY0dWo5YmhwS1VBKzBjeXNOVVJnbWdcL3NTakg5a1RtT3ZUQnA2SXhZMzc0eHBNT1dEY3I5U2R1U2ZsWW9XZVwveDVDVzFTUEtkWFdnb256TFNEaFpkb3IxUE1qNU5vblY5eXc2VjBZZnhQc0ZIYXc9PSIsIm1hYyI6Ijk4M2FmZjM4YmE2ZDgwNGRlOGU5MTg1MjEwOTc5NjZkMWNjMzM5MWIzMzA0MDE4MWU0YTI1OTA5NmE5OGNkNzEifQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Aug 2022 14:50:57 GMT
last-modified
Tue, 26 Jul 2022 07:27:17 GMT
etag
"62df9755-2c0e"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11278
expires
Tue, 01 Aug 2023 14:50:57 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| view object| pd_options object| __SENTRY__ object| DeviceAtlas object| subscriber

11 Cookies

Domain/Path Name / Value
www2.redirectmaster.com/ Name: u
Value: 3f51acc981d206973194055328ac248c
admoustache.go2affise.com/ Name: afclick
Value: 62e7e84f2b98f0000197329a
zring.jukminung.com/ Name: AWSALB
Value: IMiKaCUqluYcJVTUFmmAxm4Uo6G12EwFKcBH/RQBYYlQSN96d2zIxDMLmV7KJGN/GbUhBRMgU6x5qSMLZaBDXzyVo55mG3QQ4/hDbwKKFpYh4zLe09yAVmDr9WYY
.jukminung.com/ Name: __cf_bm
Value: 3NYoPpuV_5isZpV1NxVdp5IJBOoQjWkTzwP9wBc21H4-1659365456-0-AT5+2EUPOL8yALplg2kFUXJl0+xcoISEAGzJGYvmJxhj6l0fyy9eL46nckwOT8IKVg6o6M21LMmO/rnLtQQTN7s/ft3bk9BNu98TJe3V3c5jn9vtxbXjf1BLWFzDlUjGeQ==
.125f6fc0faa1.clicks4tc.com/ Name: rts-trck
Value: 1
.clicks4tc.com/ Name: t-uuid
Value: 5vr0phv2n6sysl8ppw3cwwswc
.clicks4tc.com/ Name: traffic-visited-offers
Value: %7C%7C162708%7Cunspecified
.clicks4tc.com/ Name: traffic-back
Value: ok
1d6cd5dfcf5.winsites.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IllNNGMzaEIrdURHc3ZCSGJMeC9GakE9PSIsInZhbHVlIjoibFRDZ2YvNFdwamZldXZxV01DOEljcnRuZUNVbzVSeVJMQUd1ZnNDbDNYN0RKQWhtNUQzT3oxY1ZKTDRtNXpSeXdraWdKV1Q2R0xpdkZRTEdVY3RzVmdOSG02MXNsTStORElzY2RobkFGVnZSZi8rajB3Vm5xZjVqK0M0ak9pMEsiLCJtYWMiOiIwNjY1OTg1YWZlMjlhMzhkMjEyN2Y0MmYwM2Q4ZTc1NGJlN2UwNzIwZTVmNDg1ZTQ1YWNkMDc4MjI1NDVlNmQ5IiwidGFnIjoiIn0%3D
1d6cd5dfcf5.winsites.net/ Name: traffic_prelanders_session
Value: eyJpdiI6IlAxOHRZMjlncFZxRU5zM3pEY3hLaWc9PSIsInZhbHVlIjoiR3g2QmR0SHZ1Zkc2TXF4Rmh3Um1DbGpaNGhYd25CK3dwK090dmRTWEhYVnE1ZHZ4K24rbWZNQnBTWk5wMTRLdlErbnZtVUVUYk1KSDlLV3hqYmtTVjhsdElibDZ4VVg3N1ZmM0cxeGY4WDV2S1BFaHRYSXBWa0xhaUFINjJRWHQiLCJtYWMiOiJjOGVjNGQwNGI1ZGM3NjZkMGNlZWJjOWE5Y2MyNjk5ODkxZWU1YTE4NDZjMzJhMzUxNGVlZmJkYjlkNTJmNDMxIiwidGFnIjoiIn0%3D
1d6cd5dfcf5.winsites.net/ Name: DvKPJBw9MtIQJIoHjP6EnoM9f0ErXpH0SZmdkvO2
Value: eyJpdiI6Im05RGc4akNWYkNNRFg5OG5RNnVvbkE9PSIsInZhbHVlIjoiWUgvcTVDa3dWQ0NmM0Y0YW4xaktsMHFIQjdMY0lTVXdROGxaaGZhQURhRDQrRWRNekp0SFc3Q2NxbGkvZGtsbCtCdGtqMjVibGNicmZQYjNUVjZGWnlYdHpFVmRmdGpiL0FqT2hIcFRwemNYaEdlWUptRHQ1b05mL3JYeVRwSEtJaU8rbGlZSnJydmJ0eXQyS2NPR1BCQmZLR2FEbFY5TWwwNGc0bGduRzZER1hNWG92WGgyZ2hCd25POWY5NzNkQkEwVWEzeXBCNE5jUXMwVjlpNmZubm0ySk5tYUxvdFdBV0graW5FQTNZMGp3cEhSdnpQcTBOUjdlVzJDMkhtMXZKNExjamxMR0xxcDd2L05ja1N2ZnpveS83RG1Cbys4eHJkSUZQVDRZZVgyQUFXQ1Y4UllkRmtRdk5SRkZraEg4VTF4cjRBbTk5ZCsxM2UrS09DczcraUFseEpPdlI1ZmgwdnZRMTA5Rko1Rnl3SWVBQ3lqTllOMVV4WFlETmZxMTI0ZkVGcGlEYlhVb2pGRTgweVRNbEhiNnZSTUdiZUtzWGhFSm8rUzRmL2R2eHZDc2JEd2ZEd1JuQXFnQ3BoYWRCZTV1QzhoQTdOVzcyYVBqRG9vb2M0MUxWSXYxNVoyUkVMY2RFU215QllKUll0M2wxeDlMTys1di9EOWVjWjFaUWZNQnRkUVlYWUtoOUdWN09vc0pRTE5RNTRjRDBEZjJMSTFJUjcxREpONzdrQ2NlSTdHa0Via1pKQjBkajhNY01OeFNWbUQ0MjVlSjRvKzBPUkZSZE5xVFB6VWIvaGh1SUZQUmd3UXFUK3U1NVdpYTBrZnNnWGJ6Slpmc1pESVNLTHZjejNJNng4VDY1K0V1MnZiVjNmQ0ZhZVRkQXRtODVjelRzNTJrcEQyenM4RXJ4N1dKcnJyUUluTFpOVW1nVkVjeHVlNS8wYlUyY2R6b1J3OTYvN1RCNmRmb2FzRUNxdHozL1BweGtNaGhSQTYvTEFuNGtwQjE5VzNmNkhGVDMrcDJuaFc2b3c0NWgxSzRYbDIyWktzN1BZa2RxbDFMWG9KZDdVaWc0MDhna2k4M0MyN2YrREx0SWYwQmhaU3dqYmJpRExwcHFaK0p3Q0xhWGRoMkJBaFNEQUFOeVJVQkY0QlJwS1F6OTM4K1d6L0tWMk4xZTVtZVJGK05WNVNJRkJ2TnBlTm1xek96OU00ZmZIdEtpUmhNTzcvbEZXb2owY2plendnTG5uZGNzbjRSeEhMU05scWJVeEdKRUxTZzFxNHNCRlAzbmd0S3F0NkU4UkJxWjJkRlcxRGxjMGQ0VmY3SlZLZjJOWTlXSVl0V081eTU3QWJnZVBtZ3NDTi8vWkQ5TWJodGZrSzB0ZHhhWjJsb2hXbm01ZnlmS1M0MnN3R3JYRW41Y1lFMFIvVVIxQ0V0RUVFV1FhM203MndhanZTVFBSZmtXRGpzQTNpWFIwektETzdENGV6cVgveUJkeS96OUdoVUxRMUVaRjB1blNQVExmLzAxajJoclYzaVRRWlV3ekM4dTlFeWhCUGYvcURqb3NxZXBKc1MxcHJDbUVxUFZzTDRzd3U3dzN1YXFIQUpTbFMyNFBRUVc3VFczVWNLdC9wdEQ3REp4Q2s4S2w2b2RYclVjcnRhY0tDMzdlL1g2aWpOWXpBZ25CSnJWTVM5Wm9TWkZtbzJMYW4iLCJtYWMiOiIwZTZiOWNiYmM4NjQxZGM5NzcxMTgxNTVjZTZiYTljODZlMGZjMGRkZWFmYWJjYWU0MGE3ZWFjN2FjYjYwNmRlIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

125f6fc0faa1.clicks4tc.com
1d6cd5dfcf5.winsites.net
1ie.ca
admoustache.go2affise.com
cdn.addlnk.com
intrap.xyz
polo.thegadgetguru.club
register.push.dog
www.offermyvist.com
www2.redirectmaster.com
youtube.0z52.dev
zring.jukminung.com
104.248.110.148
162.0.217.76
2606:4700:3032::6815:1cae
2606:4700:3033::6815:1446
2a06:98c1:3120::c
34.90.46.36
5.9.127.233
51.68.81.31
64.227.23.114
67.212.173.77
94.237.103.119
94.237.93.242
0a9b16afee4ee7fa81b369cfe3d69c3a6d4ff580726b9d9c10f398deb2fc3c22
3f353422651766fc84c1be953bead3b92e7c7bfbf794f8277bff2cd12d0d1ebd
45f1d2720d19fe2bb39c826d7281b9dda2c28be1275b450b16fb1258ce1a9868
538f6eccdb6727d1cff7648e6caf65db8a718db9b478dab627b3784f456e3766
53cff6b6837c61d7c90da62e4eb29abb3664a58a43c6791269f78c1318af8443
69993bddaa120d79d2dd15ffe476c21c88f93cf13319a2ea925695e3da73fad7
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
94d8599586a5ee9c62dc15b45ca083b69d060d0c12bf2be3673b19a9820216ea
a09d3ee1b6d0abdc486199a3c27af0072b49f1997c8fd53719c75902bfce940a
aef82b1b79183e681d7ec8889c4bd700eb8e4788f78a960cfeaf1e4269cad75c
b69db96d7e3f63fd9b26376211009c6bf14b90397d85389488404b004a14f11f
d2bcd6e5374c56bf0309a9a5a48012fc5ab6ef679e0689770ba457c5ac85f953
d6226eb53b52bf0029c6f5876934618285e60e6330cb8166dc825cd4f27fd98f
f04c6aa6c0da4e0679b2a06fe2b09e13c8811d087672c2c2e4da746f93f5ec66